• Title/Summary/Keyword: Dynamic Threat

Search Result 80, Processing Time 0.026 seconds

Component Analysis of DevOps and DevSecOps (DevOps와 DevSecOps의 컴포넌트 분석)

  • Hong, Jin-Keun
    • Journal of the Korea Convergence Society
    • /
    • v.10 no.9
    • /
    • pp.47-53
    • /
    • 2019
  • This paper is analyzed of the characteristics of development operations and development security operations of the software and product, and the use analysis tools from a software code perspective. Also, it is emphasized the importance of human factors and the need to strengthen them, when considering security design rules. In this paper, we consider a secure process for managing change, focusing on fast and accurate decision-making in terms of procedural factors, when considering development security operations. In addition, the paper discussed the need for maturity model analysis in relation to the development security operating characteristics, and analyzed the meaning of the analysis elements through detailed procedures for the strength and integration elements of the dynamic and static elements accordingly. The paper also analyzed factors such as scanning activity and code analysis for threat modeling and compliance and control.

Graph Database Design and Implementation for Ransomware Detection (랜섬웨어 탐지를 위한 그래프 데이터베이스 설계 및 구현)

  • Choi, Do-Hyeon
    • Journal of Convergence for Information Technology
    • /
    • v.11 no.6
    • /
    • pp.24-32
    • /
    • 2021
  • Recently, ransomware attacks have been infected through various channels such as e-mail, phishing, and device hacking, and the extent of the damage is increasing rapidly. However, existing known malware (static/dynamic) analysis engines are very difficult to detect/block against novel ransomware that has evolved like Advanced Persistent Threat (APT) attacks. This work proposes a method for modeling ransomware malicious behavior based on graph databases and detecting novel multi-complex malicious behavior for ransomware. Studies confirm that pattern detection of ransomware is possible in novel graph database environments that differ from existing relational databases. Furthermore, we prove that the associative analysis technique of graph theory is significantly efficient for ransomware analysis performance.

A Local Path Planning for Unmanned Aerial Vehicle on the Battlefield of Dynamic Threats (동적인 위협이 존재하는 전장에서의 무인 항공기 지역경로계획)

  • Kim, Ki-Tae;Nam, Yong-Keun;Cho, Sung-Jin
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.35 no.1
    • /
    • pp.39-46
    • /
    • 2012
  • An unmanned aerial vehicle (UAV) is a powered aerial vehicle that does not carry a human operator, uses aerodynamic forces to provide vehicle lift, can fly autonomously or be piloted remotely, can be expendable or recoverable, and can carry a lethal or non-lethal payload. An UAV is very important weapon system and is currently being employed in many military missions (surveillance, reconnaissance, communication relay, targeting, strike, etc.) in the war. To accomplish UAV's missions, guarantee of survivability should be preceded. The main objective of this study is a local path planning to maximize survivability for UAV on the battlefield of dynamic threats (obstacles, surface-to-air missiles, radar etc.). A local path planning is capable of producing a new path in response to environmental changes. This study suggests a $Smart$ $A^*$ (Smart A-star) algorithm for local path planning. The local path planned by $Smart$ $A^*$ algorithm is compared with the results of existing algorithms ($A^*$ $Replanner$, $D^*$) and evaluated performance of $Smart$ $A^*$ algorithm. The result of suggested algorithm gives the better solutions when compared with existing algorithms.

A Study on the Variable and Dynamic Salt According to Access Log and Password (접속로그와 패스워드에 따른 가변 및 동적솔트에 관한 연구)

  • Jeong, Jinho;Cha, Youngwook;Kim, Choonhee
    • Journal of Korea Multimedia Society
    • /
    • v.24 no.1
    • /
    • pp.58-66
    • /
    • 2021
  • The user's password must be encrypted one-way through the hash function and stored in the database. Widely used hash functions such as MD5 and SHA-1 have also been found to have vulnerabilities, and hash functions that are considered safe can also have vulnerabilities over time. Salt enhances password security by adding it before or after the password before putting it to the hash function. In the case of the existing Salt, even if it is randomly assigned to each user, once it is assigned, it is a fixed value in a specific column of the database. If the database is exposed to an attacker, it poses a great threat to password cracking. In this paper, we suggest variable-dynamic Salt that dynamically changes according to the user's password during the login process. The variable-dynamic Salt can further enhance password security during login process by making it difficult to know what the Salt is, even if the database or source code is exposed.

GRASP Algorithm for Dynamic Weapon-Target Assignment Problem (동적 무장할당 문제에서의 GRASP 알고리즘 연구)

  • Park, Kuk-Kwon;Kang, Tae Young;Ryoo, Chang-Kyung;Jung, YoungRan
    • Journal of the Korean Society for Aeronautical & Space Sciences
    • /
    • v.47 no.12
    • /
    • pp.856-864
    • /
    • 2019
  • The weapon-target assignment (WTA) problem is a matter of effectively allocating weapons to a number of threats. The WTA in a rapidly changing dynamic environment of engagement must take into account both of properties of the threat and the weapon and the effect of the previous decision. We propose a method of applying the Greedy Randomized Adaptive Search Procedure (GRASP) algorithm, a kind of meta-heuristic method, to derive optimal solution for a dynamic WTA problem. Firstly, we define a dynamic WTA problem and formulate a mathematical model for applying the algorithm. For the purpose of the assignment strategy, the objective function is defined and time-varying constraints are considered. The dynamic WTA problem is then solved by applying the GRASP algorithm. The optimal solution characteristics of the formalized dynamic WTA problem are analyzed through the simulation, and the algorithm performance is verified via the Monte-Carlo simulation.

Investigation of lateral impact behavior of RC columns

  • Anil, Ozgur;Erdem, R. Tugrul;Tokgoz, Merve Nilay
    • Computers and Concrete
    • /
    • v.22 no.1
    • /
    • pp.123-132
    • /
    • 2018
  • Reinforced concrete (RC) columns which are the main vertical structural members are exposed to several static and dynamic effects such as earthquake and wind. However, impact loading that is sudden impulsive dynamic one is the most effective loading type acting on the RC columns. Impact load is a kind of impulsive dynamic load which is ignored in the design process of RC columns like other structural members. The behavior of reinforced concrete columns under impact loading is an area of research that is still not well understood; however, work in this area continues to be motivated by a broad range of applications. Examples include reinforced concrete structures designed to resist accidental loading scenarios such as falling rock impact; vehicle or ship collisions with buildings, bridges, or offshore facilities; and structures that are used in high-threat or high-hazard applications, such as military fortification structures or nuclear facilities. In this study, free weight falling test setup is developed to investigate the behavior effects on RC columns under impact loading. For this purpose, eight RC column test specimens with 1/3 scale are manufactured. While drop height and mass of the striker are constant, application point of impact loading, stirrup spacing and concrete compression strength are the experimental variables. The time-history of the impact force, the accelerations of two points and the displacement of columns were measured. The crack patterns of RC columns are also observed. In the light of experimental results, low-velocity impact behavior of RC columns were determined and interpreted. Besides, the finite element models of RC columns are generated using ABAQUS software. It is found out that proposed finite element model could be used for evaluation of dynamic responses of RC columns subjected to low-velocity impact load.

Dynamic performance of girder bridges with explosion-proof and aseismic system

  • Wang, Jingyu;Yuan, Wancheng;Wu, Xun;Wei, Kai
    • Structural Engineering and Mechanics
    • /
    • v.61 no.3
    • /
    • pp.419-426
    • /
    • 2017
  • Recently, the transportation of dangerous explosive goods is increasing, which makes vehicle blasting accidents a potential threat for the safety of bridge structures. In addition, blasting accidents happen more easily when earthquake occurs. Excessive dynamic response of bridges under extreme loads may cause local member damage, serviceability issues, or even failure of the whole structure. In this paper, a new explosion-proof and aseismic system is proposed including cable support damping bearing and steel-fiber reinforced concrete based on the existing researches. Then, considering one 40m-span simply supported concrete T-bridge as the prototype, through scale model test and numerical simulation, the dynamic response of the bridge under three conditions including only earthquake, only blast load and the combination of the two extreme loads is obtained and the applicability of this explosion-proof and aseismic system is explored. Results of the study show that this explosion-proof and aseismic system has good adaptability to seism and blast load at different level. The reducing vibration isolation efficiency of cable support damping bearing is pretty high. Increasing cables does not affect the good shock-absorption performance of the original bearing. The new system is good at shock absorption and displacement limitation. It works well in reducing the vertical dynamic response of beam body, and could limit the relative displacement between main girder and capping beam in different orientation so as to solve the problem of beam falling. The study also shows that the enhancement of steel fibers in concrete could significantly improve the blast resistance of main beam. Results of this paper can be used in the process of antiknock design, and provide strong theoretical basis for comprehensive protection and support of girder bridges.

Meltdown Threat Dynamic Detection Mechanism using Decision-Tree based Machine Learning Method (의사결정트리 기반 머신러닝 기법을 적용한 멜트다운 취약점 동적 탐지 메커니즘)

  • Lee, Jae-Kyu;Lee, Hyung-Woo
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.6
    • /
    • pp.209-215
    • /
    • 2018
  • In this paper, we propose a method to detect and block Meltdown malicious code which is increasing rapidly using dynamic sandbox tool. Although some patches are available for the vulnerability of Meltdown attack, patches are not applied intentionally due to the performance degradation of the system. Therefore, we propose a method to overcome the limitation of existing signature detection method by using machine learning method for infrastructures without active patches. First, to understand the principle of meltdown, we analyze operating system driving methods such as virtual memory, memory privilege check, pipelining and guessing execution, and CPU cache. And then, we extracted data by using Linux strace tool for detecting Meltdown malware. Finally, we implemented a decision tree based dynamic detection mechanism to identify the meltdown malicious code efficiently.

An Analysis on the Performance of the Close-In-Weapon-System Using Absorbing Markov Chains (흡수 마코프체인을 활용한 함정 근접무기체계 효과성 분석)

  • Kim, Seong-Woo;Yoon, Bong-Kyoo
    • Journal of the Korea Institute of Military Science and Technology
    • /
    • v.17 no.6
    • /
    • pp.733-743
    • /
    • 2014
  • Since the technology of anti-ship missiles has advanced rapidly, defending battleships from the threat of anti-ship missiles is a crucial factor for the survival of warships. In this paper, we analyze the performance of an anti-ship missile defense system whose name is Close-In-Weapon-System. We show the survival probability of a warship equipped with the Close-In-Weapon-System as the number of anti-ship missiles attacking the warship varies. Because of the complex and dynamic operational characteristics surrounding the Close-In-Weapon-System such as speed of missiles, different range of an individual weapon in the weapon system, and the continuous change of the kill probability of the missiles corresponding to the distance of missiles from ships, few work has been done for the performance of Close-In-Weapon-System. We present a model to incorporate all the dynamic characteristics of the system using absorbing Markov Chain. With our results, we expect commanders of warships equipped with Close-In-Weapon-System to be provided with more helpful information on how to deal with the anti-ship missiles.

China's Contribution to Recent Convergence and Integration among the Asian Economies

  • Das, Dilip K.
    • East Asian Economic Review
    • /
    • v.17 no.1
    • /
    • pp.55-79
    • /
    • 2013
  • The objective of this article is to explore the economic relationship between China and the surrounding dynamic Asian economies. It delves into China's influence over the Asian economies and whether this relationship is a market-led or de facto symbiosis. The three principal channels of regional integration analyzed in this article are trade, FDI and vertically integrated production networks. They are essentially based on the activities of the private-sector in these economies. China methodically expanded and deepened its economic ties with the regional neighbors. At the present juncture, China's integration with the surrounding Asia is deep. Another issue that this article explores is the so-called China "threat" or "fear" in Asia. It implies that China is crowding out exports of the other Asian economies in the world market place. Also, as China has become the most attractive FDI destination among the developing countries, it is apprehended that China is receiving FDI at the expense of the Asian economies. These concerns were examined by several empirical studies, and the inference is that they are exaggerated. This article concludes that the private-sector business activities in China and other rapidly growing Asian economies were (and are) instrumental in bringing together the production structures and real economies. The result is both convergence and integration among the dynamic Asian economies. Over the years China and its Asian neighbors has developed a close and symbiotic economic relationship and a de facto regional integration.