• Proceedings of the Korea Water Resources Association Conference
• /
• 2016.05a
• /
• pp.204-204
• /
• 2016

Thailand had set the National Water Management Strategy which covered main six areas in the next 12 years, i.e., by priority: (1) water for household, (2) water for agricultural and industrial production, (3) water for flood and drought management, (4) water for quality issue, (5) water from forest conservation and soil erosion protection, (6) water resources management. However due to the climate change impact, there is a question for all strategies is whether to complete this mission under future climate change. If the impact affects our target, we have to clarify how to mitigate or to adapt with it. Vulnerability assessment was conducted under the framework of ADB's (with the parameters of exposure, sensitivity and adaptive capacity) and the assessments were classified into groups due to their different characteristic and the framework of the National Water Management Strategy, i.e., water supply (rural and urban), water for development (agriculture and others), water disasters (floods (flash, overflow), drought, water quality). The assessments identified the parameters concerned and weight factors used for each groups via expert group discussions and by using GIS mapping technology, the vulnerability maps were produced. The maps were verified with present water situation data (floods, drought, water quality). From the analysis result of this water resources management strategy, we found that 30% of all projects face the big impacts, 40% with low impact, and 30% for no impact. It is clear that water-related agencies have to carefully take care approximately 70% of future projects to meet water resources management strategy. It is recommended that additional issues should be addressed to mitigate the impact from climate risk on water resource management of the country, i.e., water resources management under new risk based on development scenarios, relationship with area-based problems, priority definition by viewpoints of risk, vulnerability (impact and occurrence probability in past and future), water management system in emergency case and water reserve system, use of information, knowledge and technology in management, network cooperation and exchange of experiences, knowledge, technique for sustainable development with mitigation and adaptation, education and communication systems in risk, new impact, and emergency-reserve system. These issues will be described and discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.111-122
• /
• 2002

Malicious attackers generally attempt to intrude the target systems by taking advantage of existing system vulnerabilities and executing readily available code designed to exploit blown vulnerabilities. To the network security administrators, the rat and minimal step in providing adequate network security is to identify existing system vulnerabilities and patch them as soon as possible. Network-based vulnerability analysis scanners (NVAS), although widely used by network security engineers, have shortcomings in that they depend on limited information that is available and generally do not have access to hast-specific information. Host-based vulnerability analysis scanner (HVAS) can serve as an effective complement to NVAS. However, implementations of HVAS differ from one platform to another and from one version to another. Therefore, to security engineers who often have to maintain a large number of heterogeneous network of hosts, it is impractical to develop and manage a large number of HVAS. In this paper, we propose an agent-based architecture named ISMAEL and describe its prototype implementation. Manager process provides various agent processes with descriptiom on vulnerabilities to check, and an agent process automatically generates, compiles, and executes an Java code to determine if the target system is vulnerable or not. The result is sent back to the manager process, and data exchange occurs in % format. Such architecture provides maximal portability when managing a group of heterogeneous hosts and vulnerability database needs to be kept current because the manager process need not be modified, and much of agent process remains unchanged. We have applied the prototype implementation of ISMAEL and found it to be effective.

• Journal of Korean Academy of Nursing
• /
• v.34 no.6
• /
• pp.1025-1034
• /
• 2004

Purpose: This study defines a vulnerable group in a community that has become the main target of a national health project also, it is descriptive research to suggest an evidence-based direction to meet their deficit health-related needs, Method: This research examined 833 families and 1,835 family members of the financially vulnerable class that was registered in a home visiting program of a public health center. Among them, 892 persons who had health problems, and their family members were examined in detail to find out their characteristics of vulnerability and health needs by assessment during a nurses home visit. Frequency distribution, stepwise-regression and factor analysis were used to analyze the data. Result: The vulnerable group that was defined with social indexes set as standards, involved substantial characteristics of vulnerability. The characteristics of demand showed tendencies of being clustered in 5 factors needs of intensive nursing care, chronic nursing care problems and helplessness, maintenance of family functioning with a disability, deficient problem solving ability, and simple financial fragility. Conclusion: Categorization of needs is an evidence-based estimator of workload in nurse home visiting services, and can be used as a basic resource for direction to meet the deficit needs of a vulnerable group.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.595-598
• /
• 2014

The cyber attacks of recent attacks that target zero-day exploit security vulnerabilities before the security patch is released (Zero Day) attack, the web site is without the Lord. These attacks, those that use the vulnerability of security that is built into the software itself is in most cases, cyber attacks that use the vulnerability of the security of the source code, in particular, has a characteristic response that are difficult to security equipment. Therefore, it is necessary to eliminate the security vulnerability from step to implement the software to prevent these attacks. In this paper, we try to design a Secure Coding Guide support tool to eliminate the threat of security from the stage of implementation.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.15 no.4
• /
• pp.458-466
• /
• 2012

We have developed a weapon effectiveness evaluation model for top-attack smart munitions(WEEM/TASM), which is a many on many Monte Carlo Model evaluating the effectiveness of top-attack smart munitions against armoured ground vehicles. In this model the battle is reduced to a one-sided battle situation in that the target vehicles are regarded as being stationary and passive. It can simulate the whole attack process of smart munitions from firing artillery dispenser to sensing and hitting processes after dispense. It can also calculate the probability of kill of each target and the numbers of rounds required to fulfill the degree of damage in statistical manners. In this paper, we describe the basis for our design concepts reflected in the model to simulate the weapon effectiveness of top-attack smart munitions and provide simulation results for an example case.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.8 no.3
• /
• pp.49-55
• /
• 2012

Recently, with the rapid development of android-based smartphones, it is becomes a major security issue that the case of Android platform is an open platform. so it is easy to be a target of mobile virus penetration and hacking. Even there are a variety of security mechanisms to prevent the vulnerable points of the Android platform but the reason of most of the security mechanisms were designed at application-level that highly vulnerable to the attacks directly to the operating system or attacks using the disadvantages of an application's. It is necessary that the complementary of the android platform kernel blocks the kernel vulnerability and the application vulnerability. In this paper, we proposed a secure system using linux-based android kernel applied to LIDS(Linux Intrusion Detection and Defense System) and applied a smart phone with s5pc110 chip. As a result, the unauthorized alteration of the application was prevented with a proposed secure system.

• Journal of Korean Society of Disaster and Security
• /
• v.5 no.2
• /
• pp.61-70
• /
• 2012

The range of special management target facilities is seperated by the building sector and the field of civil engineering. In the present study, the risk analysis was performed, related to fire occurred for the last five years, in the field of residential and non-residential facilities in buildings. Most of fire incidents occurred in residential and non-residential facilities was the cause of the electrical, and the resulting casualties were also very high. Therefore, based on the results, the risk evaluation index was developed, identifying the causes of fire occur and doing the fire vulnerability analysis for each facility. The result of this study can be utilized safety management to these facilities for the future, especially, inducing a more specialized and intensive safety management.

• Journal of Korean Society of Environmental Engineers
• /
• v.39 no.12
• /
• pp.741-749
• /
• 2017

This study aims to provide the technical considerations and implications for the development of soil vulnerability assesment tool based on the review of existing tools and case studies applied both domestically and internationally. For this study, we specifically investigated the basic theories and major features implemented in the screening models abroad. In contrast, one case study of prioritizing the vulnerable districts was presented to identify the research trends in Korea. Our literature review suggested that the characteristic of target areas and contaminants needed to be properly incorporated into soil vulnerability assessment because the current tools in Korea neglected these properties which prevented this tool from being used as a correct measure of soil management and prevention. We also reached the conclusion that in terms of technical aspect, the soil vulnerability assessment tool should be developed based on the physical theory and environmental data that were varied over space and time so that the end-users were able to readily and effectively screen soil vulnerability over large areas. In parallel with technical improvement, great effort needed to be devoted to develop an integrated environmental information system that increased the availability of data and shared various types of environmental data through enhanced multi-agency collaboration.

• The KIPS Transactions:PartA
• /
• v.18A no.5
• /
• pp.193-204
• /
• 2011

Since web applications are accessed by anonymous users via web, more security risks are imposed on those applications. In particular, because security vulnerabilities caused by insecure source codes cannot be properly handled by the system-level security system such as the intrusion detection system, it is necessary to eliminate such problems in advance. In this paper, to enhance the security of web applications, we develop a static analyzer for detecting the well-known security vulnerability of PHP file inclusion vulnerability. Using a semantic based static analysis, our vulnerability analyzer guarantees the soundness of the vulnerability detection and imposes no runtime overhead, differently from the other approaches such as the penetration test method and the application firewall method. For this end, our analyzer adopts abstract interpretation framework and uses an abstract analysis domain designed for the detection of the target vulnerability in PHP programs. Thus, our analyzer can efficiently analyze complicated data-flow relations in PHP programs caused by extensive usage of string data. The analysis results can be browsed using a JAVA GUI tool and the memory states and variable values at vulnerable program points can also be checked. To show the correctness and practicability of our analyzer, we analyzed the source codes of open PHP applications using the analyzer. Our experimental results show that our analyzer has practical performance in analysis capability and execution time.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.3-8
• /
• 2012

Smartphones have all the recent technology integration and NFC (Near Field Communication) Technology is one of them and become an essential these days. Despite using smartphones with NFC technology widely, not many security vulnerabilities have been discovered. This paper attempts to identify characteristics and various services in NFC technology, and to present a wide range of security vulnerabilities, prevention, and policies especially in NFC Contactless technology. We describe a security vulnerability and an possible threat based on human vulnerability and traditional malware distribution technic using Peer-to-Peer network on NFC-Enabled smartphones. The vulnerability is as follows: An attacker creates a NFC tag for distributing his or her malicious code to unspecified individuals and apply to hidden spot near by NFC reader in public transport like subway system. The tag will direct smartphone users to a certain website and automatically downloads malicious codes into their smartphones. The infected devices actually help to spread malicious code using P2P mode and finally as traditional DDoS attack, a certain target will be attacked by them at scheduled time.