• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.7B
• /
• pp.489-498
• /
• 2005

A Denial of Sewice (DoS) attack attempts to prevent legitimate users of a sewice from being adequately served by monopolizing networks resources and, eventually, resulting in network or system congestion. This paper proposes a Minority First (MF) gateway, which is capable of guaranteeing the Quality of Service (QoS) of legitimate service traffic under DoS situations. A MF gateway can rapidly determine whether an aggregated flow is a congestion-inducer and can protect the QoS of legitimate traffic by providing high priority service to the legitimate as aggregate flows, and localize network congestion only upon attack traffic by providing low priority to aggregate flows regarded as congestion-inducer. We verify through simulation that the suggested mechanism possesses excellence in that it guarantees the QoS of legitimate traffic not only under a regular DoS occurrence, but also under a Distributed DoS (DDoS) attack which brings about multiple concurrent occurrences of network congestion.

• International Commerce and Information Review
• /
• v.14 no.1
• /
• pp.247-271
• /
• 2012

This paper finds out that the WTO's member countries' environmental measures have sometimes reflected the interests from their domestic industrial fields under the name of environmental protection. For the harmonious linkage between the trade and environments under the WTO mechanism, it is required for the concerned parties to reach the consensus for the measures to be imposed domestically and internationally, as well as the WTO's judicial efforts to make more scientific approach. Such coordination and consensus among the concerned parties to the domestic and international environments would be the efficient way to solve the conflicts between the trade and the environments, together with the WTO's more scientific approach in interpreting and applying the environmental provisions.

• International Commerce and Information Review
• /
• v.13 no.1
• /
• pp.271-298
• /
• 2011

This paper seeks the proper and efficient operation of Korea's safeguard mechanism by examining the judicial interpretation and application of the safeguard measures under the WTO Safeguard Agreement. The judicial examination is focused on the terms of "unforeseen development" in GAIT XIX, "evaluation of all relevant factors", and "clear justification of measure" in Safeguard Agreement. Such an intensive examination. of the judicial interpretation is used for the comparative analysis of the Korea's domestic provisions to find out problems in operation and the interpretative and legislative responses to them. It is found that the Korea's adaptation of the Safeguard Agreement into the domestic provisions and the operation of such provisions in the practical field have generally been consistent with the WTO's basic principles and provisions. Korea's safeguard mechanisms should stably be operated for securing the proper protection of domestic industry under certain emerging circumstances. For such policy objective to be ensured, it is legislatively required to make additional provisions in line with the appellate body's consistent interpretations of the debating issues including the term of unforeseen development.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.535-545
• /
• 2014

As the software industry has developed, the attacks making use of software vulnerability has become a big issue in society. In particular, because the attacks using the vulnerability of web browsers bypass Windows protection mechanism, web browsers can readily be attacked. To protect web browsers against security threat, research on fuzzing has constantly been conducted. However, most existing web browser fuzzing tools use a simple fuzzing technique which randomly mutates DOM tree. Therefore, this paper analyzed existing web browser fuzzing tools and the patterns of their already-known vulnerability to propose an event and command based fuzzing tool which can detect the latest web browser vulnerability more effectively. Three kinds of existing fuzzing tools were compared with the proposed tool. As a result, it was found that the event and command based fuzzing tool proposed was more effective.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.12
• /
• pp.2586-2594
• /
• 2009

A digital watermarking technique used as a protection and certifying mechanism of copyrighted creations including music, still images, and videos in terms of finding any loss in data, reproduction and pursuit. This study suggests using a selected geometric invariant point through the whole processing procedure of an image and inserting and extracting based on the invariant point so that it will be robust in a geometric transformation attack. The introduced algorithm here is based on a watershed splitting method in order to make medical images strong against RST(Rotation Scale, Translation) transformation and other processing. It also helps to maintain the watermark in images that are compressed and stored for a period of time. This algorithm also proved that is has robustness against not only JPEG compression attack, but also RST attack and filtering attack.

• The Journal of Korean Institute of Information Technology
• /
• v.16 no.11
• /
• pp.133-144
• /
• 2018

IEC 62278, the Railway System Safety Standard, requires for hazard analysis to prevent or control the hazard that the railway system may have. If hazard analysis is not performed sufficiently, there is a high probability that accidents will occur. For this reason, hazard analysis methods are actively studied. In this paper, we propose the hybrid hazard analysis method to combine two representative hazard analysis methods: reliability-based and system-theoretic. As the proposed method is complementary to existing ones, it covers both the hazard caused by failure of components and the hazard occurred from the unintended control between components. It applies to the development of a safety protection mechanism for multiple cruise control system that automatically control the speed of trains to avoid the collision among trains. As a result, we drive more safety requirements than the existing analysis methods and it turns out that the safety requirements protect the trains with respect to the identified hazards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.125-133
• /
• 2009

Security of biometric data is particularly important as the compromise of the data will be permanent. To protect the biometric data, we need to store it in a non.invertible transformed version. Thus, even if the transformed version is compromised, its valid biometric data are securely remained. Fuzzy vault mechanism was proposed to provide cryptographic secure protection of critical data(e.g., encryption key) with the fingerprint data in a way that only the authorized user can access the critical data by providing the valid fingerprint. However, all the previous results cannot operate on the fingerprint image with a few minutiae, because they use fixed degree of the polynomial without considering the number of fingerprint minutiae. To solve this problem, we use adaptive degree of polynomial considering the number of minutiae. Also, we apply multiple polynomials to operate the fingerprint with a few minutiae. Based on the experimental results, we confirm that the proposed approach can enhance the security level and verification accuracy.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.871-874
• /
• 2011

The fast emerging of network technology and the high demand of computing resources have prompted many organizations to outsource their storage and computing needs. Cloud based storage services such as Microsoft's Azure and Amazon's S3 allow customers to store and retrieve any amount of data, at anytime from anywhere via internet. The scalable and dynamic of the cloud storage services help their customer to reduce IT administration and maintenance costs. No doubt, cloud based storage services brought a lot of benefits to its customer by significantly reducing cost through optimization increased operating and economic efficiencies. However without appropriate security and privacy solution in place, it could become major issues to the organization. As data get produced, transferred and stored at off premise and multi tenant cloud based storage, it becomes vulnerable to unauthorized disclosure and unauthorized modification. An attacker able to change or modify data while data inflight or when data is stored on disk, so it is very important to secure data during its entire life-cycle. The traditional cryptography primitives for the purpose of data security protection cannot be directly adopted due to user's lose control of data under off premises cloud server. Secondly cloud based storage is not just a third party data warehouse, the data stored in cloud are frequently update by the users and lastly cloud computing is running in a simultaneous, cooperated and distributed manner. In our proposed mechanism we protect the integrity, authentication and confidentiality of cloud based data with the encrypt- then-upload concept. We modified and applied proxy re-encryption protocol in our proposed scheme. The whole process does not reveal the clear data to any third party including the cloud provider at any stage, this helps to make sure only the authorized user who own corresponding token able to access the data as well as preventing data from being shared without any permission from data owner. Besides, preventing the cloud storage providers from unauthorized access and making illegal authorization to access the data, our scheme also protect the data integrity by using hash function.

• International conference on construction engineering and project management
• /
• 2015.10a
• /
• pp.324-327
• /
• 2015

Scaffold is the most commonly used equipment in various types of construction works. Since various types of construction works use the same scaffold equipment, it becomes more difficult to be controlled and managed, thus resulting hazard frequently. According to the information announced in July 2012 by Council of Labor Affairs Executive Yan, the site collapse or incomplete anti-falling protection has led the site to accident frequently, and this is the main reason that causes construction industry occupational disasters. The labor death occupational hazard ratio rises up to 13% in scaffold activity, and the Council of Labor Affairs Executive Yan has showed that the death ratio is higher when using the scaffold in construction site, the total number of death has reached to 139 from 2005 to 2010. In order to ensure the safety of scaffold user, this study tends to build a wireless sensor monitoring system to detect the reliability and safety of the scaffold. The wireless sensor technique applies in this study is different with the traditional monitoring technique which is limited with wired monitoring. Wireless sensor technique does not need wire, it just needs to consider the power supply for establishing the network and receiving stable information, and it can become a monitoring system. In addition, this study also integrates strain gauge technique in this scaffold monitoring system, to develop a real-time monitoring data transfer mechanism and replace the traditional wired single project monitoring equipment. This study hopes to build a scaffold collapse monitoring system to effectively monitor the safety of the scaffold as well as provide the timesaving installation, low-cost and portable features.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.5
• /
• pp.1666-1689
• /
• 2021

The red line of Permanent Basic Farmland is the most important part in the "three-line" demarcation of China's national territorial development plan. The scientific and reasonable delineation of the red line is a major strategic measure being taken by China to improve its ability to safeguard the practical interests of farmers and guarantee national food security. The delineation of Permanent Basic Farmland zoning (DPBFZ) is essentially a multi-objective optimization problem. However, the traditional method of demarcation does not take into account the synergistic development goals of conservation of cultivated land utilization, ecological conservation, or urban expansion. Therefore, this research introduces the idea of artificial immune optimization and proposes a multi-objective model of DPBFZ red line delineation based on a clone selection algorithm. This research proposes an objective functional system consisting of these three sub-objectives: optimal quality of cropland, spatially concentrated distribution, and stability of cropland. It also takes into consideration constraints such as the red line of ecological protection, topography, and space for major development projects. The mathematical formal expressions for the objectives and constraints are given in the paper, and a multi-objective optimal decision model with multiple constraints for the DPBFZ problem is constructed based on the clone selection algorithm. An antibody coding scheme was designed according to the spatial pattern of DPBFZ zoning. In addition, the antibody-antigen affinity function, the clone mechanism, and mutation strategy were constructed and improved to solve the DPBFZ problem with a spatial optimization feature. Finally, Tongxu County in Henan province was selected as the study area, and a controlled experiment was set up according to different target preferences. The results show that the model proposed in this paper is operational in the work of delineating DPBFZ. It not only avoids the adverse effects of subjective factors in the delineation process but also provides multiple scenarios DPBFZ layouts for decision makers by adjusting the weighting of the objective function.