• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.10
• /
• pp.3750-3770
• /
• 2021

This study investigates open-source dynamic XSS filters used as security devices in web applications to account for the effectiveness of filters in protecting against XSS attacks. The experiment involves twelve representative filters, which are examined individually by placing them into the final output function of a custom-built single-input-form web application. To assess the effectiveness of the filters in their tasks of sanitizing XSS payloads and in preserving benign payloads, a black-box testing method is applied using an automated XSS testing framework. The result in working with malicious and benign payloads shows an important trade-off in the filters' tasks. Because the filters that only check for dangerous or safe elements, they seem to neglect to validate their values. As some safe values are mistreated as dangerous elements, their benign payload function is lost in the way. For the filters to be more effective, it is suggested that they should be able to validate the respective values of malicious and benign payloads; thus, minimizing the trade-off. This particular assessment of XSS filters provides important insight regarding the filters that can be used to mitigate threats, including the possible configurations to improve them in handling both malicious and benign payloads.

• Proceedings of the KIEE Conference
• /
• 2001.11b
• /
• pp.73-76
• /
• 2001

This paper presents a new systematic contingency selection, screening and ranking method for on-line transient security assessment. Transient stability of a particular generator is influenced most by fault near it. Fault at the transmission lines adjacent to the generators are selected as contingency. Two screening methods are developed using the sensitivity of modal synchronizing torque coefficient and computing an approximate critical clearing time(CCT) without time simulation. The first method, which considers only synchronizing power, may mislead in some cases since it does not consider the acceleration power. The approximate CCT method, which consider both the acceleration and deceleration power, worked well. Finally the Single Machine Equivalent(SIME) method is implemented using IPLAN of PSS/E for detailed stability analysis.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.1-12
• /
• 2022

Besides unexpected growth perceived by IoT's, the variety and volume of threats have increased tremendously, making it a necessity to introduce intrusion detections systems for prevention and detection of such threats. But Intrusion Detection and Prevention System (IDPS) inside the IoT network yet introduces some unique challenges due to their unique characteristics, such as privacy inference, performance, and detection rate and their frequency in the dynamic networks. Our research is focused on the privacy inferences of existing intrusion prevention and detection system approaches. We also tackle the problem of providing unified a solution to implement the open-source IDPS in the IoT architecture for assessing the performance of IDS by calculating; usage consumption and detection rate. The proposed scheme is considered to help implement the human health monitoring system in IoT networks

• Journal of the Korea Institute of Military Science and Technology
• /
• v.17 no.1
• /
• pp.41-49
• /
• 2014

In this paper, we consider a method to access the number of aircraft requirement which is a strategic variable in national security. This problem becomes more important considering the F-X and KF-X project in ROKAF. Traditionally, ATO(Air Tasking Order) and fighting power index have been used to evaluate the number of aircrafts required in ROKAF. However, those methods considers static aspect of aircraft requirement. This paper deals with a model to accommodate dynamic feature of aircraft requirement using absorbing Markov chain. In conclusion, we suggest a dynamic model to evaluate the number of aircrafts required with key decision variables such as destroying rate, failure rate and repair rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.779-791
• /
• 2021

Common web services have been continuously targeted by hackers due to an access control policy that must be allowed to an unspecified number of people. In order to cope with this situation, companies regularly check web vulnerabilities and take measures according to the risk of discovered vulnerabilities. The risk of these web vulnerabilities is calculated through preliminary statistics and self-evaluation of domestic and foreign related organizations. However, unlike static diagnosis such as security setting and source code, web vulnerability check is performed through dynamic diagnosis. Even with the same vulnerability item, various attack results can be derived, and the degree of risk may vary depending on the subject of diagnosis and the environment. In this respect, the predefined risk level may be different from that of the actual vulnerability. In this paper, to improve this point, we present a web vulnerability risk assessment model based on the attack result centering on the cyber kill chain.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.17 no.3
• /
• pp.127-137
• /
• 2003

Contingency analysis is one of the most important tasks encountered by planning and operation of lafe scale power systems. This paper describes a new contingency analysis methods for small signal security assessment based on the eigen-sensitivity/perturbation of the electromechanical oscillation modes. The eigen-sensitivity/perturbation with respect to line suceptances and controller parameters can he used to find possible sources of the system instability, and to select contingency for small signal stability. Also, the contingency selection to identify critical generators for MW changes can be obtained by computing the relative movement of the system oscillation modes. The proposed algorithm has been successfully tested on the KEPCO systems which is comprised of 791-bus, 1575-branch and program PSS/E

• Smart Structures and Systems
• /
• v.30 no.6
• /
• pp.557-569
• /
• 2022

Vibration-based structural health monitoring (SHM) is crucial for the dynamic maintenance of civil building structures to protect property security and the lives of the public. Analyzing these vibrations with modern artificial intelligence and deep learning (DL) methods is a new trend. This paper proposed an unsupervised deep learning method based on a convolutional autoencoder (CAE), which can overcome the limitations of conventional supervised deep learning. With the convolutional core applied to the DL network, the method can extract features self-adaptively and efficiently. The effectiveness of the method in detecting damage is then tested using a benchmark model. Thereafter, this method is used to detect damage and instant disaster events in a rubber bearing-isolated gymnasium structure. The results indicate that the method enables the CAE network to learn the intact vibrations, so as to distinguish between different damage states of the benchmark model, and the outcome meets the high-dimensional data distribution characteristics visualized by the t-SNE method. Besides, the CAE-based network trained with daily vibrations of the isolating layer in the gymnasium can precisely recover newly collected vibration and detect the occurrence of the ground motion. The proposed method is effective at identifying nonlinear variations in the dynamic responses and has the potential to be used for structural condition assessment and safety warning.

• Nuclear Engineering and Technology
• /
• v.54 no.3
• /
• pp.948-958
• /
• 2022

Since reliability and security of man-machine system increasingly depend on reliability of human, human reliability analysis (HRA) has attracted a lot of attention in many fields especially in nuclear engineering. Dependence assessment among human tasks is a important part in HRA which contributes to an appropriate evaluation result. Most of methods in HRA are based on experts' opinions which are subjective and uncertain. Also, the dependence influencing factors are usually considered to be constant, which is unrealistic. In this paper, a new model based on Dempster-Shafer evidence theory (DSET) and fuzzy number is proposed to handle the dependence between two tasks in HRA under uncertain and dynamic situations. First, the dependence influencing factors are identified and the judgments on the factors are represented as basic belief assignments (BBAs). Second, the BBAs of the factors that varying with time are reconstructed based on the correction BBA derived from time value. Then, BBAs of all factors are combined to gain the fused BBA. Finally, conditional human error probability (CHEP) is derived based on the fused BBA. The proposed method can deal with uncertainties in the judgments and dynamics of the dependence influencing factors. A case study is illustrated to show the effectiveness and the flexibility of the proposed method.

• The Transactions of the Korean Institute of Electrical Engineers A
• /
• v.50 no.5
• /
• pp.225-233
• /
• 2001

SIME(SIngle Machine Equivalent) method has been recognized as a useful tool to determine transient stability of power systems. In this paper, SIME method is used to develop the KEPCO transient stability assessment (TSA) tool. A new screening algorithm that can be implemented in SIME method is proposed. The salient feature of the proposed screening algorithm is as follows. First, critical generators are identified by a new index in the early stage of the time domain simulation. Thus, computational time required to find OMIB(One Machine Infinite Bus) can be reduced significantly. Second, clustering critical machines can be performed even in very stable cases. It enables to be avoid extra calculation of time trajectory that is needed in SIME for classifying the stable cases. Finally, using power-angle trajectory and subdividing contingency classification have improved the screening capability. This algorithm is applied to the fast TSA of the KEPCO system.

• Journal of Electrical Engineering and Technology
• /
• v.7 no.6
• /
• pp.845-851
• /
• 2012

Power system loads have a significant impact on a system. Although it is difficult to precisely describe loads in a mathematical model, accurately modeling them is important for a system analysis. The traditional load modeling method is based on the load components of a bus. Recently, the load modeling method based on measurements from a system has been introduced and developed by researchers. The two major components of a load modeling problem are determining the mathematical model for the target system and estimating the parameters of the determined model. We use the composite load model, which has both static and dynamic load characteristics. The ZIP model and the induction motor model are used for the static and dynamic load models, respectively. In this work, we propose the measurement-based parameter estimation method for the composite load model. The test system and related measurements are obtained using transient security assessment tool(TSAT) simulation program and PSS/E. The parameter estimation is then verified using these measurements. Cases are tested and verified using the sample system and its related measurements.