• Journal of Information Technology Services
• /
• v.21 no.5
• /
• pp.65-79
• /
• 2022

The smart factory has spread to small and mid-size enterprises (SMEs) under the leadership of the government. Smart factory consists of a work area, an operation management area, and an industrial control system (ICS) area. However, each site is combined with the IT system for reasons such as the convenience of work. As a result, various breaches could occur due to the weakness of the IT system. This study seeks to discover the items and vulnerabilities that SMEs who have difficulties in information security due to technology limitations, human resources, and budget should first diagnose and check. First, to compare the existing domestic and foreign smart factory vulnerability classification systems and improve the current classification system, the latest smart factory vulnerability information is collected from NVD, CISA, and OWASP. Then, significant keywords are extracted from pre-processing, co-occurrence network analysis is performed, and the relationship between each keyword and vulnerability is discovered. Finally, the improvement points of the classification system are derived by mapping it to the existing classification system. Therefore, configuration and maintenance, communication and network, and software development were the items to be diagnosed and checked first, and vulnerabilities were denial of service (DoS), lack of integrity checking for communications, inadequate authentication, privileges, and access control in software in descending order of importance.

• Journal of Korea Water Resources Association
• /
• v.55 no.4
• /
• pp.267-278
• /
• 2022

Recently Flood damage volume has increased as heavy rain has frequently occurred. Especially urban areas are a vulnerability to flooding damage because of densely concentrated population and property. A local government is preparing to mitigate flood damage through the heavy rain warning issued by Korea Meteorological Administration. This warning classification is identical for a national scale. However, Seoul has 25 administrative districts with different regional characteristics such as climate, topography, disaster prevention state, and flood damage severity. This study considered the regional characteristics of 25 administrative districts to analyze the flood vulnerability using entropy weight and Euclidean distance. The rainfall classification was derived based on probability rainfall and flood damage rainfall that occurred in the past. The result shows the step 2 and step 4 of rainfall classification was not significantly different from the heavy rain classification of the Korea Meteorological Administration. The flood vulnerability is high with high climate exposure and low adaptability to climate change, and the rainfall classification is low in the northern region of Seoul. It is possible to preemptively respond to floods in the northern region of Seoul based on relatively low rainfall classification. In the future, we plan to review the applicability of rainfall forecast data using the rainfall classification of results from this study. These results will contribute to research for preemptive flood response measures.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.71-76
• /
• 2012

As the use of Mashups, web3.0, JavaScript and AJAX(Asynchronous JavaScript XML) widely increases, the new security threats for web vulnerability also increases when the web application services are provided. In order to previously diagnose the vulnerability and prepare the threats, in this paper, the classification of security threats and requirements are presented, and the web vulnerability is analyzed for the domestic web sites using WVS(Web Vulnerability Scanner) automatic evaluation tool. From the results of vulnerability such as XSS(Cross Site Scripting) and SQL Injection, the total alerts are distributed from 0 to 31,177, mean of 411, and standard deviation of 2,563. The results also show that the web sites of 22.5% for total web sites has web vulnerability, and the previous defenses for the security threats are required.

• Earthquakes and Structures
• /
• v.4 no.3
• /
• pp.299-324
• /
• 2013

The current research focuses on the seismic vulnerability assessment of typical Southern Europe buildings, based on processing of a large set of observational damage data. The presented study constitutes a sequel of a previous research. The damage statistics have been enriched and a wider damage database (178578 buildings) is created compared to the one of the first presented paper (73468 buildings) with Damage Probability Matrices (DPMs) after the elaboration of the results from post-earthquake surveys carried out in the area struck by the 7-9-1999 near field Athens earthquake. The dataset comprises buildings which developed damage in several degree, type and extent. Two different parameters are estimated for the description of the seismic demand. After the classification of damaged buildings into structural types they are further categorized according to the level of damage and macroseismic intensity. The relative and the cumulative frequencies of the different damage states, for each structural type and each intensity level, are computed and presented, in terms of damage ratio. Damage Probability Matrices (DPMs) are obtained for typical structural types and they are compared to existing matrices derived from regions with similar building stock and soil conditions. A procedure is presented for the classification of those buildings which initially could not be discriminated into structural types due to restricted information and hence they had been disregarded. New proportional DPMs are developed and a correlation analysis is fulfilled with the existing vulnerability relations.

• Journal of Korean Society of Rural Planning
• /
• v.23 no.3
• /
• pp.21-36
• /
• 2017

Climate change is intensifying storms and floods around the world. Where nature has been destroyed by development, communities are at risk from these intensified climate patterns. This study was to suggest a methodology for estimating flood vulnerability using Potential Flood Damage(PFD) concept and classify city/county about Potential Flood Damage(PFD) using various typology techniques. To evaluate the PFD at a spatial resolutions of city/county units, the 20 representative evaluation indexing factors were carefully selected for the three categories such as damage target(FDT), damage potential(FDP) and prevention ability(FPA). The three flood vulnerability indices of FDT, FDP and FPA were applied for the 167 cities and counties in Korea for the pattern classification of potential flood damage. Potential Flood Damage(PFD) was classified by using grouping analysis, decision tree analysis, and cluster analysis, and characteristics of each type were analyzed. It is expected that the suggested PFD can be utilized as the useful flood vulnerability index for more rational and practical risk management plans against flood damage.

• Structural Engineering and Mechanics
• /
• v.91 no.3
• /
• pp.279-289
• /
• 2024

The purpose of this study is to represent a useful alternative for the preliminary seismic vulnerability assessment of existing reinforced concrete buildings by introducing a statistical approach employing the binary logistic regression technique. Two different predictive statistical models, namely full and reduced models, were generated utilizing building characteristics obtained from the damage database compiled after 1999 Düzce earthquake. Among the inspected building parameters, number of stories, overhang ratio, priority index, soft story index, normalized redundancy ratio and normalized lateral stiffness index were specifically selected as the predictor variables for vulnerability classification. As a result, normalized redundancy ratio and soft story index were identified as the most significant predictors affecting seismic vulnerability in terms of life safety performance level. In conclusion, it is revealed that both models are capable of classifying the set of buildings being severely damaged or collapsed with a balanced accuracy of 73%, hence, both are able to filter out high-priority buildings for life safety performance assessment. Thus, in this study, having the same high accuracy as the full model, the reduced model using fewer predictors is proposed as a simple and viable classifier for determining life safety levels of reinforced concrete buildings in the preliminary seismic risk assessment.

• Journal of the Korea Society of Computer and Information
• /
• v.20 no.3
• /
• pp.75-80
• /
• 2015

Vulnerability management is in compliance with security policies, and then, this is to ensure the continuity and availability of the business. In this paper, the application vulnerability management and IT infrastructure of the system is that it must be identified. And a viable vulnerability management plan should be drawn from the development phase. There are many that are not defined vulnerability in the area of identification and authentication, encryption, access control in identification and classification of vulnerabilities. They define the area without missing much in technical, managerial, and operational point of view. Determining whether the response of the identified vulnerability, and to select a countermeasure for eliminating the vulnerability.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.21 no.1
• /
• pp.12-22
• /
• 2018

In order to improve the vulnerability of current cities due to climate change, the disaster vulnerability analysis manual for various disasters is provided. Depending on the spatial units, the disaster vulnerability levels, and the conditions of the climatic factors, the results of the disaster vulnerability analysis will have a significant impact. In this study, relative assessments are conducted by adding the eup, myeon and dong unit in addition to census output area unit to analyze the impact on the spatial unit, and relative changes are analyzed according to the classification stages by expanding the natural classification, which is standardized at level four stage, to level two, four and six stage. The maximum rainfalls(10min, 60min, 24hr) are added for the two limited rainfall characteristics to determine the relativity of disaster vulnerable districts by index. The relative assessment results of heavy rainfall vulnerability index showed that the area ratio of disaster areas by spatial unit was different and the correlation analysis showed that the space analysis between the eup, myeon and dong unit in addition to census output area unit was not consistent. And it can be seen that the proportion of disaster vulnerable districts is relatively different a lot due to indexes of rainfall characteristics, spatial unit analysis and disaster vulnerability level stage. Based on the above results, it can be seen that the ratios of disaster vulnerable districts differ relatively significantly due to the level of the disaster vulnerability class, and the indexes of rainfall characteristics. This suggests that the impact of the disaster vulnerable districts depending on indexes is relatively large, and more detailed indexes should be selected when setting up the disaster vulnerabilities analysis index.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.561-575
• /
• 2023

The information security industry has seen a wide variety of growth over the past few decades. In particular, various solutions have been proposed in terms of technology, management, and institutional aspects. Nevertheless, it should be notedthat security accidents continue to occur every year. This proves that there are limitations to various business changes in the digital era as existing security is being promoted with technology-oriented and prevention-oriented policies. Thus, people-centric security (PCS) has recently become a hot topic in order to escape the limitations of traditional securityapproaches. Through the concept of information security violations, PCS strategic principles, and expert interviews, this studyaims to present a fundamental security incident response plan by classifying human-caused vulnerabilities into 5 categories and classifying them into 21 detailed components.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.79-84
• /
• 2008

In these days, many organizations try to manage their assets in safe way due to fast change in information-communication environment. In Korea, risk analysis and vulnerability analysis for security improvement of critical asset is booming by enforcement of Act on security of information and communication infrastructure. It is obligate that each critical information infrastructure needs to get vulnerability analysis. In this paper, we proposed Object Oriented Asset Classification model for asset analysis and risk analysis.