• Journal of the Korean GEO-environmental Society
• /
• v.18 no.1
• /
• pp.37-47
• /
• 2017

The Mekong River plays an extremely important role in Southeast Asia. Flowing through six countries, including China, Myanmar, Thailand, Laos PDR, Cambodia, and Vietnam, it is a site of great biological and ecological diversity and the habitat of numerous species of fish. It also supports a very large population that lives along the river basin. Therefore, much attention has been focused on the giant Mekong River Basin, particularly, its soil erosion and sedimentation problems. In fact, many methods have been used to calculate and simulate these problems. However, in the case of the Mekong River Basin, the available data is limited because of the extreme size of the area (about $795,000km^2$) and lack of equipment systems in the countries through which the Mekong River flows. In this study, we applied the Universal Soil Loss Equation (USLE) model in a GIS (Geographic Information System) framework to calculate the amount of soil erosion and sediment load during the selected period, from 1951 to 2007. The result points out dangerous areas, such as the Upper Mekong River Basin and 3S Basin (containing the Sekong, Sesan, and Srepok Rivers) that are suffering the serious consequences of soil erosion problems. Moreover, the present model is also useful for supporting river basin management in the implementation of sustainable management practices in the Mekong River Basin and other basins.

• Journal of Internet Computing and Services
• /
• v.8 no.4
• /
• pp.81-91
• /
• 2007

Binding update for the routing optimization in MIPv6 can make the involved nodes vulnerable to various attacks. Therefore, secure binding update becomes an important research issue in MIPv6, and several protocols have been proposed for this purpose. In this paper, we compare several existing binding update protocols such as RR, SUCV and OMIPv6 and analyze the vulnerability of nodes to the possible attacks and drawbacks of address management and scalability and overhead of encryption operations. Then, we suggest the design requirements for the secure binding update and propose an advanced protocol based on the design principle. Through the analysis, we show that our protocol can achieve a higher level of security against the various attacks and enable better management of address, provide the location privacy and reduce the computational overhead of mobile nodes with constraint computational power.

• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.267-274
• /
• 2006

The process of binding update for the routing optimization in MIPv6 can make the involved MN (Mobile Node) and CN(Correspondent Node) vulnerable to various attacks. Therefore, securing binding update process becomes an important research issue in the MIPv6, and several secure binding update protocols have been proposed. In this paper, we compare several existing binding update protocols, and analyze the vulnerability of MNs and CNs to the possible attacks and the management overhead of the SUCV(Statistic Uniqueness and Cryptographic Verifiability) which is considered to be superior to other protocols. Then, we propose an advanced protocol to resolve above drawbacks. Through the detailed analysis, we show that our protocol can reduce the computational overhead of MN, enable better management, and achieve a higher level of security against the redirect attacks, DoS(Denial of Service) attacks and brute force attacks, compared to SUCV.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.207-212
• /
• 2021

A buffer overflow attack is carried out to subvert privileged program functions to gain control of the program and thus control the host. Buffer overflow attacks should be prevented by risk managers by eradicating and detecting them before the software is utilized. While calculating the size, correct variables should be chosen by risk managers in situations where fixed-length buffers are being used to avoid placing excess data that leads to the creation of an overflow. Metamorphism can also be used as it is capable of protecting data by attaining a reasonable resistance level [1]. In addition, risk management teams should ensure they access the latest updates for their application server products that support the internet infrastructure and the recent bug reports [2]. Scanners that can detect buffer overflows' flaws in their custom web applications and server products should be used by risk management teams to scan their websites. This paper presents an experiment of buffer overflow vulnerability and attack. The aims to study of a buffer overflow mechanism, types, and countermeasures. In addition, to comprehend the current detection plus prevention approaches that can be executed to prevent future attacks or mitigate the impacts of similar attacks.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.10
• /
• pp.67-78
• /
• 2003

As optical network technology advances and high bandwidth Internet is demanded for the exponential growth of internet traffic volumes, the Dense-Wavelength Division Multiplexing (DWDM) networks have been widely accepted as a promising approach to the Next Generation Optical Internet (NGOI) backbone networks for nation wide or global coverage. Important issues in the NGOI based on DWDM networks are the Routing and Wavelength Assignment(RWA) problem and survivability. Especially, fault/attack detection, localization and recovery schemes in All Optical Transport Network(AOTN) is one of the most important issues because a short service disruption in DWDM networks carrying extremely high data rates causes loss of vast traffic volumes. In this paper, we suggest a fault/attack management model for NGOI through analyzing fault/attack vulnerability of various optical backbone network devices and propose fault/attack recovery procedure considering Extended-LMP(Link Management Protocol) and RSVP-TE+(Resource Reservation Protocol-Traffic Engineering) as control protocols in IP/GMPLS over DWDM.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.155-164
• /
• 2016

In this paper, we investigate and analyze big data platform published at home and abroad. The results had a problem with personal information security on each platform. In particular, there was a vulnerability in the encryption of personal information stored in big data representative of HBase NoSQL DB that is commonly used for big data platform. However, data encryption and decryption cause the system load. In this paper, we propose a method of encryption with HBase, encryption and decryption systems, and methods for applying the personal information management system (PMIS) for each step of the way and big data platform to reduce the load on the network to communicate. And we propose a new big data platform that reflects this. Therefore, the proposed Big Data platform will greatly contribute to the activation of Big Data used to obtain personal information security and system performance efficiency.

• Journal of Information Technology Applications and Management
• /
• v.28 no.3
• /
• pp.49-58
• /
• 2021

Due to the increasing interest in wellness aroused by the aging population and the pursuing feature of active old age, Korean elderly set importance on long life with their healthy condition. Following the change in the paradigm of the medical delivery system from hospital-oriented, treatment-oriented to personal-centered and self-care, Service design application of Smart Healthcare for the elderly became valuable. Smart Healthcare is a healthcare service provided through the fusion of ICT technologies including mobile/wearable devices, IoT, big data, and information technology, and it is utilized to prevent diseases managing abundant health information and living habits. As a methodology for delivering such Smart Healthcare to the elderly, Service design can be adopted. Therefore, this study would like to present the perquisites of Smart Healthcare design for the elderly through analyzing the results from in-depth interview methods between the elderly and medical staff. As a result of this study, guidelines for Service design application of health vulnerability management for the elderly utilizing smart phones were presented. Therefore, this study presented four prerequisites composed of 'high level of supplementation and ethical decision making', 'improvement of inequality in accessibility and experience', 'resolving problems in policy implementation' and 'user-friendliness' for the Smart Healthcare service design for the elderly. Overall, Service design is expected to play an innovative role in improving the quality of life for the elderly through the process of collecting and delivering information on Smart Healthcare centered on the experience of the elderly.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.135-140
• /
• 2022

Scientific and technological progress is also fundamental to the evolving merchant shipping industry, both in terms of the size and speed of modern ships and in the level of their technical capabilities. While the freight performance of ships is growing, the number of crew on board is steadily decreasing, as more work processes are being automated through the implementation of information technologies, including ship management systems. Although there have been repeated appeals from international maritime organizations to focus on building effective maritime security defenses against cyber attacks, the problems have remained unresolved. Owners of shipping companies do not disclose information about cyberattack attempts or incidents against them due to fear of commercial losses or consequences, such as loss of image, customer and insurance claims, and investigations by independent international organizations and government agencies. Issues of cybersecurity of control systems in the world today have gained importance, due to the fact that existing threats concern not only the security of technical means and devices, but also issues of environmental safety and safety of life at sea. The article examines the implementation of cyber risk management in the shipping industry, providing recommendations for the safe ship operation and its systems in order to improve vulnerability to external threats related to cyberattacks, and to ensure the safety and security of such a technical object as a seagoing ship.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.306-309
• /
• 2022

Recently, the frequency of earthquakes is rapidly increasing in Korea. As a result, concerns about earthquakes are increasing. Response and recovery in the event of an earthquake are also important, but it is necessary to identify management vulnerabilities in advance and perform prevention and preparation activities. K-water collects real-time earthquake data by operating an earthquake accelerator to manage facilities safe from earthquakes. In addition, real-time data is transmitted to external organizations. Therefore, various efforts are being made to improve the quality of data. In order to reduce the management vulnerability of the earthquake monitoring system in advance, high-quality data can be produced by minimizing the delay time of data collection and establishing a real-time quality analysis system and base for earthquake data using big data. Accordingly, it is expected to protect the lives and property of the people from earthquake disasters by securing dam safety management and high-quality earthquake data and providing rapid data to external institutions.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.