• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.205-211
• /
• 2024

The increasing number of botnet attacks incorporating new evasion techniques making it infeasible to completely secure complex computer network system. The botnet infections are likely to be happen, the timely detection and response to these infections helps to stop attackers before any damage is done. The current practice in traditional IP networks require manual intervention to response to any detected malicious infection. This manual response process is more probable to delay and increase the risk of damage. To automate this manual process, this paper proposes to automatically select relevant countermeasures for detected botnet infection. The propose approach uses the concept of flow trace to detect botnet behavior patterns from current and historical network activity. The approach uses the multiclass machine learning based approach to detect and classify the botnet activity into IRC, HTTP, and P2P botnet. This classification helps to calculate the risk score of the detected botnet infection. The relevant countermeasures selected from available pool based on risk score of detected infection.

• Korean Journal of Construction Engineering and Management
• /
• v.9 no.1
• /
• pp.143-154
• /
• 2008

Since the concerns for safety of highway traffic safety facilities inherent in various environmental risk is increased, systematic performance, cost, and effect analysis process is needed for this. In case of median barrier among various traffic safety facilities, quantitative risk assessment is inevitable because it has lots of direct/indirect risk factors. Thus, this study suggests an advanced VE(Value Engineering) approach incorporating quantitative risk analysis. For the applicability, suggested VE approach considering alternative 1(140cm) and 2(127cm) is applied to median barrier in fields. Also, major improvement objects are extracted from governing factors of cost and performance based on functional analysis. It is concluded that the proposed risk assessment methodology will provide rational and practical solutions for best value and the approach could effectively applied for various traffic safety facilities by slight modification of suggest process.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.288-302
• /
• 1994

A security risk analysis provides all information system with the capability to investigate and estimate the status of its security, and gives a guideline for establishing a safeguard against any means of security threats. The information system needs tile judicious and accurate why for performing a risk analysis since security policy and risk analysis of tile information system are based on risk analysis, The risk analysis is composed of two methods. mathematical approach and diagramming technique. Mathematical approach cannot yield a precise description of the real world. However, diagramming technique is more pragmatic since it overcomes this limitation. In this paper, we studied tile security risk analysis methods proposed in overseas such as INFOSEC [4], SRAG [5], FIPS65[6], and JRAM[7].

• Smart Structures and Systems
• /
• v.23 no.2
• /
• pp.185-194
• /
• 2019

The probabilistic tsunami risk assessment of large coastal areas is challenging because the inland propagation of a tsunami wave requires an accurate numerical model that takes into account the interaction between the ground, the infrastructures, and the wave itself. Classic mesh-based methods face many challenges in the propagation of a tsunami wave inland due to their ever-moving boundary conditions. In alternative, mesh-less based methods can be used, but they require too much computational power in the far-field. This study proposes a hybrid approach. A mesh-based method propagates the tsunami wave from the far-field to the near-field, where the influence of the sea floor is negligible, and a mesh-less based method, smooth particle hydrodynamic, propagates the wave onto the coast and inland, and takes into account the wave structure interaction. Nowadays, this can be done because the advent of general purpose GPUs made mesh-less methods computationally affordable. The method is used to simulate the inland propagation of the 2004 Indian Ocean tsunami off the coast of Indonesia.

• International Journal of Safety
• /
• v.6 no.2
• /
• pp.8-12
• /
• 2007

This study includes a case study among plastic process manufacturing companies, based on which, the currently used 4M method is applied in terms of machine, media, man, and management, to conduct quantitative risk evaluation, and thus to contribute to reducing human and material loss as well as preventing accidents in industrial fields. The result of this study is analyzed based on the 4M-risk assessment to find out the hazardous risk elements, and the quantitative evaluation made it predictable the value of risk(frequency $\times$ intensity) in such classified levels as serious risk, critical risk, and intolerable risk. Further, Among the businesses with hazardous risk elements and high frequency of industrial disaster, risk analysis was conducted for each process, and as a result, 38 cases among 76, including those of serious risk, critical risk, and intolerable risk, were improved, and the risk was reduced. Besides, it is thought that with the engineering approach with 4M-Risk Assessment, the attempt to improve safety level contributes to prevention of accidents.

• Journal of Information Processing Systems
• /
• v.12 no.2
• /
• pp.226-233
• /
• 2016

Cloud computing is a distributed computing model that has lot of drawbacks and faces difficulties. Many new innovative and emerging techniques take advantage of its features. In this paper, we explore the security threats to and Risk Assessments for cloud computing, attack mitigation frameworks, and the risk-based dynamic access control for cloud computing. Common security threats to cloud computing have been explored and these threats are addressed through acceptable measures via governance and effective risk management using a tailored Security Risk Approach. Most existing Threat and Risk Assessment (TRA) schemes for cloud services use a converse thinking approach to develop theoretical solutions for minimizing the risk of security breaches at a minimal cost. In our study, we propose an improved Attack-Defense Tree mechanism designated as iADTree, for solving the TRA problem in cloud computing environments.

• Asian Journal for Public Opinion Research
• /
• v.1 no.3
• /
• pp.217-231
• /
• 2014

This study begins with a review of commonly discussed dimensions of public risk perception that may influence public opinion toward risks. Factors that have been revealed by the literature to have substantial impact on risk perception, such as demographic background, trust, and media environment, are also discussed. Meanwhile, we evaluate two well-known research models in the realm of risk analysis: 1) the psychometric paradigm, and 2) the social amplification of risk framework (SARF). Based on a literature review, this study suggests that, besides the psychological and social approach, models of risk perception and risk communication research should shift to a more comprehensive one by considering the interrelations between laypeople and the environment. This study proposes a research model from the perspective of social cognitive theory (SCT) as a potential framework for future studies: 1) in the societal environment, individuals' risk perception and information seeking behavior, which is determined by risk perception will be influenced by trust in regulators and interpersonal trust; 2) in the media environment, individuals' risk perception and information seeking behavior will be influenced by individuals' perceived information characteristics. Knowledge about risk accumulated through information seeking will change risk perception in a longitudinal process.

• Molecular & Cellular Toxicology
• /
• v.4 no.3
• /
• pp.260-266
• /
• 2008

Recently, there has been scientific discussion on the utility of -omics techniques such as genomics, proteomics, and metabolomics within toxicological research and mechanism-based risk assessment. Toxicogenomics is a novel approach integrating the expression analysis of genes (genomic) or proteins (proteomic) with traditional toxicological methods. Since 1999, the toxicogenomic approach has been extensively applied for regulatory purposes in order to understand the potential toxic mechanisms that result from chemical compound exposures. Therefore, this article's purpose was to consider the utility of toxicogenomic profiles for improved risk assessment, explore the current limitations in applying toxicogenomics to regulation, and finally, to rationalize possible avenues to resolve some of the major challenges. Based on many recent works, the significant impact toxicogenomic techniques would have on human health risk assessment is better identification of toxicity pathways or mode-of-actions (MOAs). In addition, the application of toxicogenomics in risk assessment and regulation has proven to be cost effective in terms of screening unknown toxicants prior to more extensive and costly experimental evaluation. However, to maximize the utility of these techniques in regulation, researchers and regulators must resolve many parallel challenges with regard to data collection, integration, and interpretation. Furthermore, standard guidance has to be prepared for researchers and assessors on the scientifically appropriate use of toxicogenomic profiles in risk assessment. The National Institute of Toxicological Research (NITR) looks forward to an ongoing role as leader in addressing the challenges associated with the scientifically sound use of toxicogenomics data in risk assessment.

• Wind and Structures
• /
• v.27 no.3
• /
• pp.199-211
• /
• 2018

This paper deals with wind fragility and risk analysis of high rise buildings subjected to stochastic wind load. Conventionally, such problems are dealt in full Monte Carlo Simulation framework, which requires extensive computational time. Thus, to make the procedure computationally efficient, application of metamodelling technique in fragility analysis is explored in the present study. Since, accuracy by the conventional Least Squares Method (LSM) based metamodelling is often challenged, an efficient Moving Least Squares Method based adaptive metamodelling technique is proposed for wind fragility analysis. In doing so, artificial time history of wind load is generated by three wind field models: i.e., a simple one based on alongwind component of wind speed; a more detailed one considering coherence and wind directionality effect, and a third one considering nonstationary effect of mean wind. The results show that the proposed approach is more accurate than the conventional LSM based metamodelling approach when compared to full simulation approach as reference. At the same time, the proposed approach drastically reduces computational time in comparison to the full simulation approach. The results by the three wind field models are compared. The importance of non-linear structural analysis in fragility evaluation has been also demonstrated.

• Proceedings of the KSR Conference
• /
• 2007.05a
• /
• pp.577-583
• /
• 2007

In railway business plan, operations require a strategic and sustained level of planned investment to ensure assets are fit for purpose over the whole of their planned life. Therefore it is essential that operator can confidently plan and predict capital investment requirements over a number of years. This research addresses that how the London Underground apply a systematic risk based approach to their health and safety planning and investment decision making. Through this case study, we investigate the elements of management system that includes arrangements for the ongoing identification of hazards, assessment of risks and the implementation necessary control measures. Risk based business planning processes are also addressed.