• Journal of the Korea Society for Simulation
• /
• v.28 no.1
• /
• pp.67-79
• /
• 2019

A warship equipped with Multi Function Radar(MFR) performs operations by evaluating the degree of threats based on threats' symptom and allocating the resource of MFR to the corresponding threats. This study suggests a simulation-based approach and greedy algorithm in order to effectively allocate the resource of an MFR for warships, and compares these two approaches. As a detection probability function depending on the amount of allocations to each threat, we consider linear and exponential functions. Experimental results show that both the simulation-based approach and greedy algorithm allocate resource similarly to the randomly generated threats, and the greedy algorithm outperforms the simulation-based approach in terms of computational perspective. For a various cases of threats, we analyze the results of MFR resource allocation using the greedy algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.5
• /
• pp.135-148
• /
• 2008

The expansion of the internet has made web applications become a part of everyday lift. As a result the number of incidents which exploit web application vulnerabilities are increasing. A large percentage of these incidents are SQL Injection attacks which are a serious security threat to databases with potentially sensitive information. Therefore, much research has been done to detect and prevent these attacks and it resulted in a decline of SQL Injection attacks. However, there are still methods to bypass them and these methods are too complex to implement in real web applications. This paper proposes a simple and effective SQL Query attribute value removal method which uses Static and Dynamic Analysis and evaluates the efficiency through various experiments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.103-111
• /
• 2009

Recently, cyber attacks against public communications networks are getting more complicated and varied. Moreover, in some cases, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual property. Therefore, the issue of cyber attacks is now regarded as a new major threat to national security. The conventional way of operating individual information security systems such as IDS and IPS may not be sufficient to cope with those attacks committed by highly-motivated attackers with significant resources. As a result, the monitoring and control of cyber security, which enables attack detection, analysis and response on a real-time basis has become of paramount importance. This paper discusses how to improve efficiency and effectiveness of national cyber security monitoring and control services. It first reviews major threats to the public communications network and how the responses to these threats are made and then it proposes a new approach to improve the national cyber security monitoring and control services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.107-117
• /
• 2009

Network administrator recognizes the abnormal phenomenon in the managed network by using the alert messages generated in the security devices including the intrusion detection system, intrusion prevention system, firewall, and etc. And then the series of task, which searches for the traffic related to the alert message and analyzes the traffic data, are required to determine where the abnormal phenomenon is the real network security threat or not. There are many alert messages to have to inspect in order to determine the network security situation. Also the much times are needed so that the network administrator can analyze the security condition using existing methods. Therefore, in this paper, we proposed an efficient method for analyzing network security situation using visualization. The proposed method monitors anomalies occurred in the entire IP address's space and displays the detail information of a security event. In addition, it represents the physical locations of the attackers or victims by linking GIS information and IP address. Therefore, it is helpful for network administrator to rapidly analyze the security status of managed network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.3
• /
• pp.95-105
• /
• 2009

Spam call is one of the main security threat in VoIP services. In this paper, we have designed simulation model for performance evaluation of VoIP spam defense mechanism. The simulation model has functions for performance evaluation such as calls generation and input/output comparison. Four representative caller models have been developed for performance evaluation and each model has its own characteristics as statistical parameters. The target mechanism of performance evaluation is SPIT(Spam over Internet Telephony) level decision algorithm, and we have derived SPIT levels of caller models. The performance evaluation model is designed using the DEVS formalism and DEVSJAVA$^{TM}$ is exploited for development and execution of simulation models.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.107-115
• /
• 2012

The level of information protection is relatively low, in comparison with the informatisation in this country. The budget for information protection is also quite marginal at 5% of the entire information-related policy budget. The passive information protection practices by companies, which focus more on the aftermaths, lead to repeated expenses for risk management. The responses to the violation of information protection should be changed from the current aftermaths-oriented focus to prevention and early detection of possible violations. We should also realize that the response to a violation of protected information is not a responsibility of an individual but a joint responsibility of the nation and the industry. South Korea has been working towards to building a systematic foundation since 2004 when guidelines were announced regarding the information protection policy and the safety diagnosis. The current level of safety policies cannot provide a perfect protection against actual violation cases in administrative, technological and physical ways. This research evaluates the level of prevention that the current systematic protection policy offers, and discusses its limitation and possible ways for improvement. It also recommends a list effective measures for protection against information violation that companies can employ to maintain the actual target safety level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.691-705
• /
• 2012

Buffer overflow vulnerability is the most representative one that an attack method and its countermeasure is frequently developed and changed. This vulnerability is still one of the most critical threat since it was firstly introduced in middle of 1990s. Shellcode is a machine code which can be used in buffer overflow attack. Attackers make the shellcode for their own purposes and insert it into target host's memory space, then manipulate EIP(Extended Instruction Pointer) to intercept control flow of the target host system. Therefore, a lot of research to defend have been studied, and attackers also have done many research to bypass security measures designed for the shellcode defense. In this paper, we investigate shellcode defense and attack techniques briefly and we propose our new methodology which can hide shellcode in the 24bit BMP image. With this proposed technique, we can easily hide any shellcode executable and we can bypass the current detection and prevention techniques.

• Korean Journal of Remote Sensing
• /
• v.38 no.1
• /
• pp.73-82
• /
• 2022

Marine fisheries resources face major anthropogenic threat from unregulated fishing activities; thus require precise detection for protection through marine surveillance. Korea developed an efficient land-based small fishing vessel monitoring system using real-time V-Pass data. However, those data directly do not provide information on fishing activities, thus further efforts are necessary to differentiate their activity status. In Korea, especially in Busan, longlining is practiced by many small fishing vessels to catch several types of fishes that need to be identified for proper monitoring. Therefore, in this study we have improved the existing fishing status classification method by applying Hidden Markov Model (HMM) on V-Pass data in order to further classify their fishing status into three groups, viz. non-fishing, longlining and other types of fishing. Data from 206 fishing vessels at Busan on 05 February, 2021 were used for this purpose. Two tiered HMM was applied that first differentiates non-fishing status from the fishing status, and finally classifies that fishing status into longlining and other types of fishing. Data from 193 and 13 ships were used as training and test datasets, respectively. Using this model 90.45% accuracy in classifying into fishing and non-fishing status and 88.23% overall accuracy in classifying all into three types of fishing statuses were achieved. Thus, this method is recommended for monitoring the activities of small fishing vessels equipped with V-Pass, especially for detecting longlining.

• Journal of Veterinary Science
• /
• v.23 no.4
• /
• pp.57.1-57.9
• /
• 2022

Background: Classical swine fever virus (CSFV), the causative agent of classical swine fever (CFS), is a highly contagious disease that poses a serious threat to Chinese pig populations. Objectives: Many provinces of China, such as Shandong, Henan, Hebei, Heilongjiang, and Liaoning provinces, have reported epidemics of CSFV, while the references to the epidemic of CSFV in Yunnan province are rare. This study examined the epidemic characteristics of the CSFV in Yunnan province. Methods: In this study, 326 tissue samples were collected from different regions in Yunnan province from 2015 to 2021. A reverse transcription-polymerase chain reaction (RT-PCR), sequences analysis, and phylogenetic analysis were performed for the pathogenic detection and analysis of these 326 clinical specimens. Results: Approximately 3.37% (11/326) of specimens tested positive for the CSFV by RT-PCR, which is lower than that of other regions of China. Sequence analysis of the partial E2 sequences of eleven CSFV strains showed that they shared 89.0-100.0% nucleotide (nt) and 95.0-100.0% amino acid (aa) homology, respectively. Phylogenetic analysis showed that these novel isolates belonged to the subgenotypes 2.1c and 2.1d, with subgenotype 2.1c being predominant. Conclusions: The CSFV was sporadic in China's Yunnan province from 2015 to 2021. Both 2.1c and 2.1d subgenotypes were found in this region, but 2.1c was dominant.

• Journal of the Korean Society of Environmental Restoration Technology
• /
• v.25 no.5
• /
• pp.29-41
• /
• 2022

Alien species cause problems in various ecosystems, reduce biodiversity, and destroy ecosystems. Due to these problems, the problem of a management plan is increasing, and it is difficult to accurately identify each individual and calculate the number of individuals, especially when researching alien turtle species such as GPS and PIT based on capture. this study intends to conduct an individual recognition study using a UAV. Recently, UAVs can take various sensor-based photos and easily obtain high-definition image data at low altitudes. Therefore, based on previous studies, this study investigated five variables to be considered in UAV flights and produced a test paper using them. OCR was used to monitor the displayed turtles using the manufactured test paper, and this confirmed the recognition rate. As a result, the use of yellow numbers showed the highest recognition rate. In addition, the minimum threat distance was confirmed to be 3 to 6m, and turtles with a shell size of 6 to 8cm were also identified during the flight. Therefore, we tried to propose an object recognition methodology for turtle display text using OCR, and it is expected to be used as a new turtle monitoring technique.