• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.863-871
• /
• 2018

Existing vulnerability analysis tools are prone to missed detections, incorrect detections, and over-detection, which reduces accuracy. In this paper, cross-checking based on a vulnerability detection method using static and dynamic analysis is proposed, which develops and manages safe applications and can resolve and analyze these problems. Risks due to vulnerabilities are computed, and an intelligent vulnerability detection technique is used to improve accuracy and evaluate risks under the final version of the application. This helps the development and execution of safe applications. Through incorporation of tools that use static analysis and dynamic analysis techniques, our proposed technique overcomes weak points at each stage, and improves the accuracy of vulnerability detection. Existing vulnerability risk-evaluation systems only evaluate self-risks, whereas our proposed vulnerability risk-evaluation system reflects the vulnerability of self-risk and the detection accuracy in a complex fashion to evaluate relative. Our proposed technique compares and analyzes existing analysis tools, such as lists for detections and detection accuracy based on the top 10 items of SANS at CWE. Quantitative evaluation systems for existing vulnerability risks and the proposed application's vulnerability risks are compared and analyzed. We developed a prototype analysis tool using our technique to test the application's vulnerability detection ability, and to show that our proposed technique is superior to existing ones.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.14 no.3
• /
• pp.203-222
• /
• 2011

The characteristics of flood damages have been increasingly strengthened and take the form of unpredictable and unusual weather phenomena caused by climate change and climate anomalies. To prevent inundation damage caused by breach of hydraulic structure such as dam or levee, and trouble of drainage of inner basin, the prediction necessity of flood inundation area, flood risk analysis, and drawing flood risk maps have been on the rise, and the national flood risk maps have been produced. In this study, the quantitative flood vulnerability analysis was performed, which represents population living within flood-affected areas, types of economic activities, facilities affected by flood, in order to extend flood risk mapping from simple hazard concept into risk based idea. By applying it to Nakdong River basin, the flood vulnerability indices were estimated to draw flood risk maps subdivided into administrative districts. The result of this study can be applied to establish the disaster prevention measures and priority decision of disaster prevention project.

• Journal of The Korean Society of Agricultural Engineers
• /
• v.54 no.6
• /
• pp.39-44
• /
• 2012

Water supply capacity and operational capability in agricultural reservoirs are expressed differently in the limited storage due to seasonal and local variation of precipitation. Since agricultural water supply and demand basically assumes the uncertainty of hydrological phenomena, it is necessary to improve probabilistic approach for potential risk assessment of water supply capacity in reservoir for enhanced operational storage management. Here, it was introduced the irrigation vulnerability characteristic curves to represent the water supply capacity corresponding to probability distribution of the water demand from the paddy field and water supply in agricultural reservoir. Irrigation vulnerability probability was formulated using reliability analysis method based on water supply and demand probability distribution. The lower duration of irrigation vulnerability probability defined as the time period requiring intensive water management, and it will be considered to assessment tools as a risk mitigated water supply planning in decision making with a limited reservoir storage.

• The Journal of Society for e-Business Studies
• /
• v.20 no.2
• /
• pp.125-140
• /
• 2015

It is general that the impact of supply chain risk spread out to the whole network along the connected structure. Due to the risk propagation the probability to exposure a certain risk is affected by not only the characteristics of each risk factor but also network structure. It means that the structural connectivity among vertices should be considered while designing supply chain network in order to minimize disruption cost. In this research, the betweenness centrality has been utilized to quantitatively assess the structural vulnerability. The betweenness centrality is interpreted as the index which can express both the probability of risk occurrence and propagation of risk impact. With the structural vulnerability index, it is possible to compare the stability of each alternative supply chain structure and choose the better one.

• Journal of the Korean Society of Safety
• /
• v.29 no.1
• /
• pp.64-69
• /
• 2014

Community-based disaster preparedness approaches are increasingly important elements of vulnerability reduction and disaster strategies. They are associated with a policy trend that values the knowledge and capacities of local people. In this research, we describe the community diagnosis method and develop Flood Disaster Risk Reduction Index(FDRRI) for assessment of flood vulnerability. FDRRI is composed of four indicators such as Flood Exposure Indicator(FEI), Sensitivity Indicator(SI), Risk Reduction Indicator(RRI), and Community Preparedness Indicator(CPI). We anticipate to present the guideline for selection national preparedness projects and uplift community's preparedness capacity.

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.3
• /
• pp.139-144
• /
• 2016

When, Software is developed, Applying development methods considering security, it is generated the problem of additional cost. These additional costs are caused not consider security in many developing organization. Even though, proceeding the developments, considering security, lack of ways to get the cost of handling the vulnerability throughput within the given cost. In this paper, propose a method for calculating the vulnerability throughput for using a security vulnerability processed cost-effectively. In the proposed method focuses on the implementation phase of the software development phase, leveraging static analysis tools to find security vulnerabilities in CWE TOP25. The found vulnerabilities are define risk, transaction costs, risk costs and defines the processing priority. utilizing the information in the CWE, Calculating a consumed cost in a detected vulnerability processed through a defined priority, and controls the vulnerability throughput in the input cost. When applying the method, it is expected to handle the maximum risk of vulnerability in the input cost.

• Journal of Korea Multimedia Society
• /
• v.18 no.2
• /
• pp.199-206
• /
• 2015

Since security vulnerabilities newly discovered in a popular Web browser immediately put a number of users at risk, urgent attention from developers is required to address those vulnerabilities. Analysis of characteristics in the Web browser vulnerabilities can be used to assess security risks and to determine the resources needed to develop patches quickly to handle vulnerabilities discovered. So far, being a new research area, the quantitative aspects of the Web browser vulnerabilities and risk assessments have not been fully investigated. However, due to the importance of Web browser software systems, further detailed studies are required related to the Web browser risk assessment, using rigorous analysis of actual data which can assist decision makers to maximize the returns on their security related efforts. In this paper, quantitative software vulnerability analysis has been presented for major Web browsers with respect to the Common Vulnerability Scoring System. Further, vulnerability discovery trends in the Web browsers are also investigated. The results show that, almost all the time, vulnerabilities are compromised from remote networks with no authentication required systems. It is also found that a vulnerability discovery model which was originally introduced for operating systems is also applicable to the Web browsers.

• Geomechanics and Engineering
• /
• v.18 no.6
• /
• pp.661-668
• /
• 2019

Seismic vulnerability assessment is a useful tool for rational safety analysis and planning of large and complex structural systems; it can deal with the effects of uncertainties on the performance of significant structural systems. In this study, an efficient dynamic reliability approach, probability density evolution methodology (PDEM), is proposed for seismic vulnerability analysis of earth dams. The PDEM provides the failure probability of different limit states for various levels of ground motion intensity as well as the mean value, standard deviation and probability density function of the performance metric of the earth dam. Combining the seismic reliability with three different performance levels related to the displacement of the earth dam, the seismic fragility curves are constructed without them being limited to a specific functional form. Furthermore, considering the seismic fragility analysis is a significant procedure in the seismic probabilistic risk assessment of structures, the seismic vulnerability results obtained by the dynamic reliability approach are combined with the results of probabilistic seismic hazard and seismic loss analysis to present and address the PDEM-based seismic probabilistic risk assessment framework by a simulated case study of an earth dam.

• Earthquakes and Structures
• /
• v.9 no.4
• /
• pp.719-733
• /
• 2015

Seismic risk management of the built environment is integrated by two main stages, the assessment and the remedial measures to attain its reduction, representing both stages a complex task. The seismic risk of a certain structure located in a seismic zone is determined by the conjunct of the seismic hazard and its structural vulnerability. The hazard level mainly depends on the proximity of the site to a seismic source. On the other hand, the ground shaking depends on the seismic source, geology and topography of the site, but definitely on the inherent earthquake characteristics. Seismic hazard characterization of a site under study is suggested to be estimated by a combination of studies with the history of earthquakes. In this Paper, the most important methods of seismic vulnerability evaluation of buildings and their application are described. The selection of the most suitable method depends on different factors such as number of buildings, importance, available data and aim of the study. These approaches are classified in empirical, analytical, experimental and hybrid. For obtaining more reliable results, it is recommends applying a hybrid approach, which consists of a combination between methods depending on the case. Finally, a recommended approach depending on the building importance and aim of the study is described.

• Wind and Structures
• /
• v.23 no.5
• /
• pp.449-464
• /
• 2016

Catastrophe models appraise the natural risk of the built-infrastructure simulating the interaction of its exposure and vulnerability with a hazard. Because of unique configurations and reduced number, mid/high-rise buildings present singular challenges to the assessment of their damage vulnerability. This paper presents a novel approach to estimate the vulnerability of mid/high-rise buildings (MHB) which is used in the Florida Public Hurricane Loss Model, a catastrophe model developed for the state of Florida. The MHB vulnerability approach considers the wind pressure hazard exerted over the building's height as well as accompanying rain. The approach assesses separately the damages caused by wind, debris impact, and water intrusion on building models discretized into typical apartment units. Hurricane-induced water intrusion is predicted combining the estimates of impinging rain with breach and pre-existing building defect size estimates. Damage is aggregated apartment-by-apartment and story-by-story, and accounts for vertical water propagation. The approach enables the vulnerability modeling of regular and complex building geometries in the Florida exposure and elsewhere.