• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1489-1497
• /
• 2018

Web application services have diversified. At the same time, research on intrusion detection is continuing due to the surge of cyber threats. Also, As a single-defense system evolves into multi-level security, we are responding to specific intrusions by correlating security events that have become vast. However, it is difficult to check the OS, service, web application type and version of the target system in real time, and intrusion detection events occurring in network-based security devices can not confirm vulnerability of the target system and success of the attack A blind spot can occur for threats that are not analyzed for problems and associativity. In this paper, we propose the validation of effectiveness for intrusion detection events using TF-IDF. The proposed scheme extracts the response traffics by mapping the response of the target system corresponding to the attack. Then, Response traffics are divided into lines and weights each line with an TF-IDF weight. we checked the valid intrusion detection events by sequentially examining the lines with high weights.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.5-16
• /
• 2019

Modern state-of-the-art military aviation assets are operated with independent embedded real-time operating systems(RTOS). These embedded systems are made with a high level of information assurance. However, once the systems are introduced and installed on individual platforms for sustaining operational employment, the systems are not actively managed and as a result the platforms become exposed to serious threats. In this paper, we analyzed vulnerability factors in the processing of mission planning data and maintenance-related data for fighter aircraft. We defined the method and form of cyber attacks that modulate air data using these vulnerabilities. We then proposed a detection module for integrity detection. The designed module can preemptively respond to potential cyber threats targeting high - value aviation assets by checking and preemptively responding to malware infection during flight data processing of fighter aircraft.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.18 no.2
• /
• pp.144-155
• /
• 2019

One of the issues of the automotive industry today is autonomous driving vehicles. In order to achieve level 3 or higher as defined by SAE International, harmonization of autonomous driving technology and connected technology is essential. Current vehicles have new features such as autonomous driving, which not only increases the number of electrical components, but also the amount and complexity of software. As a result, the attack surface, which is the access point of attack, is widening, and software security vulnerabilities are also increasing. However, the reality is that the essential security requirements for vehicles are not defined. In this paper, based on real attacks and vulnerability cases and trends, we identify the assets in the in-vehicle network and derive the threats. We also defined the security requirements and derived essential security requirements that should be applied at least to the safety of the vehicle occupant through risk analysis.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.230-233
• /
• 2014

Latest Inforamtion security threats and risks change very rapidly, and there to strengthen the security level of the major companies and organizations are diversified attack to respond to a penetration test conducted. Penetration test(PenTest) is safer for the purpose of looking for vulnerabilities in computer systems by taking advantage of vulnerabilities discovered in the same way as a hacker attack. How to make a security vulnerability could be exploited by attempting to attack show. On the other hand, many security companies are testing in a variety of ways to be penetrated. However, penetration testing to evaluate the strength and reliability has not performed yet. Therefore, in this study, Penetration testing to validate and present a reliable method of evaluation. In this study, penetration testing, assessment information to provide the evaluation results are more reliable. And, as a result, efficient penetration test is expected to be possible.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1369-1374
• /
• 2021

Recently, controversy has been raised over the security and safety of Chinese-made network equipment (Huawei 5G), apps (TikTok, etc.). In particular, according to the results of the Ministry of Defense investigation in 2020, malicious codes were found in CCTVs made in China that were delivered as military surveillance equipment used as a coast guard system, and specific information was remotely transmitted to a Chinese server. The safety issues of these Chinese security products can be questioned as being systematically led by the state rather than by companies or individuals. In this paper, we perform network and process level analysis of 360 Total Security(360 TS), a Chinese antivirus software. In addition, it compares and analyzes the domestic cloud-based vaccine V3 Lite product. Through this, the safety of Chinese security solutions is checked and information leakage and risks are suggested.

• Korean Journal of Agricultural Science
• /
• v.48 no.3
• /
• pp.433-446
• /
• 2021

In this study, the future flood inundation changes under a climate change were simulated in the Tonle Sap basin in Cambodia, one of the countries with high vulnerability to climate change. For the flood inundation simulation using the rainfall-runoff-inundation (RRI) model, globally available geological data (digital elevation model [DEM]; hydrological data and maps based on Shuttle elevation derivatives [HydroSHED]; land cover: Global land cover facility-moderate resolution imaging spectroradiometer [GLCF-MODIS]), rainfall data (Asian precipitation-highly-resolved observational data integration towards evaluation [APHRODITE]), climate change scenario (HadGEM3-RA), and observational water level (Kratie, Koh Khel, Neak Luong st.) were constructed. The future runoff from the Kratie station, the upper boundary condition of the RRI model, was constructed to be predicted using the long short-term memory (LSTM) model. Based on the results predicted by the LSTM model, a total of 4 cases were selected (representative concentration pathway [RCP] 4.5: 2035, 2075; RCP 8.5: 2051, 2072) with the largest annual average runoff by period and scenario. The results of the analysis of the future flood inundation in the Tonle Sap basin were compared with the results of previous studies. Unlike in the past, when the change in the depth of inundation changed to a range of about 1 to 10 meters during the 1997 - 2005 period, it occurred in a range of about 5 to 9 meters during the future period. The results show that in the future RCP 4.5 and 8.5 scenarios, the variability of discharge is reduced compared to the past and that climate change could change the runoff patterns of the Tonle Sap basin.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1397-1402
• /
• 2021

The overlay2 file system is one of the union file systems that mounts multiple directories into one. The source directory used for this overlay2 file system mount has a characteristic that it operates independently of the write-able layer after mounting, so it is often used for container platforms for application delivery. However, the overlay2 file system has a security vulnerability that the write-able layer is also modified when file in the source directory is modified. In this study, I proposed the overlay2 file system protection technology to remove the security vulnerabilities of the overlay2 file system. As a result of empirically implementing the proposed overlay2 file system protection technology and verifying the function, the protection technology proposed in this study was verified to be effective. However, since the method proposed in this study is a passive protection method, a follow-up study is needed to automatically protect it at the operating system level.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2017.05a
• /
• pp.138-138
• /
• 2017

가뭄, 집중호우와 같은 자연적인 요인과 불투수면적의 증가, 각종 용수로서의 지하수 이용 증가, 지하구조물 공사 등과 같은 인위적인 요인에 의한 지하수위 하강이 이슈화 되고 있다. 지하수 위의 하강은 지하수 고갈 같은 1차적 피해뿐만 아니라 생태계 교란, 농작물 피해, 지반 침하, 싱크홀 등의 2차 피해를 야기한다. 이에 따라 지하수위 시계열 자료를 이용하여 지하수위 관리 취약성에 대한 분석을 실시하였다. 연구지역으로 낙동강 중류에 위치한 상주, 대구, 밀양 지역으로 선택하였다. 자료 수집으로 국가지하수정보센터(www.gims.go.kr)에서 제공하는 국가지하수관측망 관측정 중 자료길이가 11개년 이상인 상주, 대구, 밀양의 지하수위 관측소의 일단위 지하수위 자료와 지하수이용량 자료를 수집하였다. 관측소 인근의 하천수위 자료는 국가수자원관리종합정보시스템(www.wamis.go.kr)에서 수집하였으며, 관측소 인근의 강수자료는 기상청(www.kma.go.kr)에서 해당 지역 관측소의 일단위 강수 자료를 수집하였다. 연구지역의 지하수 함양 자료는 국가통계포털(www.kosis.kr)에서 수집하였다. 수집한 일 단위 수문 자료를 이용하여 각 관측소의 연평균, 갈수기, 풍수기에 대해서 연구지역의 지하수위 관리 취약성 분석을 실시했고, 자료 분석 시 충적층 지하수위 자료는 인근 수계에 따른 변동이 크기 때문에 암반층 지하수위 자료에 대해서 분석을 실시하였다. 분석한 결과는 표준화 과정을 거쳐 지수로 산정하였고, 산정된 지수를 통해 연구지역 내 지하수위 관리 취약성 분석을 실시하였다. 본 연구를 전국단위 국가지하수관측망으로 적용하게 되면 지하수 개발 및 관리 정책 수립에 있어 큰 도움이 될 것으로 생각된다.

• Journal of Animal Science and Technology
• /
• v.63 no.1
• /
• pp.77-90
• /
• 2021

This study aimed to assess the impact of abnormal climate events on the production of Italian ryegrass (IRG), such as autumn low-temperature, severe winter cold and spring droughts in the central inland, southern inland and southern coastal regions. Seasonal climatic variables, including temperature, precipitation, wind speed, relative humidity, and sunshine duration, were used to set the abnormal climate events using principal component analysis, and the abnormal climate events were distinguished from normal using Euclidean-distance cluster analysis. Furthermore, to estimate the impact caused by abnormal climate events, the dry matter yield (DMY) of IRG between abnormal and normal climate events was compared using a t-test with 5% significance level. As a result, the impact to the DMY of IRG by abnormal climate events in the central inland of Korea was significantly large in order of severe winter cold, spring drought, and autumn low-temperature. In the southern inland regions, severe winter cold was also the most serious abnormal event. These results indicate that the severe cold is critical to IRG in inland regions. Meanwhile, in the southern coastal regions, where severe cold weather is rare, the spring drought was the most serious abnormal climate event. In particular, since 2005, the frequency of spring droughts has tended to increase. In consideration of the trend and frequency of spring drought events, it is likely that drought becomes a NEW NORMAL during spring in Korea. This study was carried out to assess the impact of seasonal abnormal climate events on the DMY of IRG, and it can be helpful to make a guideline for its vulnerability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.645-654
• /
• 2012

The South Korean Defense Ministry is planning and pushing forward to conduct a cloud computing pilot project in 2012. Taking into consideration the high-level security necessary in the military as well as wartime duties, if not designed properly, this project may anticipate severe damage to national security and interest. In particular, despite the fact that vulnerability due to inter-Korean confrontation and regular security-related incidents have been triggered, unconditionally conducting a cloud computing pilot project without reviewing not only violates security regulations but also causes various security-related side effects in and outside South Korea. Therefore, this thesis found conditions for conduct of this project by suggesting duties that can apply cloud computing as well as security technology, administration, post-accident matters and conditions for legally solving cloud computing in the military.