• 한국전산유체공학회지
• /
• 제18권1호
• /
• pp.28-35
• /
• 2013

Behavior of the side force generated at high angles of attack by two ogive-cylinder bodies of revolution with nose fineness ratio of 2.3 (B1) and 3.5 (B2) and the effect of a strip placed close the nose tip of each body (B1S and B2S) are analyzed through the wind tunnel test at ReD=200,000 and a=42~60 deg. The side force generated by B1 is increased by placing a strip. The side force generated by B2 is in the starboard direction and its magnitude is higher than that of the B1S. The effect of the strips with various dimensions placed on B2 is investigated. It is found that the 4-layer strip placed on the starboard reversed the direction of the side force into port direction. It is confirmed by numerical simulations that the strip promotes the flow separation and increases the average pressure on the side where it is placed and consequently produces the side force in the corresponding direction.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권1호
• /
• pp.484-510
• /
• 2017

Network security is rapidly developing, but so are attack methods. Network worms are one of the most widely used attack methods and have are able to propagate quickly. As an active defense approach to network worms, the honeynet technique has long been limited by the closed architecture of traditional network devices. In this paper, we propose a closed loop defense system of worms based on a Software-Defined Networking (SDN) technology, called Worm-Hunter. The flexibility of SDN in network building is introduced to structure the network infrastructures of Worm-Hunter. By using well-designed flow tables, Worm-Hunter is able to easily deploy different honeynet systems with different network structures and dynamically. When anomalous traffic is detected by the analyzer in Worm-Hunter, it can be redirected into the honeynet and then safely analyzed. Throughout the process, attackers will not be aware that they are caught, and all of the attack behavior is recorded in the system for further analysis. Finally, we verify the system via experiments. The experiments show that Worm-Hunter is able to build multiple honeynet systems on one physical platform. Meanwhile, all of the honeynet systems with the same topology operate without interference.

• Wind and Structures
• /
• 제21권1호
• /
• pp.105-117
• /
• 2015

This paper presents a numerical characterization of real railway overhead cables based on computational fluid dynamics (CFD). Complete analysis of the aerodynamic coefficients of this type of cross section yields a more accurate modelling of pressure loads acting on moving cables than provided by current approaches used in design. Thus, the characterization of certain selected commercial cables is carried out in this work for different wind speeds and angles of attack. The aerodynamic lift and drag coefficients are herein determined for two different types of grooved cables, which establish a relevant data set for the railway industry. Finally, the influence of this characterization on the fluid-structure interaction (FSI) is proved, the static behavior of a catenary system is studied by means of the finite element method (FEM) in order to analyze the effect of different wind angles of attack on the stiffness distribution.

• ETRI Journal
• /
• 제33권5호
• /
• pp.770-779
• /
• 2011

Security quad and cube (SQC) is a network attack analyzer that is capable of aggregating many different events into a single significant incident and visualizing these events in order to identify suspicious or illegitimate behavior. A network administrator recognizes network anomalies by analyzing the traffic data and alert messages generated in the security devices; however, it takes a lot of time to inspect and analyze them because the security devices generate an overwhelming amount of logs and security events. In this paper, we propose SQC, an efficient method for analyzing network security through visualization. The proposed method monitors anomalies occurring in an entire network and displays detailed information of the attacks. In addition, by providing a detailed analysis of network attacks, this method can more precisely detect and distinguish them from normal events.

• 정보보호학회논문지
• /
• 제31권6호
• /
• pp.1105-1114
• /
• 2021

최근 급상승한 암호 화폐의 인기로 인해 암호 화폐 채굴 악성코드인 크립토재킹 위협이 증가하고 있다. 특히 웹 기반 크립토재킹은 피해자가 웹 사이트에 접속만 하여도 피해자의 PC 자원을 사용해 암호 화폐를 채굴할 수 있으며 간단하게 채굴 스크립트만 추가하면 되기 때문에 공격이 쉽고 성능 열화와 고장의 원인이 된다. 크립토재킹은 피해자가 피해 상황을 인지하기 어렵기 때문에 크립토재킹을 효율적으로 탐지하고 차단할 수 있는 연구가 필요하다. 본 연구에서는 크립토재킹의 대표적인 감염 증상과 스크립트를 지표로 활용하여 효과적으로 크립토재킹을 탐지하는 프레임워크를 제안하고 평가한다. 제안한 크립토재킹 탐지 프레임워크에서 행위 기반 동적 분석 기법으로 컴퓨터 성능 지표를 학습한 K-Nearest Neighbors(KNN) 모델을 활용했고, 스크립트 유사도 기반 정적 분석 기법은 악성 스크립트 단어 빈도수를 학습한 K-means 모델을 크립토재킹 탐지에 활용했다. 실험 결과에 따르면 KNN 모델은 99.6%의 정확도를 보였고, K-means 모델은 정상 군집의 실루엣 계수가 0.61인 것을 확인하였다.

• Wind and Structures
• /
• 제31권6호
• /
• pp.509-522
• /
• 2020

Wind load is the principal cause for a large number of the collapse of transmission lines around the world. The transmission line is traditionally designed for wind load according to a linear equivalent method, in which dynamic effects of wind are not appropriately included. Therefore, in the present study, incremental dynamic analysis is utilized to investigate the stability behavior of a 400 kV transmission line under wind load. In that case, the effects of vibration of cables and aerodynamic damping of cables were considered on the stability behavior of the transmission line. Superposition of the harmonic waves method was used to calculate the wind load. The corresponding wind speed to the beginning of the transmission line collapse was determined by incremental dynamic analysis. Also, the effect of the yawed wind was studied to determine the critical attack angle by the incremental dynamic method. The results show the collapse mechanisms of the transmission line and the maximum supportable wind speed, which is predicted 6m/s less than the design wind speed of the studied transmission line. Based on the numerical modeling results, a retrofitting method has been proposed to prevent failure of the tower members under design wind speed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권2호
• /
• pp.295-311
• /
• 2023

Cloud computing has evolved significantly, intending to provide users with fast, dependable, and low-cost services. With its development, malicious users have become increasingly capable of attacking both its internal and external security. To ensure the security of cloud services, encryption, authorization, firewalls, and intrusion detection systems have been employed. However, these single monitoring agents, are complex, time-consuming, and they do not detect ransomware and zero-day vulnerabilities on their own. An innovative Record and Replay-based hybrid Honeynet (R2NET) system has been developed to address this issue. Combining honeynet with Record and Replay (RR) technology, the system allows fine-grained analysis by delaying time-consuming analysis to the replay step. In addition, a machine learning algorithm is utilized to cluster the logs of attackers and store them in a database. So, the accessing time for analyzing the attack may be reduced which in turn increases the efficiency of the proposed framework. The R2NET framework is compared with existing methods such as EEHH net, HoneyDoc, Honeynet system, and AHDS. The proposed system achieves 7.60%, 9.78%%, 18.47%, and 31.52% more accuracy than EEHH net, HoneyDoc, Honeynet system, and AHDS methods.

• Computers and Concrete
• /
• 제20권2호
• /
• pp.185-196
• /
• 2017

Durability problems initiated from steel corrosion are unseen but critical issues, so that many researches are focused on chloride penetration evaluation. Even if RC (Reinforced Concrete) structures are exposed to normal environment, chloride ingress varies with concrete surface conditions and exposed period. This paper presents an analysis technique for chloride behavior evaluation considering time effect on diffusion and surface conditions assumed as double-layered system. For evaluation of deteriorated surface condition, field investigation was performed for concrete pavement exposed to deicing agent for 18 years. In order to consider enhanced surface concrete, chloride profiles in surface-impregnated concretes exposed to chloride attack for 2 years from previous research were investigated. Through reverse analysis, effectively deteriorated/enhanced depth of surface and the related reduced/enlarged diffusion coefficient in the depth are simulated. The proposed analysis technique was evaluated to handle the chloride behavior more accurately considering changes of chloride ingress within surface layer and decreased diffusion coefficient with time. For the concrete surface exposed to deicing agent, the deteriorated depth and enlarged diffusion coefficient are evaluated to be 12.5~15.0 mm and 200% increasing diffusion coefficient, respectively. The results in concrete containing enhanced cover show 10.0~12.5 mm of impregnated depth and 85% reduction of chloride diffusion in tidal and submerged conditions.

• 융합정보논문지
• /
• 제11권4호
• /
• pp.55-63
• /
• 2021

최근 악성코드 발생률은 약 수만 건이 넘는 추세로, 전부 탐지/대응하는 것은 불가능에 가깝다고 알려졌다. 본 연구는 새로운 악성코드 대응방법으로 그래프 데이터베이스 기반 다중행위 패턴 탐지 기법을 제안한다. 기존 동적 분석기법과는 다른 새로운 그래프 모델을 설계하고, 대표적인 악성코드 패턴(프로세스, PE, 레지스트리 등)의 그래프 연관관계를 분석하는 방법을 적용했다. 패턴 검증 결과 기본 악성 패턴에 대한 행위 탐지와 기존 분석이 어려웠던 변종 공격행위(5단계 이상)의 탐지를 확인했다. 또한, 성능 분석결과 5단계 이상의 복잡한 패턴에 대하여 관계형 데이터베이스 대비 약 9.84배 이상 성능이 향상되었음을 확인하였다.

• 정보보호학회논문지
• /
• 제27권2호
• /
• pp.267-279
• /
• 2017

본 연구는 한 회사에서 실제 업무 중에 있는 임직원들을 대상으로 장기간 여러 차수에 걸쳐 외부 해커들이 공격하는 동일한 경로와 방식으로 피싱(phishing)메일을 발송하고, 차수가 경과됨에 따라 메일 수신자들의 피싱 메일에 대한 식별능력과 대응행동을 측정하였으며, 훈련 간 부가적으로 외부통제 조건을 변화시켜 수신자들의 대응행동이 추가적으로 어떻게 변화되는지를 분석하였다. 분석결과 단발적 훈련보다는 지속적인 훈련이 임직원들의 피싱메일 식별능력과 감염율 감소에 정(+)의 영향을 주고 있음을 확인하였으며, 사회적 이슈나 시기적 이벤트와 연계한 피싱공격에 더 많은 임직원들이 감염이 되며, 감염자에 대한 인사조치와 같은 내부통제정책 강화가 임직원들의 피싱공격 대응행동에 정(+)의 영향을 주고 있음을 확인할 수 있었다. 이러한 결과에 따라 각 기관이 임직원들의 피싱공격 대응역량 강화를 위한 올바른 훈련방향을 제시하고자 한다.