• Journal of Korea Multimedia Society
• /
• v.17 no.12
• /
• pp.1494-1502
• /
• 2014

Since smartphones are utilized in the ranges from personal usages to governmental data exchanges, known but not patched vulnerabilities in smartphone operating systems are considered as major threats to the public. To minimize potential security breaches on smartphones, it is necessary to estimate possible security threats. So far, there have been numerous studies conducted to evaluate the security risks caused by mobile devices qualitatively, but there are few quantitative manners. For a large scale risk evaluation, a qualitative assessment is a never ending task. In this paper, we try to calculate relative risk levels triggered by software vulnerabilities from unsecured smartphone operating systems (Android and iOS) among 51 Asian countries. The proposed method combines widely accepted risk representation in both theory and industrial fields. When policy makers need to make a strategic decision on mobile security related agendas, they might find the presented approach useful.

• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.9-14
• /
• 2004

OVAL은 시스템의 특성 및 설정 정보를 대상으로 하여 로컬 시스템상의 취약점을 탐지 할 수 있는 표준 언어로서 MITRE에서 제안하였다. OVAL은 취약점을 정의하는 익스플로잇스크려트를 사용하지 알고 취약점을 탐지하는 XML 스키마와 SQL 질의문으로 구성되어있다. 본 논문에서는 OVAL을 사용하여 리눅스 시스템의 취약점을 탐지 할 수 있는 진단 도구를 설계한다.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.05a
• /
• pp.347-354
• /
• 2003

현업무연속성 관점에서 IDEF 접근방법에 의해서 주요 업무 프로세스를 파악하고, 관련 정보자산을 Skandia 모형으로 식별 한 후에, OCTAVE 접근방법에 의해서 위협을 단계적으로 분석하기 위해서, Nessus Version 1.4.2 를 이용하여 도서관 정보시스템 중에서 가장 중요한 자산인 서버에 대해서 취약성을 평가했다. 기존 OCTAVE 접근방법에 IDEF 접근방법과 Skandia 모형을 동시에 이용하는 수정된 OCTAVE 접근방법을 이용한 취약성 평가 사례를 제시했다.

• International journal of steel structures
• /
• v.18 no.4
• /
• pp.1200-1209
• /
• 2018

In this study, a probabilistic framework of the damage assessment of pipelines subjected to extreme hazard scenario was developed to mitigate the risk and enhance design reliability. Nonlinear 3D finite element models of T-joint systems were developed based on experimental tests with respect to leakage detection of black iron piping systems, and a damage assessment analysis of the vulnerability of their components according to nominal pipe size, coupling type, and wall thickness under seismic wave propagations was performed. The analysis results showed the 2-inch schedule 40 threaded T-joint system to be more fragile than the others with respect to the nominal pipe sizes. As for the coupling types, the data indicated that the probability of failure of the threaded T-joint coupling was significantly higher than that of the grooved type. Finally, the seismic capacity of the schedule 40 wall thickness was weaker than that of schedule 10 in the 4-inch grooved coupling, due to the difference in the prohibition of energy dissipation. Therefore, this assessment can contribute to the damage detection and financial losses due to failure of the joint piping system in a liquid pipeline, prior to the decision-making.

• Journal of Korea Water Resources Association
• /
• v.52 no.6
• /
• pp.441-449
• /
• 2019

Drought is a longer lasting and more extensive disaster than other natural disasters, resulting in significant socioeconomic damage. Even though drought events have same severity, their damage vary from region to region because of spatial, technical, economic, and social circumstances. In this study, drought vulnerability was assessed considering socioeconomic factors. Preliminary factors were identified from the case study for Chungcheong province, and evaluative factors were selected by applying the principal component analysis. The entropy method was applied to determine the weights of evaluative factors. As a result, in Chungcheong province, farm population, number of recipient of basic living, water fare gap indicator, area of industrial complex, amount of underground water usage, amount of water available per capita, water supply ratio, financial soundness for water resources, amount of domestic water usage, amount of agricultural water usage and agricultural land area were chosen as the evaluative factors. Among them, the factors associated with agriculture had larger weights. The overall assessment of vulnerability indicated that Cheongju, Dangjin and Seosan were the most vulnerable to drought.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.9 no.3
• /
• pp.1-13
• /
• 2006

The aim of the study is to assess groundwater pollution hazard of Pohang city using the DRASTIC system developed by the US Environmental Protection Agency (USEPA). Hydrogeological spatial databases of the system include information on depth to groundwater, net recharge, aquifer media, soil media, topographic slope, hydraulic conductivity, lineament and potential pollution source. With GIS based on these hydrogeological databases and the DRASTIC system, the regional groundwater vulnerability of the study area was assessed. Then the vulnerability was overlaid with potential pollution source and the regional groundwater pollution hazard was assessed by administrative district. From the results of the study, areas where need the counter plan for groundwater pollution and where should be managed for the groundwater pollution, are identified.

• Journal of The Korean Society of Agricultural Engineers
• /
• v.63 no.4
• /
• pp.65-86
• /
• 2021

This study aims at testing a hypothesis that the resilience of agricultural water systems is characterized by trade-offs and synergies of effects from climate and socioeconomic change. To achieve this, an Agricultural Water System Climate Resilience Assessment (ACRA) framework is established to evaluate comprehensive resilience of an agricultural water system to the combined impacts of the climate and socioeconomic changes with a case study in South Korea. Understanding dynamic behaviors of the agricultural water systems under climate and socioeconomic drivers is not straightforward because the system structure includes complex interactions with multiple feedbacks across components in water and agriculture sectors and climate and socioeconomic factors, which has not been well addressed in the existing decision support models. No consideration of the complex interactions with feedbacks in a decision making process may lead to counterintuitive and untoward evaluation of the coupled impacts of the climate and socioeconomic changes on the system performance. In this regard, the ACRA framework employs a System Dynamics (SD) approach that has been widely used to understand dynamics of the complex systems with the feedback interactions. In the ACRA framework applied to the case study in South Korea, the SD model works along with HOMWRS simulation. The ACRA framework will help to explore resilience-based strategies with infrastructure investment and management options for agricultural water systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1179-1189
• /
• 2019

Cyber security evaluation is a series of processes that estimate the level of risk of assets and systems through asset analysis, threat analysis and vulnerability analysis and apply appropriate security measures. In order to prepare for increasing cyber attacks, systematic cyber security evaluation is required. Various indicators for measuring cyber security level such as CWSS and CVSS have been developed, but the quantitative method to apply appropriate security measures according to the risk priority through the standardized security evaluation result is insufficient. It is needed that an Scoring system taking into consideration the characteristics of the target assets, the applied environment, and the impact on the assets. In this paper, we propose a quantitative risk assessment model based on the analysis of existing cyber security scoring system and a method for quantification of assessment factors to apply to the established model. The level of qualitative attribute elements required for cyber security evaluation is expressed as a value through security requirement weight by AHP, threat influence, and vulnerability element applying probability. It is expected that the standardized cyber security evaluation system will be established by supplementing the limitations of the quantitative method of applying the statistical data through the proposed method.

• Earthquakes and Structures
• /
• v.24 no.4
• /
• pp.275-288
• /
• 2023

Based on the crucial role of high-speed railway bridges (HSRBs) in the safety of high-speed railway operations, it is an important approach to mitigate earthquake hazards by proceeding with seismic risk assessments in their whole life. Bridge seismic risk assessment, which usually evaluates the seismic performance of bridges from a probabilistic perspective, provides technical support for bridge risk management. The seismic performance of bridges is greatly affected by the degradation of material properties, therefore, material damage plays a nonnegligible role in the seismic risk assessment of the bridge. The effect of material damage is not considered in most current studies on seismic risk analysis of bridges, nevertheless. To fill the gap in this area, in this paper, a nonlinear dynamic time-history analysis has been carried out by establishing OpenSees finite element model, and a seismic vulnerability analysis is carried out based on the incremental dynamic analysis (IDA) method. On this basis, combined with the site risk analysis, the time-dependent seismic risk analysis of an offshore three-span HSRB in the whole life cycle has been conducted. The results showed that the seismic risk probabilities of both components and system of the bridge increase with the service time, and their seismic risk probabilities increase significantly in the last service period due to the degradation of the material strength, which demonstrates that the impact of durability damage should be considered when evaluating the seismic performance of bridges in the design and service period.

• Multiscale and Multiphysics Mechanics
• /
• v.1 no.2
• /
• pp.143-156
• /
• 2016

Reinforced concrete (RC) structures require advanced analysis techniques for better estimation of their seismic responses, especially in the case of exhibiting complex three-dimensional coupling of torsional and flexural behaviors. This study focuses on validating a numerical approach for evaluating the seismic response of a three-dimensional unsymmetrical RC structure through the participation in the SMART 2013 international benchmark program. The benchmark program provides material properties, detailed drawings of the RC structure, and input ground motions for the seismic response evaluation. In this study, nonlinear constitutive models of concrete and rebar were formed and local tests were conducted to verify the constitutive models in finite element analysis. Elastic calibration of the finite element model of the SMART 2013 RC structure was performed by comparing numerical and experimental results in modal and linear time history analyses. Using the calibrated model, nonlinear earthquake analysis and seismic fragility analysis were performed to estimate the behavior and vulnerability of the RC structure with various ground motions.