• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.1953-1956
• /
• 2003

현재 기관들은 정보통신기반시설에 대한 위험을 여러 가지 다른 방식으로 분석하고 있다. 또한, 각종 위험관리방법론, 지침 및 절차, 수준 측정 등에서 사용되는 기준들 사이에는 일관성이 없거나 서로 비교할 수가 없는 경우가 많다. 해당 기관의 보안 목표와는 상관없이 보안시스템이 설치 운영되고 있으며 그나마 없는 경우도 많다. 또한 당국에 보고하는 위험 분석 결과와 실제 기관 내에 위험 통제를 하기 위해 사용하는 위험 분석 결과도 서로 다른 경우가 흔하다. 기관 전체 차원에서의 일관성 있는 보안위험관리 방법의 부재로 말미암아 경제적으로 효율적인 위험 관리가 불가능하다고 할 수 있다. 본 논문에서는 이러한 문제점을 해결하기 위하여 정보통신기반시설에 대한 보안위험관리시스템을 제안하고 이에 대한 구현 방안을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.464-465
• /
• 2014

Analysis of characteristics in software vulnerabilities can be used to assess security risks and to determine the resources needed to develop patches quickly to handle vulnerability discovered. Being a new research area, the quantitative aspects of software vulnerabilities and risk assessments have not been fully investigated. However, further detailed studies are required related to the security risk assessment, using rigorous analysis of actual data which can assist decision makers to maximize the returns on their security related efforts. In this paper, quantitative software vulnerability analysis has been presented for major Web browsers (Internet Explorer (IE), Firefox (FX), Chrome (CR) and Safari (SF)) with respect to the Common Vulnerability Scoring System (CVSS). The results show that, almost all the time, vulnerabilities are compromised from remote networks with no authentication required systems, and exploitation aftermath is getting worse.

• Journal of Korean Society for Atmospheric Environment
• /
• v.28 no.1
• /
• pp.22-38
• /
• 2012

Adaptation of climate change is necessary to avoid unexpected impacts of climate change caused by human activities. Vulnerability refers to the degree to which system cannot cope with impacts of climate change, encompassing physical, social and economic aspects. Therefore the quantification of climate change impacts and its vulnerability is needed to identify vulnerable regions and to setup the proper strategies for adaptation. In this study, climate change vulnerability is defined as a function of climate exposure, sensitivity, and adaptive capacity. Also, we identified regions vulnerable to ozone due to climate change in Korea using developed proxy variables of vulnerability of regional level. 18 proxy variables are selected through delphi survey to assess vulnerability over human health sector for ozone concentration change due to climate change. Also, we estimate the weighting score of proxy variables from delphi survey. The results showed that the local regions with higher vulnerability index in the sector of human health are Seoul and Daegu, whereas regions with lower one are Jeollanam-do, Gyeonggi-do, Gwangju, Busan, Daejeon, and Gangwon-do. The regions of high level vulnerability are mainly caused by their high ozone exposure. We also assessed future vulnerability according to the Intergovernmental Panel on Climate Change (IPCC) Special Report on Emissions Scenarios (SRES) A2, A1FI, A1T, A1B, B2, and B1 scenarios in 2020s, 2050s and 2100s. The results showed that vulnerability increased in all scenarios due to increased ozone concentrations. Especially vulnerability index is increased by approximately 2 times in A1FI scenarios in the 2020s. This study could support regionally adjusted adaptation polices and the quantitative background of policy priority as providing the information on the regional vulnerability of ozone due to climate change in Korea.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.18 no.3
• /
• pp.35-51
• /
• 2015

The purpose of this study is to improve the previous groundwater contamination vulnerability assessment method, apply it to the study area, and select priority areas for groundwater management based on the quantitative analysis of groundwater contamination vulnerability. For this purpose, first, the previous 'potential contamination' based on groundwater contamination vulnerability assessment method was upgraded to the methodology considering 'adaptation capacity' which reduced contamination. Second, the weight of groundwater contamination vulnerability assessment factors was calculated based on the analytical hierarchy process(AHP) and the result of survey targeting groundwater experts. Third, Gyeonggi-do was selected as the study area and the improved methodology and weight were implemented with GIS and actual groundwater contamination vulnerability assessment was carried out. Fourth, the priority area for groundwater contamination management was selected based on the quantitative groundwater contamination vulnerability assessment diagram. The improved detailed groundwater contamination vulnerability assessment factors in this study were a total of 15 factors, and 15 factors were analyzed as new and improved weight with higher 'adaptation capacity' than the assessment factor corresponding to the previous 'potential contamination' in the weight calculation result using AHP. Also, the result of groundwater contamination vulnerability assessment in Gyeonggi Province using GIS showed that Goyang and Gwangmyeong which were adjacent to Seoul had a high groundwater contamination vulnerability and Pocheon and Yangpyeong County had a relatively low groundwater contamination vulnerability. In this study, the previous groundwater contamination vulnerability assessment was improved and applied to study areas actually. The result of this study can be utilized both directly and indirectly for the groundwater management master plan at national and local government level in the future.

• Journal of Korea Water Resources Association
• /
• v.55 no.1
• /
• pp.85-97
• /
• 2022

In this study, a method for an integrated flood risk mapping was proposed that simultaneously considers the flood inundation map indicating the degree of risk and the disaster vulnerability index. This method creates a new disaster map that can be used in actual situations by providing various and specific information on a single map. In order to consider the human, social and economic factors in the disaster map, the study area was divided into exposure, vulnerability, responsiveness, and recovery factors. Then, 7 indicators for each factor were extracted using the GIS tool. The data extracted by each indicator was classified into grades 1 to 5, and the data was selected as a disaster vulnerability index and used for integrated risk mapping by factor. The risk map for each factor, which overlaps the flood inundatoin map and the disaster vulnerability index factor, was used to establish an evacuation plan by considering regional conditions including population, assets, and buildings. In addition, an integrated risk analysis method that considers risks while converting to a single vulnerability through standardization of the disaster vulnerability index was proposed. This is expected to contribute to the establishment of preparedness, response and recovery plans for providing detailed and diverse information that simultaneously considers the flood risk including social, humanistic, and economic factors.

• Journal of Convergence for Information Technology
• /
• v.9 no.8
• /
• pp.35-44
• /
• 2019

The purpose of this study is to find out quantitative vulnerability assessment about COTS(Commercial Off The Shelf) O/S based I&C System. This paper analyzed vulnerability's lifecycle and it's impact. this paper is to develop a quantitative assessment of overall cyber security risks and vulnerabilities I&C System by studying the vulnerability analysis and prediction method. The probabilistic vulnerability assessment method proposed in this study suggests a modeling method that enables setting priority of patches, threshold setting of vulnerable size, and attack path in a commercial OS-based measurement control system that is difficult to patch an immediate vulnerability.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.945-950
• /
• 2017

Due to the vulnerability of the software, there is a hacking attack on the country's cyber infrastructure and real financial assets. Software is an integral part of the operating system and execution system that controls and operates Internet information provision, cyber financial settlement and cyber infrastructures. Analyzing these software vulnerabilities and enhancing security will enhance the security of cyber infrastructures and enhance the security of actual life in the actual country and people. Software development security system analysis and software development Security diagnosis analysis and research for enhancing security of software vulnerability. In addition, we will develop a textbook for the training of software vulnerability diagnosis and maintenance education, develop pilot test problems, pilot test of diagnostic staff, The purpose of this study is to enhance the software security of the cyber infrastructures of national and national life by presenting curriculum and diagnosis guide to train the software vulnerability examiner.

• Journal of Korea Water Resources Association
• /
• v.46 no.2
• /
• pp.183-193
• /
• 2013

Selecting the evaluation index to determine water resources system design yield is an important problem for water resources engineers. Reliability, resilience and vulnerability are three widely used indices for yield analysis. However, there is an overlap region between indices as well as resilience and vulnerability can show improvement in non-monotonic phenomena although yield condition becomes worse. These problems are usually not recognized and the decisions are made according to calculated estimates in real situation. The reason for this is caused by a diverse characteristics of water resources system such as seasonal variability of hydrologic characteristics and water demands. In this study, the applicability of resilience and vulnerability for multi indices application in addition to reliability which is applied generally is examined. Based on highly seasonal irrigation water demand ratio, the correlation and non-monotonic phenomena of each index are analyzed for seven selected reservoirs. Yongdam reservoir which supplies constant water supply showed the general tendency, but Chungju, Andong, Namgang and other reservoirs which supplies irrigation water showed clear non-monotonic phenomena in resilience and vulnerability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.357-365
• /
• 2012

NFC(Near Field Communication),the short-distance communication protocol, is a technology with a wide range of application applied to smart phones. In particular, many of the services in NFC environments utilize users' privacy information. Privacy information used in such services leads to new vulnerability due to the very features of NFC technology and of NFC devices represented by smart phones. Therefore, the purpose of this study is to suggest a methodology that analyzes privacy vulnerability resulting from a NFC environments in technological, managerial and institutional aspects and a methodology aimed to establish a countermeasure to augment them. Also, this study will suggest vulnerability and countermeasures accordingly in domestic NFC service drawn out through the above methodologies and a countermeasure to improve the vulnerability. It is expected that various safe countermeasures for privacy protection in NFC environments will be established through the suggested methodologies.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.46 no.4
• /
• pp.218-228
• /
• 2023

Maintaining sea superiority through successful mission accomplishments of warships is being proved to be an important factor of winning a war, as in the Ukraine-Russia war. in order to ensure the ability of a warship to perform its duties, the survivability of the warship must be strengthened. In particular, among the survivability factors, vulnerability is closely related to a damage assessment, and these vulnerability data are used as basic data to measure the mission capability. The warship's mission capability is usually measured using a wargame model, but only the operational effects of a macroscopic view are measured with a theater level resolution. In order to analyze the effectiveness and efficiency of a weapon system in the context of advanced weapon systems and equipments, a warship's mission capability must be measured at the engagement level resolution. To this end, not the relationship between the displacement tonnage and the weight of warheads applied in the theater level model, but an engagement level resolution vulnerability assessment method that can specify physical and functional damage at the hit position should be applied. This study proposes a method of measuring a warship's mission capability by applying the warship vulnerability assessment method to the naval engagement level analysis model. The result can be used as basic data in developing engagement algorithms for effective and efficient operation tactics to be implemented from a single unit weapon system to multiple warships.