• Journal of Climate Change Research
• /
• v.3 no.1
• /
• pp.51-69
• /
• 2012

This work aims to propose a vulnerability assessment methodology of ecosystem at present time, and an to suggest an adaptation strategy of ecosystem in the future for local government, in the fields of plant, animal and conservation area, which would occurred due to climate change. Vulnerability assessment in ecosystem includes first, tree growth and distribution part, mainly for conifers, secondly, insect part for pest and bee, and thirdly conservation area management part, especially at the national parks. To evaluate the degree of vulnerability of each substitute variables, such as exposure of climatic element, sensitivity, and adaptation ability, are respectively selected. Vulnerabilities of conifer growth and distribution, pest and bee, and national park management seem to be strongly influenced by the exposure of climatic element than other factors, such as sensitivity and adaptation ability. With time regional gaps of ecosystem vulnerability are expected to be greater in both conifers growth and distribution, and national park management, but reduced in pest and bee in 2100 in comparison with present time.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.25 no.1
• /
• pp.1-8
• /
• 2019

In December 2017, many collision accidents of small vessels, such as those between oil refineries and fishing boats, occurred near Yeonghung-do in Incheon. In order to prevent marine casualties from small vessels, the government is striving to improve the safety capabilities of ship operators by strengthening education and improving the working environment. They are providing education and refining training regulations for fishermen operating vessels under 5 tons. However, the situation includes certain vulnerabilities. In this study, we propose a collision prevention algorithm for small vessels using the Wireless Access in Vehicular Environments (WAVE) communication system, which is a new communication technique to prevent collisions with small ships. The collision avoidance algorithm used is based on DCPA/TCPA. Research analyses, simulation experiments and questionnaires have been conducted to define the criteria of DCPA/TCPA. As a result, the standard for DCPA was $8(L_a+L_b)$ and for TCPA was 2.5 min. Three different accident cases were selected, and this algorithm was applied to confirm alarm responses at certain times. This algorithm can provide information to the operators of small ships in advance to help them recognize potential collision situations.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.9
• /
• pp.504-509
• /
• 2019

Recently, both wireless communications technology and the performance of small devices have developed exponentially, while the number of services using various types of Internet of Things (IoT) devices has also massively increased in line with the ongoing technological and environmental changes. Furthermore, ever more devices that were previously used in the offline environment-including small-size sensors and CCTV-are being connected to the Internet due to the huge increase in IoT services. However, many IoT devices are not equipped with security functions, and use vulnerable open source software as it is. In addition, conventional network equipment, such as switches and gateways, operates with vulnerabilities, because users tend not to update the equipment on a regular basis. Recently, the simple vulnerability of IoT devices has been exploited through the distributed denial of service (DDoS) from attackers creating a large number of botnets. This paper proposes a system that is capable of identifying Internet-connected devices quickly, analyzing and managing the vulnerability of such devices using Internet-wide scan technology. In addition, the vulnerability analysis rate of the proposed technology was verified through collected banner information. In the future, the company plans to automate and upgrade the proposed system so that it can be used as a technology to prevent cyber attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.863-871
• /
• 2018

Existing vulnerability analysis tools are prone to missed detections, incorrect detections, and over-detection, which reduces accuracy. In this paper, cross-checking based on a vulnerability detection method using static and dynamic analysis is proposed, which develops and manages safe applications and can resolve and analyze these problems. Risks due to vulnerabilities are computed, and an intelligent vulnerability detection technique is used to improve accuracy and evaluate risks under the final version of the application. This helps the development and execution of safe applications. Through incorporation of tools that use static analysis and dynamic analysis techniques, our proposed technique overcomes weak points at each stage, and improves the accuracy of vulnerability detection. Existing vulnerability risk-evaluation systems only evaluate self-risks, whereas our proposed vulnerability risk-evaluation system reflects the vulnerability of self-risk and the detection accuracy in a complex fashion to evaluate relative. Our proposed technique compares and analyzes existing analysis tools, such as lists for detections and detection accuracy based on the top 10 items of SANS at CWE. Quantitative evaluation systems for existing vulnerability risks and the proposed application's vulnerability risks are compared and analyzed. We developed a prototype analysis tool using our technique to test the application's vulnerability detection ability, and to show that our proposed technique is superior to existing ones.

• Korean Journal of Psychosomatic Medicine
• /
• v.28 no.2
• /
• pp.99-107
• /
• 2020

Fibromyalgia is a disorder characterized by the core symptom of chronic widespread pain, along with fatigue, sleep disturbances, mood changes, and cognitive difficulties. The etiology of fibromyalgia involves a combination of biological factors, such as genetic vulnerability, alterations in pain processing and stress response system ; psychological factors, such as anxiety, depression, anger, and perceived stress ; environmental factors, such as infections, febrile diseases, and trauma. Central sensitization, which is amplified in the process of sensory stimulation, has been emphasized as a key etiological factor, as supported by enhanced wind-up, delayed aftersensation, decreased nociceptive flexion reflex threshold and functional imaging studies. Several guidelines recommend that a multimodal approach be used to treat fibromyalgia, including both pharmacological and non-pharmacological treatments, tailored to each individual, and that clinicians should provide an intellectual framework through sufficient education and emphasis on the importance of self-management. The prevalence of mood disorders, anxiety disorders, and other psychiatric problems is 7-9 times higher in patients with fibromyalgia than in the general population ; moreover, the association between fibromyalgia and certain psychopathologies or sleep problems has also been suggested. Since psychiatric problems, with shared vulnerabilities and risk factors, interact with fibromyalgia bidirectionally and also affect the disease course, an integrated management approach is needed to determine the risk of comorbidities.

• Journal of Navigation and Port Research
• /
• v.45 no.1
• /
• pp.26-32
• /
• 2021

In ocean field, the spread of the Fourth Industrial Revolution based on information and communication technology requires high precision and stable PNT&D (Position, Navigation, Timing and Data). As the IMO (International Maritime Organization) and IALA (The International Association of Marine Aids to Navigation and Lighthouse Authorities) are requiring backup systems due to mitigate vulnerabilities and the increase of dependency on GNSS (Global Navigation Satellite System), Korea is conducting a research & development of R-Mode. An DGPS (Differentiate Global Positioning System) reference station that uses MF, an existing maritime infrastructure, and AIS (Automatic Identification System) base stations that use 34 integrity station and VHF will be utilized in this study to avoid redundant investment. Because there are radio shadow areas that display low signal levels in the west sea, the establishment of new R-Mode reference and integrity station will be intended to resolve problems regrading the radio shadow area. Because the frequency has a characteristic in that radio wave transmits well along the ground (water surface) in low frequency band, simulation and measurement were conducted therefore this paper to propose candidate sites for R-Mode reference and integrity station resulted through p wave's propagation characteristics analysis. Using this paper, R-Mode reference and integrity station can be established at appropriate locations to resolve radio shadow areas in other regions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.41-52
• /
• 2010

Message authentication is an essential security element in vehicular ad-hoc network(VANET). For a secure message authentication, integrity, availability, privacy preserving skill, and also efficiency in various environment should be provided. RAISE scheme has been proposed to provide efficient message authentication in the environment crowded with lots of vehicles and generally considered to be hard to provide efficiency. However, as the number of vehicles communicating in the area increases, the overhead is also incurred in proportion to the number of vehicles so that it still needs to be reduced, and the scheme is vulnerable to some attacks. In this paper, to make up for the vulnerabilities in dense vehicular communication network, we propose a more secure and efficient scheme using a process that RSU(Road Side Unit) transmits the messages of neighbor vehicles at once with Bloom Filter, and timestamp to protect against replay attack. Moreover, by adding a handover function to the scheme, we simplify the authentication process as omitting the unnecessary key-exchange process when a vehicle moves to other area. And we confirm the safety and efficiency of the scheme by simulating the false positive probability and calculating the traffic.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.63-72
• /
• 2010

RFID is one of useful identification technology in ubiquitous environments which can be a replacement of bar code. RFID is basically consisted of tag, reader, which is for perception of the tag, and back-end-database for saving the information of tags. Although the usage of mobile readers in cellular phone or PDA increases, related studies are not enough to be secure for practical environments. There are many factors for using mobile leaders, instead of static leaders. In mobile reader environments, before constructing the secure protocol, we must consider these problems: 1) easy to lose the mobile reader 2) hard to keep the connection with back-end-database because of communication obstacle, the limitation of communication range, and so on. To find the solution against those problems, Han et al. suggest RFID mutual authentication protocol without back-end-database environment. However Han et al.'s protocol is able to be traced tag location by using eavesdropping, spoofing, and replay attack. Passive tag based on low cost is required lots of communication unsuitably. Hence, we analyze some vulnerabilities of Han et al.'s protocol and suggest RFID mutual authentication protocol without online back-end-database in aspect of efficiency and security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1115-1130
• /
• 2020

Modern vehicles are equipped with a number of ECUs(Electronic Control Units), and ECUs can control vehicles efficiently by communicating each other through CAN(Controller Area Network). However, CAN bus is known to be vulnerable to cyber attacks because of the lack of message authentication and message encryption, and access control. To find these security issues related to vehicle hacking, CAN Fuzzing methods, that analyze the vulnerabilities of ECUs, have been studied. In the existing CAN Fuzzing methods, fuzzing inputs are randomly generated without considering the structure of CAN messages transmitted by ECUs, which results in the non-negligible fuzzing time. In addition, the existing fuzzing solutions have limitations in how to monitor fuzzing results. To deal with the limitations of CAN Fuzzing, in this paper, we propose a Non-Random CAN Fuzzing, which consider the structure of CAN messages and systematically generates fuzzing input values that can cause malfunctions to ECUs. The proposed Non-Random CAN Fuzzing takes less time than the existing CAN Fuzzing solutions, so it can quickly find CAN messages related to malfunctions of ECUs that could be originated from SW implementation errors or CAN DBC(Database CAN) design errors. We evaluated the performance of Non-Random CAN Fuzzing by conducting an experiment in a real vehicle, and proved that the proposed method can find CAN messages related to malfunctions faster than the existing fuzzing solutions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1087-1101
• /
• 2020

Various security devices are used to protect internal networks and valuable information from rapidly evolving cyber attacks. Firewall, which is the most commonly used security device, tries to prevent malicious attacks based on a text-based filtering rule (i.e., access control policy), by allowing or blocking access to communicate between inside and outside environments. However, in order to protect a valuable internal network from large networks, it has no choice but to increase the number of access control policy. Moreover, the text-based policy requires time-consuming and labor cost to analyze various types of vulnerabilities in firewall. To solve these problems, this paper proposes a 3D-based hierarchical visualization method, for intuitive analysis and management of access control policy. In particular, by providing a drill-down user interface through hierarchical architecture, Can support the access policy analysis for not only comprehensive understanding of large-scale networks, but also sophisticated investigation of anomalies. Finally, we implement the proposed system architecture's to verify the practicality and validity of the hierarchical visualization methodology, and then attempt to identify the applicability of firewall data analysis in the real-world network environment.