• Journal of Chest Surgery
• /
• v.29 no.1
• /
• pp.14-23
• /
• 1996

Circulatory arrest under deep hypothermia is an important auxiliary means for cardiac surgery, especially useful in pediatric patients. However, its clinical safety, particularly with regard to the neurologic outcome after long duration of circulatory arrest, is still not established. This study is a review of the eight years'clinical experience of hypothermic circulatory arrest at the Seoul national University Children's Hospital. During an eight-year period from January 1986 through December 1993, a total of 589 consecutive cardiac operations were done using circulatory arrest under deep hypothermia. Among them, 434 consecutive patients, in whom the duration of arrest was 20 minutes or more, are the subject of this study. The duration of arrest ranged from 20 minutes to 82 minutes (mean = 38.7 minutes) under rectal temperature in the range from 12.5$^{\circ}C$ to 25.8$^{\circ}C$. Early neurologic abnormalities occurred in 47 patients : seizure attacks in 28 patients, motor paralyses with or w thout seizure in 12, blindness in 2, and no recovery of consciousness in 5 patients. The rate of incidence of early neurologic abnormalities was calculated at 15.7%. 25 patients showed late neuropsychologic sequelae, such as motor paralysis (9 patients), recurrent seizures (6), developmental delay (8), and definitely low intelligence (2). The rate of incidence of late neurologic sequelae was 8.5%, By statistical analysis, the following factors were identified as the risk factors for post-arrest neurologic abnormalities ; 1) long duration of circulatory arrest, 2) lower-than-ideal body weight, 3) preexisting neurological abnormalities, 4) associated non-cardiovascular congenital anouialies, and 5) low blood pressure during the early post-arrest period. It is concluded that circulatory arrest under deep hypothermia is a relatively safe means for pediatric cardiac surgery with acceptable risk. However, to warrant maximal safety, it is desirable to limit the duration of arrest to less th n 40 minutes. In addition, it is our contention that the early post-arrest period is a very critical period during which maintenance of adequate perfusion pressure in important for the neurologic outcome.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.179-187
• /
• 2020

The FBC(Fixed-Base Comb) is a method to efficiently operate scalar multiplication, a core operation for signature generations of the ECDSA(Elliptic Curve Digital Signature Algorithm), utilizing precomputed lookup tables. Since the FBC refers to the table depending on the secret information and the values of the table are publicly known, an adversary can perform HCA(Horizontal Correlation Analysis), one of the single trace side channel attacks, to reveal the secret. However, HCA is a statistical analysis that requires a sufficient number of unit operation traces extracted from one scalar multiplication trace for a successful attack. In the case of the scalar multiplication for signature generations of ECDSA, the number of unit operation traces available for HCA is significantly fewer than the case of the RSA exponentiation, possibly resulting in an unsuccessful attack. In this paper, we propose an improved HCA on lookup table based scalar multiplication algorithms such as FBC. The proposed attack improves HCA by increasing the number of unit operation traces by determining such traces for the same intermediate value through collision analysis. The performance of the proposed attack increases as more secure elliptic curve parameters are used.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1551-1559
• /
• 2015

Recently, the performance of smart devices is almost similar to that of the existing PCs, thus the users of smart devices can perform similar works such as messengers, SNSs(Social Network Services), smart banking, etc. originally performed in PC environment using smart devices. Although the development of smart devices has led to positive impacts, it has caused negative changes such as an increase in security threat aimed at mobile environment. Specifically, the threats of mobile devices, such as leaking private information, generating unfair billing and performing DDoS(Distributed Denial of Service) attacks has continuously increased. Over 80% of the mobile devices use android platform, thus, the number of damage caused by mobile malware in android platform is also increasing. In this paper, we propose android based malware detection mechanism using time-series analysis, which is one of statistical-based detection methods.We use auto-regressive moving-average model which is extracting accurate predictive values based on existing data among time-series model. We also use fast and exact malware detection method by extracting possible malware data through Z-Score. We validate the proposed methods through the experiment results.

• Journal of Broadcast Engineering
• /
• v.22 no.3
• /
• pp.295-312
• /
• 2017

Digital video content is the most information-intensive and high-value content. Therefore, it is necessary to protect the intellectual property rights of these contents, and this paper also proposes a watermarking method of digital image for this purpose. The proposed method uses the frequency characteristics of 2-Dimensional Discrete Wavelet Transform (2D-DWT) for digital images and digital watermark on global data without using local or specific data of the image for watermark embedding. The method to insert digital watermark data uses a simple Quantization Index Modulation (QIM) and a multiple watermarking method that inserts the same watermark data in multiple. When extracting a watermark, multiple watermarks are extracted and the final watermark data is determined by a simple statistical method. This method is an empirical method for experimentally determining the parameters in the watermark embedding process. The proposed method performs experiments on various images against various attacks and shows the superiority of the proposed method by comparing the performance with the representative existing methods.

• Journal of the Korea Society for Simulation
• /
• v.20 no.3
• /
• pp.69-78
• /
• 2011

A large-scale sensor network usually operates in open and unattended environments, hence individual sensor node is vulnerable to various attacks. Therefore, malicious attackers can physically capture sensor nodes and inject false reports into the network easily through compromised nodes. These false reports are forwarded to the base station. The false report injection attack causes not only false alarms, but also the depletion of the restricted energy resources in a battery powered network. The statistical en-route filtering (SEF) mechanism was proposed to detect and drop false reports en route. In SEF, the choice of routing paths largely affect the energy consumption rate and the detecting power of the false report. To sustain the secure routing path, when and how to execute the path re-selection is greatly need by reason of the frequent network topology change and the nodes's limitations. In this paper, the regional path re-selection period determination method is proposed for efficient usage of the limited energy resource. A fuzzy logic system is exploited in order to dynamically determine the path re-selection period and compose the routing path. The simulation results show that up to 50% of the energy is saved by applying the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1179-1189
• /
• 2019

Cyber security evaluation is a series of processes that estimate the level of risk of assets and systems through asset analysis, threat analysis and vulnerability analysis and apply appropriate security measures. In order to prepare for increasing cyber attacks, systematic cyber security evaluation is required. Various indicators for measuring cyber security level such as CWSS and CVSS have been developed, but the quantitative method to apply appropriate security measures according to the risk priority through the standardized security evaluation result is insufficient. It is needed that an Scoring system taking into consideration the characteristics of the target assets, the applied environment, and the impact on the assets. In this paper, we propose a quantitative risk assessment model based on the analysis of existing cyber security scoring system and a method for quantification of assessment factors to apply to the established model. The level of qualitative attribute elements required for cyber security evaluation is expressed as a value through security requirement weight by AHP, threat influence, and vulnerability element applying probability. It is expected that the standardized cyber security evaluation system will be established by supplementing the limitations of the quantitative method of applying the statistical data through the proposed method.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.11-18
• /
• 2021

To protect tangible and intangible assets, most of the companies are conducting information protection monitoring by using various security equipment in the IT service network. As the security equipment that needs to be protected increases in the process of upgrading and expanding the service network, it is difficult to monitor the possible exposure to the attack for the entire service network. As a countermeasure to this, various studies have been conducted to detect external attacks and illegal communication of equipment, but studies on effective monitoring of the open service ports and construction of illegal communication monitoring system for large-scale service networks are insufficient. In this study, we propose a framework that can monitor information leakage and illegal communication attempts in a wide range of service networks without large-scale investment by analyzing 'Netflow statistical information' of backbone network equipment, which is the gateway to the entire data flow of the IT service network. By using machine learning algorithms to the Netfllow data, we could obtain the high classification accuracy of 94% in identifying whether the Telnet service port of operating equipment is open or not, and we could track the illegal communication of the damaged equipment by using the illegal communication history of the damaged equipment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.4
• /
• pp.50-55
• /
• 2019

Recently Ransomware attacks are continuously increasing, and new Ransomware, which is difficult to detect just with a basic vaccine, continuously has its upward trend. Various solutions for Ransomware have been developed and applied. However, due to the disadvantages and limitations of existing solutions, damage caused by Ransomware has not been reduced. Ransomware is attacking various platforms no matter what platform it is, such as Windows, Linux, servers, IoT devices, and block chains. However, most existing solutions for Ransomware are difficult to apply to various platforms, and there is a limit that they are dependent on only some specific platforms while operating. This study analyzes the problems of existing Ransomware detection solutions and proposes the onboard module based Ransomware detection system; after the system defines the function of necessary elements through analyzing requirements that can actually reduce the damage caused by the Ransomware from the viewpoint of users, it supports various OS without pre-installation and is able to restore data even after being infected. We checked the feasibility of each function of the proposed system through the analysis of the existing technology and verified the suitability of the proposed techniques to meet the user's requirements through the questionnaire survey of a total of 264 users of personal and corporate PC users. As a result of statistical analysis of the questionnaire results, it was found that the score of intent to introduce the system was at 6.3 or more which appeared to be good, and the score of intent to change from existing solution to the proposed system was at 6.0 which appeared to be very high.

• Journal of the Society of Disaster Information
• /
• v.17 no.4
• /
• pp.848-863
• /
• 2021

Purpose: On August 16, 2021, the Taliban established the Taliban regime after conquering capital Kabul of the Afghan by using the strong alliance of international terrorist organizations. The Taliban carried out terrorism targeting the Korean people, including the kidnapping of Kim Seon-il in 2004, the abduction of a member of the Saemmul Church in 2007, and the attack on Korean Provincial Reconstruction Team in 2009. Therefore, this research has shown the possibility of Taliban terrorism in Korea. Method: Based on the statistical data on terrorism that occurred in Afghanistan, Taliban's various terrorist activities such as tactics, strategies, and weapons are examined. Consequently, the target facilities and the type of terrorist attacks are analyzed. Result: The Taliban are targeting the Afghan government as their main target of attack, and IS and the Taliban differ in their selection of targets for terrorism. Conclusion: From the result of this research, we recommend Korea need to reinforce the counter terrorism system in soft targets. Because If the Taliban, which has seized control of Afghanistan, and IS, which has established a worldwide terrorism network, cooperate to threaten domestic multi-use facilities with bombing, the Republic of Korea may face a terrorist crisis with insufficient resources and counter-terrorism related countermeasures.

• KIPS Transactions on Software and Data Engineering
• /
• v.10 no.11
• /
• pp.449-456
• /
• 2021

An intrusion detection system is a technology that detects abnormal behaviors that violate security, and detects abnormal operations and prevents system attacks. Existing intrusion detection systems have been designed using statistical analysis or anomaly detection techniques for traffic patterns, but modern systems generate a variety of traffic different from existing systems due to rapidly growing technologies, so the existing methods have limitations. In order to overcome this limitation, study on intrusion detection methods applying various machine learning techniques is being actively conducted. In this study, a comparative study was conducted on data preprocessing techniques that can improve the accuracy of anomaly detection using NGIDS-DS (Next Generation IDS Database) generated by simulation equipment for traffic in various network environments. Padding and sliding window were used as data preprocessing, and an oversampling technique with Adversarial Auto-Encoder (AAE) was applied to solve the problem of imbalance between the normal data rate and the abnormal data rate. In addition, the performance improvement of detection accuracy was confirmed by using Skip-gram among the Word2Vec techniques that can extract feature vectors of preprocessed sequence data. PCA-SVM and GRU were used as models for comparative experiments, and the experimental results showed better performance when sliding window, skip-gram, AAE, and GRU were applied.