• Journal of the Korean Society of Safety
• /
• v.34 no.1
• /
• pp.98-107
• /
• 2019

In the case of a disaster, the damage caused by the disability vulnerability of persons with disabilities is significantly increased, discussing about a problem for the protection of the vulnerable class. However, until now policy, technology and response guidelines for disaster and safety have been focused on the general public. Therefore, it is necessary to develop customized support technology for disaster and safety considering vulnerable characteristics of vulnerable class. Firstly, it is necessary to prepare draft improvement proposal of act and support system related disaster and safety for persons with disabilities and older persons. So, this study was carried out analysis of act, policy and support system on disaster and safety for persons with disabilities and older persons of domestic and overseas in order to draw implication. Furthermore, we established direction for improvement of act and policy on disaster and safety for persons with disabilities based on the analysis, and suggested draft improvement proposal.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.181-181
• /
• 2023

Flood is a major threat to human society, and scientific assessment of flood risk in human living areas is an important task. In this study, two different methods were used to evaluate the flood in Ulsan City, and the results were comprehensively compared and analyzed. Based on the fuzzy mathematics and VIKOR method of the multi-objective decision system, similar evaluation results were obtained in the study area. The results show that due to the large number of rivers in Ulsan City and the relatively high exposure index, the whole city faces a high risk of flooding. However, fuzzy mathematics theory pays more attention to the negative impact of floods on people, and the adaptability in the Nam-gu District is lower. In contrast, the VIKOR method pays more attention to the positive role of the economy and population in flood protection, and thus obtains a higher score. Both approaches demonstrate that the city of Ulsan faces a high risk of flooding and that its citizens and policymakers need to invest in preventing flood damage.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.204-206
• /
• 2022

드론과 관련된 기술의 발전으로 인하여, 다양한 민간 및 공공 산업에서 활용되는 실정이며, 이에 따라 드론 시장 역시 확대되면서 일반인들도 드론을 접하거나 활용하는 기회가 많아지고 있다. 특히, 일반인들이 접근하기 용이하고 사용하기 쉬운 WiFi 기반의 상용 드론이 생산되면서 수요 역시 증가하는 추세이다. 이와 같이, 드론이 많이 발전하는 긍정적인 측면과는 반대로, 드론에서 발생하는 다양한 취약점으로 인하여 보안 위협이 발생한다. 최근에는 WiFi 기반의 드론들을 대상으로 공개된 도구를 사용하여 DHCP 고갈 공격의 취약점을 분석하는 연구가 진행되었으며, 공격 결과로 실제 드론이 DHCP 고갈 공격으로 인하여 IP 주소를 할당받지 못하는 보안위협이 도출되었다. 하지만, 이 연구는 대표적인 DHCP 공격 도구인 DHCPig와 Yersinia를 활용하였으며, 이 도구들은 무선이 아닌 유선 네트워크를 기반으로 제작되었기 때문에, 드론 환경에 그대로 적용하기에는 한계점이 존재하며, 실제로 발생 가능한 취약점을 검증하지 못하는 한계점도 존재한다. 따라서 본 논문에서는 WiFi 기반 상용 드론을 대상으로 DHCP 고갈 공격의 취약점을 분석하기 위하여, 공개된 도구들의 문제점을 분석하고 개선함으로써, 드론 환경에서의 DHCP 고갈 공격의 가능성을 검증한다. 본 연구 결과는 DHCP를 제공하는 드론 환경의 안전성을 향상하기 위한 지표로 활용될 것으로 사료된다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.117-121
• /
• 2024

기존의 외장 하드디스크는 보안 기능의 부재로 인하여, 비인가자로부터 디스크가 탈취되는 경우에는 저장된 데이터가 유출되거나 훼손되는 문제점이 존재한다. 이러한 문제점을 보완하기 위하여, 보안 기능을 제공하는 보안 외장 하드디스크가 등장하였지만, 보안 기능 중 패스워드나 지문 인증과 같은 사용자 인증을 우회하는 취약점이 지속적으로 발견됨으로써, 비인가자가 장치 내부에 안전하게 저장된 데이터에 접근하는 보안위협이 발생하였다. 이러한 보안위협은 국가사이버안보센터에서 공개한 보안 요구사항을 만족하지 못하거나, 만족하더라도 설계나 구현 과정에서 내포된 취약점으로 인하여 발생한다. 본 논문은 이와 같이 보안 외장 하드디스크에서 발생하는 취약점을 점검하기 위한 목적으로 보안 외장 하드디스크 익스플로잇 프레임워크를 설계하였다. 취약점을 점검하기 위한 전체 프레임워크를 설계하였고, 프레임워크에서 제공하는 각 기능 및 유즈케이스 다이어그램을 설계하였으며, 설계된 프레임워크를 활용한다면, 현재 상용화되었거나 추후 개발될 보안 외장 하드디스크를 대상으로 안전성을 평가할 것으로 판단된다. 그뿐만 아니라, 안전성 평가 결과를 기반으로, 보안 외장 하드디스크에 내재된 취약점을 보완함으로써 안전성을 더욱 향상시키고, 수동으로 분석하여야만 하는 보안 외장 하드디스크의 취약점 점검을 자동화함으로써, 안전성을 평가하는 시간과 비용 또한 절감할 것으로 사료된다.

• Asia pacific journal of information systems
• /
• v.30 no.2
• /
• pp.308-327
• /
• 2020

The importance of information security is increasing, and various efforts are being made to improve users' information security behaviors. Among these various efforts, information security education is mainly aimed at providing users with information security knowledge and improving information security awareness. This study classified the types of information security education into offline and online to examine the effects of each education method on attitudes toward information security (perceived severity, vulnerability, self-efficacy and response-efficacy) and information security behaviors. A survey was conducted for users with information security education experiences. The results obtained by comparing the differences in the path coefficients of personal information security behaviors according to information security education experiences showed that security behaviors were more significant in the online experience group than the offline group. In addition, gender differences were analyzed, and it was found that females had a greater impact on information security attitudes than males. This study also found that among Internet users with online information security education experience, females tend to have more information security behavior than males, but there were contrasting results among users with offline information security education experiences. The results of this study finally address the necessity of reflecting users' personalities in the systematic design of information security education in the future. Furthermore, the results of this study support the need for an appropriate education system that sufficiently understands education types to maximize the effects of information security education.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.7
• /
• pp.109-115
• /
• 2024

Overleaf is a cloud-based LaTeX editor, allowing users to easily create and collaborate on documents without the need for separate LaTeX installation or configuration. Thanks to this convenience, users from various fields worldwide are writing, editing, and collaborating on academic papers, reports, and more via web browsers. However, the caching that occurs during the process of converting documents written on Overleaf to PDF format poses risks of exposing sensitive information. This could potentially lead to the exposure of users' work to others, necessitating the implementation of security measures and vigilance to caution against such incidents. This paper delves into an in-depth analysis of Overleaf's security vulnerabilities and proposes various measures to enhance the protection of intellectual property.

• SUVANNABHUMI
• /
• v.16 no.1
• /
• pp.103-123
• /
• 2024

The traumatic experiences of people from peripheral islands are susceptible to mnemocide. Such erasure of memory is facilitated by "defensive and complicit forgetting," which, according to Aleida Assmann, leads to "protection of perpetrators." My paper reflects on the vulnerability of traumas from the islands to mnemocide by looking into [1] the massacre of communists and civilians on Jeju Island, South Korea in 1948 as described in Hyun-Kil Un's short story "Dead Silence" (2017; English trans.) and [2] the eviction of residents and indigenous people from Calauit Island, Philippines for the creation of a safari in 1976 as imagined in Annette A. Ferrer's "Pablo and the Zebra" (2017). In "Dead Silence," I direct the attention to how to the execution of the villagers-witnesses to the death of the communist guerillas-is a three-pronged violence: it is a transgression committed against the innocent civilians; an act of "erasing traces to cover up" the military crackdown on the island; and, by leaving the corpses out in the open, a display of impunity. In "Pablo and the Zebra," I second that both residents (i.e., humans and animals) experience post-traumatic stress because of their respective displacements; thus, the tension between them has got to stop. Curiously, while it concludes with a reconciliatory gesture between an elder and a zebra, no character demanded a reparation for their traumatic past per se. Could the latter be symptomatic of a silence that lets such violence "remain concealed for a long time"?

• Asian Pacific Journal of Cancer Prevention
• /
• v.17 no.3
• /
• pp.1157-1162
• /
• 2016

Background: Cervical cancer is known as one of the most prevalent types of cancers and a major public health problem in developing countries which can be detected by Pap test, prevented, and treated. Despite the effective role of Pap test in decreasing the incidence and mortality due to cervical cancer, it is still one the most common causes of cancer-related deaths among women, especially in developing countries. Thus, this study aimed to examine the effect of educational interventions implemented by health volunteers based on protection motivation theory (PMT) on promoting Pap test use among women. Materials and Methods: This quasi-experimental study was conducted on 60 health volunteers and 420 women. The study participants were divided into an intervention and a control group. Data were collected using a valid self-reported questionnaire including demographic variables and PMT constructs which was completed by both groups before and 2 months after the intervention. Then, the data were entered into the SPSS statistical software, version 19 and were analyzed using Chi-square test, independent T-test, and descriptive statistical methods. P<0.05 was considered as statistically significant. Results: The findings of this study showed that the mean scores of PMT constructs (i.e. perceived vulnerability, perceived severity, fear, response-costs, self-efficacy, and intention) increased in the intervention group after the intervention (P<0.001). However, no significant difference was found between the two groups regarding response efficacy after the intervention (P=0.06). The rate of Pap test use also increased by about 62.9% among the study women. Conclusions: This study showed a significant positive relationship between PMT-based training and Pap test use. The results also revealed the successful contribution of health volunteers to training cervical cancer screening. Thus, training interventions based on PMT are suggested to be designed and implemented and health volunteers are recommended to be employed for educational purposes and promoting the community's, especially women's, health.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.4
• /
• pp.669-676
• /
• 2017

Recently, due to the importance of information security, security vulnerability analysis and various information protection technologies and security systems are being introduced as a countermeasure against cyber-attacks in new as well as existing buildings, and information security studies on high-rise buildings are also being conducted. However, security system introduction and research are generally performed from the viewpoint of general IT systems and security policies, so there is little consideration of the infrastructure of the building. In particular, the BAS or building infrastructure, is a closed system, unlike typical IT systems, but has unique structural features that accommodate open functions. Insufficient understanding of these system structures and functions when establishing a building security policy makes the information security policies for the BAS vulnerable and increases the likelihood that all of the components of the building will be exposed to malicious cyber-attacks via the BAS. In this paper, we propose an architecture reference model that integrates three different levels of BAS structure (from?) different vendors. The architectures derived from this study and the security characteristics and vulnerabilities at each level will contribute to the establishment of security policies that reflect the characteristics of the BAS and the improvement of the safety management of buildings.