• 한국안전학회지
• /
• 제33권5호
• /
• pp.51-59
• /
• 2018

It is difficult to determine the outdoor toxic level of hazardous chemicals that are leaked in the building, since there are no efficient ways to calculate how much percentage of the leaked chemicals is released into the outdoor atmosphere. In address to these problems, we propose a reasonable box model that can quantitatively evaluate the mass rate of the indoor chlorine leakage into the outside of the building. The proposed method assumes that the indoor chlorine leakage is fully mixed with the indoor air, and then the mixture of the chlorine and indoor air is exfiltrated into the outside of the building through effective leakage areas of the building. It is found that the exfiltration rate of the mixture of the chlorine and indoor air is strongly dependent on the temperature difference between inside and outside the building than the atmospheric wind speed. As compared with a conventional method that uses a vague mitigation factor, our method is more effective to evaluate the outdoor toxic threat zone of the chlorine that are leaked in the building, because it can consider the degree of airtight of the building in the evaluation of the threat zone.

• 정보보호학회논문지
• /
• 제29권5호
• /
• pp.1133-1151
• /
• 2019

정보보호 분야 중 내부자 위협은 미국 카네기멜런대학 부설 연구소를 중심으로 연구가 꾸준히 이어오고 있을 정도로 중요도가 높다. 이에 반해 우리는 별도 연구기관이 없는 실정이며, 특히 국가 생존과 직결되는 국방 IT 환경에 대한 내부자 위협 연구가 보다 깊이 있게 진행되고 있지 않은 것이 현실이다. 그뿐만 아니라 군의 특수성으로 인해 국방 IT 보안은 학문으로서의 연구가 제한되며, 따라서 개념에 대한 정립조차도 제대로 이루어지지 못하고 있다. 뿐만아니라 환경의 차이로 인해 미국의 기준을 그대로 빌릴 수 없기 때문에, 본 논문에서는 국방 IT 환경을 분석한 뒤 한국군 환경에 적합한 내부자(위협)를 정의하고, 내부자 위협 종류 및 완화방안에 대해 제안해 보고자 한다.

• Journal of Electrical Engineering and Technology
• /
• 제9권3호
• /
• pp.1043-1050
• /
• 2014

Obsolescent control systems for power systems are evolving into intelligent systems and connecting with smart devices to give intelligence to the power systems. As networks of the control system are growing, vulnerability is also increasing. The communication network of distribution areas in the power system connects closely to vulnerable environments. Many cyber-attacks have been founded in the power system, and they could be more critical as the power system becomes more intelligent. From these environment, new communication network architecture and mitigation method against cyber-attacks are needed. Availability and Fault Tree analysis used to show that the proposed system enhances performance of current control systems.

• Journal of Information Processing Systems
• /
• 제15권4호
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• 한국컴퓨터정보학회논문지
• /
• 제17권2호
• /
• pp.127-137
• /
• 2012

최근에 매쉬업(mashups), 웹 3.0, JavaScript, AJAX (Asynchronous JavaScript XML) 등이 널리 사용되면서, 새로운 취약점들이 발견되고 있어 보안 위협이 더 증대되고 있다. 이러한 웹 애플리케이션 취약점과 보안 위협을 효율적으로 완화하기 위해, 그 취약점들을 위험도 기준으로 순서화하여 웹 애플리케이션의 개발 생명주기의 해당 단계에서 우선적으로 고려해야 한다. 본 논문에서는 미국 NVD(National Vulnerability Database)의 웹 애플리케이션 취약점에 대한 데이터를 분석하여, OWASP Top 10 취약점들의 위험도 산정 방법이 타당한 지를 검증하였다. 그 다음, OWASP Top-10 2010과 CWE (Common Weakness Enumeration) 데이터를 중심으로 웹 애플리케이션 취약점 정보를 분석하여 웹 취약점들을 사상시켜 순서화하고, 그 취약점들이 어떤 개발 생명주기 단계와 관련이 있는지를 제시하였다. 이를 통해 효율적으로 웹 보안 위협과 취약점을 예방하거나 완화할 수 있다.

• 한국방재학회:학술대회논문집
• /
• 한국방재학회 2008년도 정기총회 및 학술발표대회
• /
• pp.389-392
• /
• 2008

Warning phase of disaster is a critical period in determining the likely survival of threatened citizens. Elderly requires special attention primarily because they tend to be uncompliant and less likely to cooperate with authorities. But there is much less research on how elderly respond to disaster warnings, while there is a strong consistent empirical literature on older citizen in the recovery periods of disaster. The purpose of this study is to examine coping behavior of elderly when they are at risk of disaster. Data were collected from 130 senior citizens aged over 60 who are residing in Pyungchang and Injae in Kangwon province which had damaged due to heavy rain in 2006. Perry & Lindell(1997)'s index, a series of six categories that represent coping behaviors which progressively approximate the action of evacuating was used : do nothing(1), check environmental cues for evidence of a threat(2), engage in threat-specific property protection(3), engage in protective action for personal safety(4), prepare to evacuate(5), evacuate the areas as instructed in the warning(6). Almost respondents(69.2%) chose the level 6(51.5%) and level 5(17.7%). This proves the elderly are not uncompliant or uncooperative population. Furthermore, this finding emphasizes the importance of public warning in case of disasters. And 13.8% of total respondent checked level 1 for their reaction.

• Advances in nano research
• /
• 제10권4호
• /
• pp.397-414
• /
• 2021

The steady growth in population has led to an enhanced water demand and immense pressure on water resources. Pharmaceutical residues (PRs) are unused or non-assimilated medicines found in water supplies that originate from the human and animal consumption of antibiotics, antipyretics, analgesics etc. These have been detected recently in sewage effluents, surface water, ground water and even in drinking water. Due to their toxicity and potential hazard to the environment, humans and aquatic life, PRs are now categorized as the emerging contaminants (ECs). India figures in the top five manufacturers of medicines in the world and every third pill consumed in the world is produced in India. Present day conventional wastewater treatment methods are ineffective and don't eliminate them completely. The use of nanotechnology via advanced oxidation processes (AOP) is one of the most effective methods for the removal of these PRs. Present study is aimed at reviewing the presence of various PRs in water supplies and also to describe the process of AOP to overcome their threat. This study is also very important in view of World Health Organization report confirming more than 30 million cases of COVID-19 worldwide. This will lead to an alleviated use of antibiotics, antipyretics etc. and their subsequent occurrence in water bodies. Need of the hour is to devise a proper treatment strategy and a decision thereof by the policymakers to overcome the possible threat to the environment and health of humans and aquatic life.

• 한국항해항만학회:학술대회논문집
• /
• 한국항해항만학회 2006년도 International Symposium on GPS/GNSS Vol.1
• /
• pp.9-14
• /
• 2006

This paper develops a complete methodology for the mitigation of ionosphere spatial anomalies by GBAS systems fielded in the Conterminous U.S. (CONUS). It defines an ionosphere anomaly threat model based on validated observations of unusual ionosphere events in CONUS impacting GBAS sites in the form of a linear ‘wave front’ of constant slope and velocity. It then develops a simulation-based methodology for selecting the worst-case ionosphere wave front impact impacting two satellites simultaneously for a given GBAS site and satellite geometry, taking into account the mitigating effects of code-carrier divergence monitoring within the GBAS ground station. The resulting maximum ionosphere error in vertical position (MIEV) is calculated and compared to a unique vertical alert limit, or $VAL_{H2,I}$, that applies to the special situation of worst-case ionosphere gradients. If MIEV exceeds $VAL_{H2,I}$ for one or more otherwise-usable subset geometries (i.e., geometries for which the 'normal' vertical protection level, or $VPL_{H0}$, is less than the 'normal' VAL), the broadcast ${\sigma}_{pr_{-}gnd}$ and/or ${\sigma}_{vig}$ must be increased such that all such potentially-threatening geometries have VPL$_{H0}$ > VAL and thus become unavailable. In addition to surveying all aspects of the methods used to generate the required ${\sigma}_{pr_{-}gnd}$ and ${\sigma}_{vig}$ inflation factors for CONUS GBAS sites, related methods for deriving similar results for GBAS sites outside CONUS are suggested.

• 한국정보통신학회논문지
• /
• 제21권3호
• /
• pp.601-606
• /
• 2017

고성능 디지털 회로 개발과 구현에 사용되는 SRAM 기반 FPGA(Field Programmable Gate Array)는 configuration memory가 SRAM으로 구현되었기 때문에 configuration memory에 소프트 에러가 발생하는 경우 오동작하게 된다. Xilinx사의 FPGA는 configuration memory 영역에 추가된 ECC(Error Correction Code)와 CRC(Cyclic Redundancy Code) 그리고 이들을 활용하는 SEM(Soft Error Mitigation) Controller를 이용하여 이러한 소프트 에러의 영향을 줄일 수 있다. 본 연구에서는 SRAM 기반 FPGA에서 SEM Controller에 의해 configuration memory 영역이 소프트 에러로부터 보호될 때 FPGA의 신뢰도를 가용성 관점에서 해석하고 그 효과를 분석하였다. 이를 위해 FPGA 계열별 SEM Controller의 소프트 에러 정정 성능에 따른 가용성 함수를 유도하고 FPGA 계열별 사례를 적용하여 비교하였다. 연구 결과는 SRAM 기반 FPGA의 선정 및 가용성 예측에 활용될 수 있을 것으로 기대된다.

• 융합보안논문지
• /
• 제20권4호
• /
• pp.135-141
• /
• 2020

국방부는 주기적인 사이버방호 훈련을 실시함에 따라 사이버작전의 전력과 역량을 보강하고 있다. 하지만 적 사이버공격 능력 수준을 고려할 때 군의 사이버방호 능력 수준은 현저히 낮으며 군용 네트워크망에 대한 사이버위협을 대응할 수 있는 보호대책과 대응체계가 명확하게 설계되어 있지 않아 민·관의 사이버보안 능력 수준에도 못 미치고 있는 실태이다. 따라서 본 논문에서는 국내·외 사이버보안 프레임워크를 참조하여 국방 네트워크망 취약점 완화 체계를 구축할 수 있는 요소로 군 특수성을 지닌 군 내부망 주요 위협 정보 및 국방정보시스템 보안 요구사항을 파악하고, 공격자의 의도파악과 전술, 기법 및 절차 정보(ATT&CK)를 적용하여 국방 네트워크 환경에 대한 사이버공격을 효율적으로 보호 해주는 군 내부망 취약점 완화 체계 구축 방안을 제안한다.