• Journal of Applied Reliability
• /
• v.15 no.2
• /
• pp.131-138
• /
• 2015

In modern warfare, the number of unmanned systems grow faster than any other weapon systems. Therefore, it is very important to predict and measure the combat effectiveness (CE) of unmanned weapon systems in battlefield for deciding defense budget to acquire those systems. In general, quantitative calculation of weapon effectiveness under complicated battlefield is difficult based on the future network centric warfare. Hence, many papers studied how to measure the combat effectiveness and tried to study a lot of related issues about it. However, there are few papers dealing with the relationship between the UGV (Unmanned Ground Vehicle)'s performance and CE in a ground battlefield. In this paper, we do the sensitivity analysis based on a given scenario in a small unit battle. In order to do that, we developed simulation model using AnyLogic and changed the input parameters such as detection and hitting probabilities. We also assess the simulation outputs according to the variation of input parameters. The MOE used in this simulation model output is survival ratio for Blue force. We hope that this paper will be useful to find which input variable is more effective to increase combat effectiveness in a small unit ground battlefield.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2261-2280
• /
• 2014

Recently, network traffic has become more complex and diverse due to the emergence of new applications and services. Therefore, the importance of application-level traffic classification is increasing rapidly, and it has become a very popular research area. Although a lot of methods for traffic classification have been introduced in literature, they have some limitations to achieve an acceptable level of performance in real-time application-level traffic classification. In this paper, we propose a novel application-level traffic classification method using payload size sequence (PSS) signature. The proposed method generates unique PSS signatures for each application using packet order, direction and payload size of the first N packets in a flow, and uses them to classify application traffic. The evaluation shows that this method can classify application traffic easily and quickly with high accuracy rates, over 99.97%. Furthermore, the method can also classify application traffic that uses the same application protocol or is encrypted.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.58 no.12
• /
• pp.2303-2310
• /
• 2009

Defense systems are needed to prevent catastrophic failures of a power grid due to cascaded events. Cascaded events can be attributed to improper operations of protective relays. Especially, it is the most dangerous problem that trips of backup relays by overload. In this paper, a new algorithm of predicting Zone 3 acting time of distance relay is proposed using the real time synchronized data from PMUs on the transmission system when the power system is danger. In the proposed, some part of the power system are outage when some unexpected fault in the power system, the algorithm will monitor the impedance locus of distance relay. At this time, if there is a big change of Impedance locus, the algorithm will calculate the Zone 3 acting time of the distance relay by the over load. In the case studies, the estimation and simulation network have been testified and analysed in Matlab Simulink.

• The Journal of Information Systems
• /
• v.14 no.1
• /
• pp.19-40
• /
• 2005

The history of computer virus comes along with that of computer. Computer virus han surfaced as a serious problem in information age. The advent of open network and widespread use of Internet made the problem even more urgent. As a method of defense for computer virus most companies use anti-virus software. Selecting appropriate anti-virus software involves various criteria and thus it is a multiple-attribute decision making problem. The purpose of this study is to prioritize anti-virus software evaluation factors. To do that, first of all, important evaluation factors are selected based on previous research on anti-virus software as well as general software evaluation models. Then, a questionnaire survey was conducted on end-users, system administrators and anti-virus software developers. The survey result was analyzed with ExpertChoice 2000 which is based on Analytic hierarchy Process technique. This study found that there are clear differences among three survey groups regarding the relative importance of overall evaluation factors. End-user group ranked "cost" first, but it was the least important factor to developer group. Developers pointed out "operational support" ad the most important factor. There were also obvious differences in the relative importance of detail evaluation items. Both end-users and system administrators shared 7 common items among top 10 most important items. Moreover, neither of the two groups ranked any of the items in the "operational support" factor in top 10, whereas all 4 items in the factor were included in top 10 by developer group.

• Strategy21
• /
• s.36
• /
• pp.94-120
• /
• 2015

The Asia-Pacific Region has emerged as a arena of geopolitical competition between the U.S. and China. The Obama administration of the U.S. had laid out the concept of rebalancing strategy toward the region, concentrating its 60 percent of Naval Forces to the region till 2020 and consolidating its network of allies and partners. Whereas Chinese leader Xi Jinping also put forward the concept of new type of major power relations concerning its relations with the U.S. and a concept of 'the Asian Community of Common Destiny' aiming at a more intensified mutual relation among countries in the region. In doing so, Asia-Pacific region gradually became the arena where mutual competition and cooperation between the U.S. and China has crossfired. As a close ally to the U.S. and a partner to Japan, South Korea should develop trilateral naval cooperation by holding joint naval drill with the aim of humanitarian support and disaster relief. At the same time, Seoul also should make efforts to proceed mutual confidence building with Beijing by deepening military-to-military cooperation. These policy options will be helpful to enhance Seoul's security posture in the region.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06d
• /
• pp.215-218
• /
• 2011

VoIP(Voice over Internet Protocol) 서비스는 기존의 음성전화 서비스(Public Switched Telephone Network, PSTN)와 달리 IP 프로토콜을 이용한 저렴한 통신비용 등의 장점이 있는 음성통신 기술로써, 기존의 아날로그 음성전화 서비스를 대신하는 서비스이며, 새로운 인터넷 융합서비스로 많은 사용자가 이용하고 있다. 하지만 VoIP 서비스가 인터넷망을 이용함으로 IP Spoofing, DoS (Denial of Server) / DDoS(Distributed Denial of Service), 등의 여러 가지 보안의 문제점을 가지고 있다. VoIP 서비스에서 DDoS 공격은 Proxy 서버 등에 대량의 공격 메시지를 보냄으로써 서버의 자원을 고갈시켜 정상적인 서비스를 하지 못하게 한다. DoS, DDoS 공격 중 Invite Flooding 공격은 1분에 수천 개의 Invite 메시지를 보내 회선의 자원을 고갈시키는 공격이다. 특히 IP/Port 위조하여 공격 경우 공격 패킷 탐지하기 어려우므로 차단할 수 없다. 따라서 본 논문에서는 VoIP의 DoS/DDoS 중 하나인 Invite Flooding 공격 시 SIP Proxy Server에서 메시지 분산시키는 방법과 MAC Address와 사용자 번호 등 IP 이외의 고정적인 사용자 정보를 확인하여 공격을 탐지하고, 공격 Agent에 감염된 Phone을 공격차단서비스로 보내 복구시키는 방법을 제안한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.3
• /
• pp.37-47
• /
• 2020

The In the 4^th industrial revolution, cyber space will evolve into hyper-connectivity, super-convergence, and super-intelligence due to the development of advanced information and communication technologies, which will connect the nation's core infrastructure into a single network. As applying the 4^th industrial revolution technology to the cyber attack technique, it is evolving in an intelligent and sophisticate method. In order to response intelligent cyber attacks, it is difficult to guarantee self-defense in cyberspace by policy-oriented, preplanned-centric and hierarchical cyber response strategies. Therefore, this research aims to propose a situation-flexible & action-oriented cyber response mechanism that can respond flexibly by selecting the most optimal smart security solution according to changes in the cyber attack steps. The proposed cyber response mechanism operates the smart security solutions according to the action-oriented detailed strategies. In addition, artificial intelligence-based decision-making systems are used to select the smart security technology with the best responsiveness.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.1 s.33
• /
• pp.27-34
• /
• 2005

Current security reinforcement systems are Passive defense system that only blocks filter to all traffic from the attacker. So, Those are weak re-attack and Stepping Stones attack because active response about attacker is lacking. Also, present techniques of traceback need much time and manpower by log information collection and trace through the personal inspection and active response is lacking. In this paper, We propose technique for TCP connection traceback that can apply in present internet and trace to inserted marking on IP header to correspond re-attack and Stepping Stones attack. Therefore, Proposed technique is unnecessary correction of existing network component and can reduce size of marked information and overhead of resources.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.7B
• /
• pp.592-600
• /
• 2008

In this paper, a Hybrid Scaling based DTW (HS-DTW) mechanism is proposed for detection of periodic shrew TCP attacks. A low-rate TCP attack which is a type of shrew DoS (Denial of Service) attacks, was reported recently, but it is difficult to detect the attack using previous flooding DoS detection mechanisms. A pattern matching method with DTW (Dynamic Time Warping) as a type of defense mechanisms was shown to be reasonable method of detecting and defending against a periodic low-rate TCP attack in an input traffic link. This method, however, has the problem that a legitimate link may be misidentified as an attack link, if the threshold of the DTW value is not reasonable. In order to effectively discriminate between attack traffic and legitimate traffic, the difference between their DTW values should be large as possible. To increase the difference, we analyze a critical problem with a previous algorithm and introduce a scaling method that increases the difference between DTW values. Four kinds of scaling methods are considered and the standard deviation of the sampling data is adopted. We can select an appropriate scaling scheme according to the standard deviation of an input signal. This is why the HS-DTW increases the difference between DTW values of legitimate and attack traffic. The result is that the determination of the threshold value for discrimination is easier and the probability of mistaking legitimate traffic for an attack is dramatically reduced.

• Bulletin of the Korean Space Science Society
• /
• 2009.10a
• /
• pp.40.3-41
• /
• 2009

인류가 위성을 발사하기 시작하면서 수많은 우주파편이 발생하게 되었고 이로 인하여 우주파편 환경은 날이 갈수록 심각해지고 있다. 우주공간을 비행하는 우주물체는 분쇄된 파편, 임무 관련 파편, rocket body 그리고 운용위성으로 구분된다. U.S. Space Surveillance Network에 따르면 10cm 이상 크기를 갖는 물체는 현재 13,000개가 넘는다고 알려지고 있고 질량만 해도 6,000톤이 넘는다. 이런 우주파편 환경으로 인하여 우주파편 간의 충돌, 우주파편과 운용위성 간의 충돌 또는 운용위성 간의 충돌에 대한 우려가 꾸준히 제기되어왔고, 불행하게도 2009년 2월 10일 Iridium 33과 Cosmos 2251 위성이 고도 790km 부근에서 충돌하여 1,300여개의 우주파편이 발생했다. 또한 2007년에 중국이 고도 860km 부근에서 750kg에 해당하는 자국의 위성(FY-1C)을 미사일로 격추시킴에 따라 2500여개의 우주파편이 발생하여 저궤도의 우주파편 환경을 더욱 심각하게 만들고 있다. 운용위성과 우주파편과의 충돌 가능성을 분석하기 위해서는 우주파편 및 위성의 궤도정보를 알아야 한다. 이를 위해서 NORAD(North American Aerospace Defense Command)에서 제공하는 TLE(Two Line Element)가 주로 이용된다. 하지만 관측 및 궤도 결정 특성상 수 km의 오차를 포함하므로 궤도정보의 공분산이 크다는 단점이 있으므로 충돌 분석을 수행하는데 있어 한계가 있다. 이 논문은 충돌분석 수행에 있어 TLE 정보만을 이용한 경우뿐만 아니라 정밀궤도와 TLE를 동시에 이용한 경우를 비교함으로써 충돌 불확실성의 해소방안을 제시할 계획이다.