• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.9-23
• /
• 2020

Microsoft's Windows system is widely used as an operating system for the desktops and enterprise servers of companies or organizations, and is a major target of cyber attacks. Microsoft provides various protection technologies and strives for defending the attacks through periodic security patches, however the threats such as DLL injection and process injection still exist. In this paper, we analyze 12 types of injection techniques in Microsoft Windows, and perform injection attack experiments on four application programs. Through the results of the experiments, we identify the risk of injection techniques, and verify the effectiveness of the mitigation technology for defending injection attacks provided by Microsoft. As a result of the experiments, we have found that the current applications are vulnerable to several injection techniques. Finally, we have presented the mitigation techniques for these injection attacks and analyzed their effectiveness.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.108-110
• /
• 2021

Since 2015, attacks using the IoT protocol have been continuously reported. Among various IoT protocols, attackers attempt DDoS attacks using SSDP(Simple Service Discovery Protocol), and as statistics of cyber shelters, Korea has about 1 million open SSDP servers. Vulnerable SSDP servers connected to the Internet can generate more than 50Gb of traffic and the risk of attack increases gradually. Until recently, distributed denial of service attacks and distributed reflective denial of service attacks have been a security issue. Accordingly, the purpose of this study is to analyze the request packet of the existing SSDP protocol to identify an amplification attack and to avoid a response when an amplification attack is suspected, thereby preventing network load due to the occurrence of a large number of response packets due to the role of traffic reflection amplification.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2022.11a
• /
• pp.366-368
• /
• 2022

지구온난화에 따른 우리나라 주변 환경의 변화와 최근 중국 불법 어선의 연근해 어업 자원의 고갈 등으로 인해 우리나라 연근해 어족자원을 보호할 필요성이 증대되고 있으며, 지속 가능한 어업을 위해서는 어획물의 종류와 양을 정확히 파악하고 불법 어업에 대한 철저한 감시 및 관리가 필요하다. 이러한 시공간적으로 다양하게 변하는 생태 및 어장 환경 정보와 선박에 대한 정보를 통해 해양관측과 위성 원격탐사를 동시에 이용함으로써 근해와 원양 생물자원 실태를 관측하는 것이 가능하다. 본 연구에서는 NOAA-20 위성의 VIIRS (Visible Infrared Imaging Radiometer Suite) DNB (Day & Night Band) 영상을 기반으로 추정한 야간 불빛 자료를 활용하고자 한다. DNB 불빛 영상은 낮은 조도의 불빛을 감지하여 그 정보를 보여 준다. 야간 불빛 자료에 포함된 구름 부분을 마스킹하기 위해 NASA의 신규알고리즘이 적용된JPSS-JRR-CloudMask 기술을 이용하였다. 이번 연구에서는 구름의 영향이 없는 날짜를 선별한 후 AIS 정보에서 어선의 정보를 추출하여 검증 자료로 사용하였다. 실제 선박의 정보를 이용한 위성 불빛 자료의 검증을 통해 위성자료의 신뢰성을 확보하고 향후 불빛과 선단 규모의 상관관계 분석 및 어선의 분포 경향 분석을 통하여 우리나라의 어장환경 분석에 활용 가능할 것으로 기대한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.6
• /
• pp.61-67
• /
• 2023

The rise of 5G and the proliferation of smart devices have underscored the significance of multi-access edge computing (MEC). Amidst this trend, interest in effectively processing computation-intensive and latency-sensitive applications has increased. This study investigated a novel task offloading strategy considering the probabilistic MEC environment to address these challenges. Initially, we considered the frequency of dynamic task requests and the unstable conditions of wireless channels to propose a method for minimizing vehicle power consumption and latency. Subsequently, our research delved into a deep reinforcement learning (DRL) based offloading technique, offering a way to achieve equilibrium between local computation and offloading transmission power. We analyzed the power consumption and queuing latency of vehicles using the deep deterministic policy gradient (DDPG) and deep Q-network (DQN) techniques. Finally, we derived and validated the optimal performance enhancement strategy in a vehicle based MEC environment.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.29 no.6
• /
• pp.659-665
• /
• 2023

The exciter of a ship generator adjusts the magnetic flux through excitation current control to maintain the output terminal voltage constant. The voltage controller inside the exciter typically uses a proportional integral control method. however, the response characteristics determined by the gain and time constant produce unwanted output owing to an inappropriate setting value that can reduce the quality and stability of power within the ship. In this study, a neural network circuit is learned using stable input/output data that can be obtained through the AC4A type exciter model provided by IEEE, and the simulation is performed by replacing the existing proportional integral control type voltage controller with the learned neural network circuit controller. Consequently, overshooting was improved by up to 9.63% compared with that of the previous model, and excellence in stable response characteristics was confirmed.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.1
• /
• pp.111-119
• /
• 2024

In this paper, we propose a big data platform that can collect information from various sources collected at ocean. Currently operating ocean-related big data platforms are focused on storing and sharing created data, and each data provider is responsible for data collection and preprocessing. There are high costs and inefficiencies in collecting and integrating data in a marine environment using communication networks that are poor compared to those on land, making it difficult to implement related infrastructure. In particular, in fields that require real-time data collection and analysis, such as weather information, radar and sensor data, a number of issues must be considered compared to land-based systems, such as data security, characteristics of organizations and ships, and data collection costs, in addition to communication network issues. First, this paper defines these problems and presents solutions. In order to design a big data platform that reflects this, we first propose a data source, hierarchical MEC, and data flow structure, and then present an overall platform structure that integrates them all.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.3
• /
• pp.11-20
• /
• 2024

Among the generative models in Artificial Intelligence (AI), especially Generative Adversarial Network (GAN) has been successful in various applications such as image processing, density estimation, and style transfer. While the GAN models including Conditional GAN (CGAN), CycleGAN, BigGAN, have been extended and improved, researchers face challenges in real-world applications in specific domains such as disaster simulation, healthcare, and urban planning due to data scarcity and unstable learning causing Image distortion. This paper proposes a new progressive learning methodology called Progressive Step Training (PST) based on the Auxiliary Classifier GAN (ACGAN) that discriminates class labels, leveraging the progressive learning approach of the Progressive Growing of GAN (PGGAN). The PST model achieves 70.82% faster stabilization, 51.3% lower standard deviation, stable convergence of loss values in the later high resolution stages, and a 94.6% faster loss reduction compared to conventional methods.

• Journal of Platform Technology
• /
• v.12 no.3
• /
• pp.55-61
• /
• 2024

As the digital environment becomes more complex and cyber attacks become more sophisticated, the importance of data protection is emerging. As various security threats such as data leakage, system intrusion, and authentication bypass increase, secure key management is emerging. Key Management System (KMS) manages the entire encryption key life cycle procedure and is used in various industries. There is a need for a key management system that considers requirements suitable for the environment of various industries including public and finance. The purpose of this paper is to derive the characteristics of the key management system for each industry by comparing and analyzing key management systems used in representative industries. As for the research method, information was collected through literature and technical document analysis and case analysis, and comparative analysis was conducted by industry sector. The results of this paper will be able to provide a practical guide when introducing or developing a key management system suitable for the industrial environment. The limitations are that the analyzed industrial field was insufficient and experimental verification was insufficient. Therefore, in future studies, we intend to conduct specific performance tests through experiments, including key management systems in various fields.

• The Journal of Society for e-Business Studies
• /
• v.21 no.2
• /
• pp.47-59
• /
• 2016

Parcel service is to deliver goods from one place to the designated destination requested according to user request. Parcel operations such as sorting, distributing, etc. or the managed information are heterogeneous by the companies. Additionally, it is impossible to support interoperability between companies with unformatted data of manual processing. Most parcel package boxes attached to paper typed waybill is attached is delivered to consignee. So, security problems such as personal information leaking are occurred, or extra processing time and logistics costs are needed due to wrong or the damaged information. Business environment of parcel service is rapidly changed as introducing unmanned delivery or the advanced technology such as Internet of Things. User want to know the accurate status or steps from parcel service request to delivery. To provide these requirements, the unified and integrated waybill information for reliable transportation of parcel service is needed. This information will provide to pickup or delivery carrier, warehouse or terminal, and parcel service user per pickup, transport, and delivery stage of parcel delivery service. Therefore, this paper defines the simplified and unified information model for parcel service waybill by analyzing information systems used for logistics unit processes that is occurred to parcel service, and manual work processes, and developing the relevant information of work flows occurred between business processes or transactions with the collected or processed information by from parcel service's stages. It is possible to share these standard model between business entities, and replacing paper typed waybill will improve national life safety as preventing security threats by paper typed waybill. As a result, it will promote the public interest from the stakeholder's perspective.

• Journal of Korean Society of Disaster and Security
• /
• v.9 no.2
• /
• pp.87-91
• /
• 2016

In recent years, lots of damages appear frequently due to cyber terrorism and natural disasters such as typhoon 'Chaba', earthquake at Kyeongju. The damages lead to people's anxiety and public institutions connected directly with them also can't be free from the threat situation. In addition, public institutions must prepare business continuity issues with the highest priority in the event of disasters because they are closest with people's safety. However, preceding researches suggest needs of disaster mitigation activities management system or central office oriented top-down BCP establishing system. In this study, We grasp the current status of public institutions's business continuity plan(BCP) against disaster and we propose an efficient bottom-up method for structuring the BCP of public institutions.