• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1167-1177
• /
• 2019

In this paper, the improved security operation model based on the vulnerability database is studied. The proposed model consists of information protection equipment, vulnerability database, and a dashboard that visualizes and provides the results of interworking with detected logs. The evaluation of the model is analyzed by setting up a simulated attack scenario in a virtual infrastructure. In contrast to the traditional method, it is possible to respond quickly to threats of attacks specific to the security vulnerabilities that the asset has, and to find redundancy between detection rules with a secure agent, thereby creating an optimal detection rule.

• Journal of Korean Society of Rural Planning
• /
• v.23 no.4
• /
• pp.143-152
• /
• 2017

In recent years, the proportion of arable land in the nation has grown from 36.2 percent in 1990 to 43.7 percent in 2013. The study first performed the vulnerability assessment of agricultural production, transportation, processing facilities, agricultural machinery leasing facilities, and water supply facilities. It was developed for the evaluation of the vulnerability of each gun of garlic and onions based on the distance from the three groups of arable bodies to the facility and the processing capacity of facilities. In view of these regional imbalances, the store, distribution and processing facilities in the main stream were found in Haenam, South Jeolla-do, and the relatively low regions of the gun were located in Goheung-gun and Hampyeong-gun. Among other regions, agricultural machinery rental facilities were high in Changnyeong-gun, Haenam, and two regions, while the water supply facilities were high in the southern area of Haenam and South Jeolla-do. The Gyeongsang-do showed relatively high levels of comparison vulnerability index compared to Jeolla-do regions. In particular, through the management plan to improve the facilities needed to improve agricultural production infrastructure, it is necessary to increase the competitiveness of agricultural productuivity through the planning of the need for additional support through the rural readjustment project.

• Journal of Convergence for Information Technology
• /
• v.9 no.8
• /
• pp.35-44
• /
• 2019

The purpose of this study is to find out quantitative vulnerability assessment about COTS(Commercial Off The Shelf) O/S based I&C System. This paper analyzed vulnerability's lifecycle and it's impact. this paper is to develop a quantitative assessment of overall cyber security risks and vulnerabilities I&C System by studying the vulnerability analysis and prediction method. The probabilistic vulnerability assessment method proposed in this study suggests a modeling method that enables setting priority of patches, threshold setting of vulnerable size, and attack path in a commercial OS-based measurement control system that is difficult to patch an immediate vulnerability.

• International journal of advanced smart convergence
• /
• v.10 no.4
• /
• pp.22-29
• /
• 2021

For web application vulnerability diagnosis, from the development stage to the operation stage, it is possible to stably operate the web only when there is a policy that is commonly applied to each task through diagnosis of vulnerabilities, removal of vulnerabilities, and rapid recovery from web page damage. KISA presents 28 evaluation items for technical vulnerability analysis of major information and communication infrastructure. In this paper, we diagnose the vulnerabilities in the automobile goods shopping mall website and suggest security measures according to the vulnerabilities. As a result of diagnosing 28 items, major vulnerabilities were found in three items: cross-site scripting, cross-site request tampering, and insufficient session expiration. Cookie values were exposed on the bulletin board, and personal information was exposed in the parameter values related to passwords when personal information was edited. Also, since the session end time is not set, it was confirmed that session reuse is always possible. By suggesting security measures according to these vulnerabilities, the discovered security threats were eliminated, and it was possible to prevent breaches in web applications and secure the stability of web services.

• Proceedings of the Korean Institute of Building Construction Conference
• /
• 2023.11a
• /
• pp.249-250
• /
• 2023

The vulnerability factor analysis and risk quantification model for aging buildings presented in this study can be utilized by governmental agencies such as the Facility Safety Foundation, the Ministry of Land, Infrastructure and Transport, and various local governments. Policymakers can use this to supplement inadequacies in existing checklists, and it is expected that they can proactively prevent risks by evaluating dangers based on specific aging characteristics of buildings.

• Journal of Korea Water Resources Association
• /
• v.48 no.8
• /
• pp.647-657
• /
• 2015

This study assessed the water use vulnerability for 12 basins of South Korea. The annual runoff of 12 basins are derived using a Soil and Water Assessment Tool (SWAT) and the calculated runoff per unit area and population are compared with each basin. The 18 indicators are selected in order to assess the vulnerability. Those are classified by aspects of demand, loss and supply of water use. Their weighting values used Entropy method to determine objective weights. To quantitatively assess the water use vulnerability, the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) based on multi-criteria decision making are applied. The results show that the water availability vulnerability of Hyeongsan River has the highest value followed by Sapgyo River; Dongjin River; Seomjin River; Anseong River; Mangyung River; Nakdong River; Tamjin River; Youngsan River, Geum River; Taehwa River; and Han River. The result of this study has a capability to provide references for the index deveopment of climate change vulnerability assessment.

• International Journal of Internet, Broadcasting and Communication
• /
• v.8 no.2
• /
• pp.55-65
• /
• 2016

Distributed Denial of service attack is one of the major threats nowadays especially to the government infrastructure that give huge impact to the reputation and interrupt the services and resource. Our survey start with brief introduction about DDoS attacks, we illustrate the trends and incident happened at government from various countries. We then provide an extensive literature review on the existing research about implication, types of attacks and initiative to defence against the DDoS attacks. Our discussion aims to identify the trends in DDoS attacks, in depth impact of DDoS attacks to government infrastructure, classification of attacks and techniques against the attacks. And we will use for a fire fight safety and management.

• The KIPS Transactions:PartC
• /
• v.10C no.1
• /
• pp.1-10
• /
• 2003

In this paper, we propose a secure communication framework for interaction and information sharing between a server and agents in DS-NVSA(Detection System of Network Vulnerability Scan Attacks) proposed in〔1〕. For the scalability and interoperability with other detection systems, we design the proposed IDMEF and IAP that have been drafted by IDWG. We adapt IDMEF and IAP to the proposed framework and provide SKTLS(Symmetric Key based Transport Layer Security Protocol) for the network environment that cannot afford to support public-key infrastructure. Our framework provides the reusability of heterogeneous intrusion detection systems and enables the scope of intrusion detection to be extended. Also it can be used as a framework for ESM(Enterprise Security Management) system.

• Journal of Environmental Policy
• /
• v.13 no.3
• /
• pp.43-73
• /
• 2014

Cities in Korea have rapidly urbanized and they are not well prepared for natural disasters which have been increased by climate change. In particular, they often struggle with urban flooding. Recently, green infrastructure has been emphasized as a critical strategy for flood mitigation in developed countries due to its capability to infiltrate water into the ground, provide the ability to absorb and store rainfall, and contribute to mitigating floods. However, in Korea, green infrastructure planning only focuses on esthetic functions or accessibility, and does not think how other functions such as flood mitigation, can be effectively realized. Based on this, we address this critical gap by suggesting the new green infrastructure planning framework for improving urban water cycle and maximizing flood mitigation capacity. This framework includes flood vulnerability assessment for identifying flood risk area and deciding suitable locations for green infrastructure. We propose the use of the combination of frequency ratio model and GIS for flood vulnerability assessment. The framework also includes the selection process of green infrastructure practices under local conditions such as geography, flood experience and finance. Finally, we applied this planning framework to the case study area, namely YeonJe-gu an Nam-gu in Busan. We expect this framework will be incorporated into green infrastructure spatial planning to provide effective decision making process regarding location and design of green infrastructure.

• International conference on construction engineering and project management
• /
• 2009.05a
• /
• pp.83-90
• /
• 2009

Natural disasters, such as the recent floods in the Midwest, Hurricane Ike in the Gulf coast region (U.S.), and the earthquake in Sichuan (China), cause severe damage to the infrastructure as well as the associated industries and communities that rely on the infrastructure. The estimated damages due to Hurricane Ike in 2008 were a staggering $27 billion, the third worst in U.S. history. In addition, the worst earthquake in three decades in Sichuan resulted in about 90,000 people dead or missing and $20 billion of the estimated loss. A common observation in the analyses of these natural disaster events is the inadequacy of critical infrastructure to withstand the forces of natural calamities and the lack of mitigation strategies when they occur on the part of emergency-related organizations, industries, and communities. If the emergency-related agencies could identify and fortify the vulnerable critical infrastructure in the preparedness stage, the damage and impacts can be significantly reduced. Therefore, it is important to develop a decision support system (DSS) for identifying region-specific mitigation strategies based on the inter-relationships between the infrastructure and associated industries and communities in the affected region. To establish effective mitigation strategies, relevant data were collected from the affected areas with respect to the technical, social, and economic impact levels. The data analysis facilitated identifying the major factors, such as vulnerability, criticality, and severity, for developing a DSS. Customized mitigation strategies that will help agencies prepare, respond, and recover according to the disaster response were suggested.