• Journal of the Korea Society for Simulation
• /
• v.22 no.4
• /
• pp.49-55
• /
• 2013

Recently the CGF/SAF (Computer Generated Force / Semi-Automated Force) technology has been getting attention to deal with the increasing complexity in a DM&S(Defence Modeling and Simulation) environment. OneSAF is one of well-known CGF/SAF systems, however, it is not able to support the DEVS framework which is an advanced discrete event based modeling and simulation environment. Especially, most DM&S systems in Korea has been developed on the basis of the DEVS framework. In this paper, we have proposed the agent-based SAF design methodology and tool for supporting DEVS M&S environment. The proposed SAF modeling tool is divided into two parts; the agent modeling part and SAF modeling part. In the agent modeling environment, the modeler can simply create the agent model by writing down the necessary rules. It also provides the agent testing environment so that the modeler maybe conveniently verify the prescribed agent model. The SAF model is finally created by combing the individual agents based on the pre-defined structure. DM&S engineers will be able to employ our tools and modeling methodology to design the DEVS-based DM&S system to be developed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.657-667
• /
• 2020

The Android framework allows apps to take full advantage of personal information through granting single permission, and does not determine whether the data being leaked is actual personal information. To solve these problems, we propose a tool with static/dynamic analysis. The tool analyzes the Source and Sink used by the target app, to provide users with information on what personal information it used. To achieve this, we extracted the Source and Sink through Control Flow Graph and make sure that it leaks the user's privacy when there is a Source-to-Sink flow. We also used the sensitive permission information provided by Google to obtain information from the sensitive API corresponding to Source and Sink. Finally, our dynamic analysis tool runs the app and hooks information from each sensitive API. In the hooked data, we got information about whether user's personal information is leaked through this app, and delivered to user. In this process, an automated Source/Sink classification model was applied to collect latest Source/Sink information, and the we categorized latest release version of Android(9.0) with 88.5% accuracy. We evaluated our tool on 2,802 APKs, and found 850 APKs that leak personal information.

• The Transactions of the Korea Information Processing Society
• /
• v.6 no.11
• /
• pp.3020-3033
• /
• 1999

Role-Based Access Control(RBAC) security policy is being widely accepted not only as an access control policy for information security but as both a natural modeling tool for management structure of organizations and flexible permission management framework in various commercial environments. Important functions provided by the current RBAC model are to administrate the information on the components of RBAC model and determine whether user's access request to information is granted or not, and most researches on RBAC are for defining the model itself, describing it in formal method and other important properties such as separation of duty. As the current RBAC model which does not define the definition, design and operation for applications is not suitable for automated information systems that consist of various applications, it is needed that how applications should be designed and then executed based on RBAC security model. In this paper, we describe dynamic properties of session which is taken for a passive entity only activated by users, as a vehicle for building and executing applications in an automated information systems. And, a framework for session-oriented separation of duty property, application design and operation is also presented.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.1
• /
• pp.99-118
• /
• 2013

Electrocardiograms (ECGs) are widely used by clinicians to identify the functional status of the heart. Thus, there is considerable interest in automated systems for real-time monitoring of arrhythmia. However, intra- and inter-patient variability as well as the computational limits of real-time monitoring poses significant challenges for practical implementations. The former requires that the classification model be adjusted continuously, and the latter requires a reduction in the number and types of ECG features, and thus, the computational burden, necessary to classify different arrhythmias. We propose the use of adaptive learning to automatically train the classifier on up-to-date ECG data, and employ adaptive feature selection to define unique feature subsets pertinent to different types of arrhythmia. Experimental results show that this hybrid technique outperforms conventional approaches and is therefore a promising new intelligent diagnostic tool.

• Korean Journal of Computational Design and Engineering
• /
• v.9 no.2
• /
• pp.93-101
• /
• 2004

In mechanical design, optimization procedures have mostly been implemented solely by CAE codes combined by optimization routine, in which the model is built, analyzed and optimized. In the complex geometries, however, CAD is indispensable tool for the efficient and accurate modeling. This paper presents a method to carry out optimization, in which CAD and CAE are used for modeling and analysis respectively and integrated in an optimization routine. Application Programming Interface (API) function is exploited to automate CAD modeling, which enables direct access to CAD. The advantage of this method is that the user can create very complex object in Parametric and automated way, which is impossible in CAE codes. Unigraphics and ANSYS are adopted as CAD and CAE tools. In ANSYS, automated analysis is done using codes made by a script language, APDL(ANSYS Parametric Design Language). Optimization is conducted by VisualDOC and IDESIGN respectively. As an illustrative example, a mold design problem is studied, which is to minimize temperature deviation over a diagonal line of the surface of the mold in contact with hot glass.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.639-653
• /
• 2013

Smart grid is a network of computers and power infrastructure that monitor and manage energy usage efficiently. Recently, the smart grid demonstration projects around the world, including the United States, Europe, Japan, and the technology being developed. The protection of the many components of the grid against cyber-threats has always been critical, but the recent Smart grid has been threatened by a variety of cyber and physical attacks. We model and analyze advanced metering infrastructure(AMI) in smart grid. Using attack countermeasure tree(ACT) we show qualitative and probabilistic security analysis of AMI. We implement using SHARPE(Symbolic Hierarchical Automated Reliability and Performance Evaluator) tool and calculate probability, ROA, ROI, Structure Importance, Birnbaum Importance.

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 1995.10a
• /
• pp.214-218
• /
• 1995

Much labor, an exceedingly long lead time, and the skills of experienced engineers are required for press tool design. To reduce such problems, several CAD systems for blanking or piercing have been developed. This paper describes a computer-aided design for blanking or piercing of irregularly shaped sheet metal products. An approach to the system is based on knowledge base rules. The process planning & die design system is designed by considering several factors, such as complexity of blank geometry, punch profile, and availability of press equipment and standard parts. Therefore, after checking a production feasibility for irregular shaped sheet metal products, this system which is implemented strip layout module can carry out a process planning and generate the strip layout in graphic forms. Also this system implemented die layout module can carry out a die design for each process which is obtained form the result of an automated process planning and generate parts and assembly drawing of a die set.

• International Journal of Contents
• /
• v.13 no.1
• /
• pp.38-44
• /
• 2017

Increased use of software and complexity of software functions, as well as shortened software quality evaluation periods, have increased the importance and necessity for automation of software testing. Automating software testing by using machine learning not only minimizes errors in manual testing, but also allows a speedier evaluation. Research on machine learning in automated software testing has so far focused on solving special problems with algorithms, leading to difficulties for the software developers and testers, in applying machine learning to software testing automation. This paper, proposes a new machine learning framework for software testing automation through related studies. To maximize the performance of software testing, we analyzed and categorized the machine learning algorithms applicable to each software test phase, including the diverse data that can be used in the algorithms. We believe that our framework allows software developers or testers to choose a machine learning algorithm suitable for their purpose.

• Journal of Information Technology Applications and Management
• /
• v.17 no.3
• /
• pp.1-24
• /
• 2010

Most of enterprises depend on a data modeler during developing their management information systems. In formulating business requirements for information systems, they widely and naturally use the interview method between a data modeler and a field worker. But, the discrepancy between both parties would certainly cause information loss and distortion that lead to let the systems not faithful to real business works. To improve or avoid modeler-dependant data modeling process, many automated data design CASE tools have been introduced. However, since most of traditional CASE tools just support drawing works for conceptual data design, a data modeler could not generate an ERD faithful to real business works and a user could not use them without any knowledge on database. Although some CASE tools supported conceptual data design, they still required too much preliminary database knowledge for a user. Against these traditional CASE tools, we proposed a Requirement-Oriented Entity Relationship Model for automated data design tool, called ROERM. Based on Non-Stop Methodology, ROERM adopts inner systematic modules for complete and sound ERD that is faithful to real field works, where modules are composed of interaction modules with a user, rules of schema operations and sentence translations. In addition to structure design of ROERM, we also devise detailed algorithms and perform an experiment for a case study.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.8
• /
• pp.3420-3436
• /
• 2020

Due to the increasing number of malicious software (also known as malware), methods for sharing threat information are being studied by various organizations. The Malware Attribute Enumeration and Characterization (MAEC) format of malware is created by analysts, converted to Structured Threat Information Expression (STIX), and distributed by using Trusted Automated eXchange of Indicator Information (TAXII) protocol. Currently, when sharing malware analysis results, analysts have to manually input them into MAEC. Not many analysis results are shared publicly. In this paper, we propose an automated MAEC conversion technique for sharing analysis results of malicious Android applications. Upon continuous research and study of various static and dynamic analysis techniques of Android Applications, we developed a conversion tool by classifying parts that can be converted automatically through MAEC standard analysis, and parts that can be entered manually by analysts. Also using MAEC-to-STIX conversion, we have discovered that the MAEC file can be converted into STIX. Although other researches have been conducted on automatic conversion techniques of MAEC, they were limited to Windows and Linux only. In further verification of the conversion rate, we confirmed that analysts could improve the efficiency of analysis and establish a faster sharing system to cope with various Android malware using our proposed technique.