• Earthquakes and Structures
• /
• v.22 no.4
• /
• pp.387-399
• /
• 2022

To study the seismic damage of masonry structures and understand the characteristics of the multi-intensity region, according to the Dujiang weir urbanization of China Wenchuan earthquake, the deterioration of 3991 masonry structures was summarized and statistically analysed. First, the seismic damage of multistory masonry structures in this area was investigated. The primary seismic damage of components was as follows: Damage of walls, openings, joints of longitudinal and transverse walls, windows (lower) walls, and tie columns. Many masonry structures with seismic designs were basically intact. Second, according to the main factors of construction, seismic intensity code levels survey, and influence on the seismic capacity, a vulnerability matrix calculation model was proposed to establish a vulnerability prediction matrix, and a comparative analysis was made based on the empirical seismic damage investigation matrix. The vulnerability prediction matrix was established using the proposed vulnerability matrix calculation model. The fitting relationship between the vulnerability prediction matrix and the actual seismic damage investigation matrix was compared and analysed. The relationship curves of the mean damage index for macrointensity and ground motion parameters were drawn through calculation and analysis, respectively. The numerical analysis was performed based on actual ground motion observation records, and fitting models of PGA, PGV, and MSDI were proposed.

• Journal of the Korea Society for Simulation
• /
• v.13 no.3
• /
• pp.21-29
• /
• 2004

The major objective of this paper is to analyze network vulnerabilities using the SIMVA (SIMualtion-based Vulnerability Analyzer). SIMVA is capable of monitor network status and analyze vulnerabilities automatically. To do this, we have employed the advanced modeling and simulation concepts such as SES/MB (System Entity Structure / Model Base) framework, DEVS (Discrete Event System Specification) formalism, and experimental frame for developing network security models and simulation-based analysis of vulnerability. SIMVA can analyze static vulnerability as well as dynamic vulnerability consistently and quantitatively. In this paper, we verified and tested the capability of application of SIMVA by slammer worm attack scenario.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.541-547
• /
• 2019

Recent developments in hacking technology are continuing to increase the number of new security vulnerabilities. Approximately 80,000 new vulnerabilities have been registered in the Common Vulnerability Enumeration (CVE) database, which is a representative vulnerability database, from 2010 to 2015, and the trend is gradually increasing in recent years. While security vulnerabilities are growing at a rapid pace, responses to security vulnerabilities are slow to respond because they rely on manual analysis. To solve this problem, there is a need for a technology that can automatically detect and patch security vulnerabilities and respond to security vulnerabilities in advance. In this paper, we propose the technology to extract the features of the vulnerability-discovery target binary through complexity analysis, and select a vulnerability-discovery strategy suitable for the feature and automatically explore the vulnerability. The proposed technology was compared to the AFL, ANGR, and Driller tools, with about 6% improvement in code coverage, about 2.4 times increase in crash count, and about 11% improvement in crash incidence.

• Journal of Forest and Environmental Science
• /
• v.28 no.2
• /
• pp.106-117
• /
• 2012

In an effort to analyze the impact of climate change, Gangwon provincial forest was divided into three sectors; forest ecology, forest disaster, and forest productivity and analysis of their current status from 2000 to 2009 and vulnerability assessment by climate change has been carried in this study. In case of vulnerability assessment, except for the forest ecology, forest disaster (forest fires and forest pests) and forest productivity sectors were analyzed in current status, the year of 2020, and 2050. It turned out that vulnerability of forest fires in the field of disaster would become worse and forest pests also would make more impact even though there is some variation in different areas. In case of the vulnerability of forest productivity there would be not a big difference in the future compared with current vulnerability. Systematic research on the sensitivity index used for vulnerability assessment is necessary since vulnerability assessment result greatly depends on the use of climate exposure index and adaptive capacity index.

• Journal of Korean Society of Water and Wastewater
• /
• v.33 no.5
• /
• pp.341-351
• /
• 2019

The purpose of this study was to evaluate vulnerability of drought in small island areas. Vulnerability assessment factors of drought were selected by applying the factor analysis. Ninety Eup/Myon areas in small island were evaluated to vulnerability of drought by entropy method adapting objective weights. Vulnerability consisted of climate exposure, sensitivity, and adaptive capacity. A total of 22 indicators were used to evaluate and analyze vulnerability of drought in small island areas. The results of entropy method showed that winter rainfall, no rainfall days, agricultural population rate, cultivation area rate, water supply rate and groundwater capacity have a significant impact on drought assessment. The overall assessment of vulnerability indicated that Seodo-myeon Ganghwa-gun, Seolcheon-myeon Namhae-gun and Samsan-myeon Ganghwa-gun were the most vulnerable to drought. Especially Ganghwa-gun should be considered policy priority to establish drought measures in the future, because it has a high vulnerability of drought.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.11-17
• /
• 2022

Cyber attacks on national infrastructure, including large-scale power outages in Ukraine, have continued in recent years. As a result, ICS-CERT vulnerabilities have doubled compared to last year, and vulnerabilities to industrial control systems are increasing day by day. Most control system operators develop vulnerability countermeasures based on the vulnerability information sources provided by ICS-CERT in the United States. However, it is not applicable to the security of domestic control systems because it does not provide weaknesses in Korean manufacturers' products. Therefore, this study presents a vulnerability analysis framework that integrates CVE, CWE, CAPE, and CPE information related to the vulnerability based on ICS-CERT information (1843 cases). It also identifies assets of nuclear facilities by using CPE information and analyzes vulnerabilities using CVE and ICS-CERT. In the past, only 8% of ICS-CERT's vulnerability information was searched for information on any domestic nuclear facility during vulnerability analysis, but more than 70% of the vulnerability information could be searched using the proposed methodology.

• Journal of Multimedia Information System
• /
• v.8 no.4
• /
• pp.259-266
• /
• 2021

Security vulnerabilities have been reported in major design software systems such as Adobe Photoshop and Illustrator, which are recognized as de facto standard design tools in most of the design industries. Companies need to evaluate and manage their risk levels posed by those vulnerabilities, so that they could mitigate the potential security bridges in advance. In general, security vulnerabilities are discovered throughout their life cycles repeatedly if software systems are continually used. Hence, in this study, we empirically analyze risk levels for the three major graphical design software systems, namely Photoshop, Illustrator and GIMP with respect to a software vulnerability discovery model. The analysis reveals that the Alhazmi-Malaiya Logistic model tends to describe the vulnerability discovery patterns significantly. This indicates that the vulnerability discovery model makes it possible to predict vulnerability discovery in advance for the software systems. Also, we found that none of the examined vulnerabilities requires even a single authentication step for successful attacks, which suggests that adding an authentication process in software systems dramatically reduce the probability of exploitations. The analysis also discloses that, for all the three software systems, the predictions with evenly distributed and daily based datasets perform better than the estimations with the datasets of vulnerability reporting dates only. The observed outcome from the analysis allows software development managers to prepare proactively for a hostile environment by deploying necessary resources before the expected time of vulnerability discovery. In addition, it can periodically remind designers who use the software systems to be aware of security risk, related to their digital work environments.

• Korean Journal of Computational Design and Engineering
• /
• v.22 no.2
• /
• pp.101-109
• /
• 2017

In order to reduce the number of casualties by improving the survivability of the combat vehicle, the vulnerability analysis of the combat vehicle is needed. However, the actual test for the vulnerability analysis requires large experimental space and expensive equipment costs long time and large expense. It is needed to develop a new method that can replace the actual test. In the paper, we suggested a new approach to analyzing the vulnerability using the M&S method instead of the actual test. To analyze the vulnerability, the shot line analysis is performed to find out which part is penetrated by the bullet. The component of the parts is simplified to "Single-Target", "Double-Target", "Air gapped-Target" and can be performed the penetration analysis using the ANSYS Explicit Dynamics. The penetration depth and the residual velocity of the bullet are calculated by analyzing penetration of each part of the combat vehicle. The penetration data calculated the penetration analysis can be used to define the damage level of the combat vehicle. The purpose of this paper is to collect penetration data for various targets and bullets. And "7.62mmAP" is used as the bullet, "7075-T6" is used as a target.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.12
• /
• pp.4531-4544
• /
• 2021

Because the traditional network information security vulnerability risk assessment method does not set the weight, it is easy for security personnel to fail to evaluate the value of information security vulnerability risk according to the calculation value of network centrality, resulting in poor evaluation effect. Therefore, based on the network security data element feature system, this study designed a quantitative assessment method of network information security vulnerability detection risk under single transmission state. In the case of single transmission state, the multi-dimensional analysis of network information security vulnerability is carried out by using the analysis model. On this basis, the weight is set, and the intrinsic attribute value of information security vulnerability is quantified by using the qualitative method. In order to comprehensively evaluate information security vulnerability, the efficacy coefficient method is used to transform information security vulnerability associated risk, and the information security vulnerability risk value is obtained, so as to realize the quantitative evaluation of network information security vulnerability detection under single transmission state. The calculated values of network centrality of the traditional method and the proposed method are tested respectively, and the evaluation of the two methods is evaluated according to the calculated results. The experimental results show that the proposed method can be used to calculate the network centrality value in the complex information security vulnerability space network, and the output evaluation result has a high signal-to-noise ratio, and the evaluation effect is obviously better than the traditional method.

• Journal of Environmental Impact Assessment
• /
• v.26 no.3
• /
• pp.171-180
• /
• 2017

The vulnerability analysis of climate change driven disaster has been used as institutional framework for the urban policies of disaster prevention since 2012. However, some problems have occurred due to the structure of vulnerability analysis, such as overweighted variables and duplicated application of variables of similar meaning. The goal of this study is to examine the differences of results between the method of current guideline and the method of weight equalization. For this, we examines the current structural framework of the vulnerability analysis, and performs empirical analysis. As a result, the extent and magnitude of vulnerability showed different spatial patterns depending on the weighting methods. Standardized weighting method relatively represented wider vulnerable areas compared to the pre-existing method which follows the current instruction manual. To apply the results of vulnerability analysis to urban planning process for disaster prevention, this study suggests that the reliability of the results should be ensured by improving analytical framework and detailed review of the results.