• Steel and Composite Structures
• /
• v.19 no.5
• /
• pp.1167-1184
• /
• 2015

Despite considerable life casualty and financial loss resulting from past earthquakes, many existing steel buildings are still seismically vulnerable as they have no lateral resistance or at least need some sort of retrofitting. Passive control methods with decreasing seismic demand and increasing ductility reduce rate of vulnerability of structures against earthquakes. One of the most effective and practical passive control methods is to use a shear panel system working as a ductile fuse in the structure. The shear Panel System, SPS, is located vertically between apex of two chevron braces and the flange of the floor beam. Seismic energy is highly dissipated through shear yielding of shear panel web while other elements of the structure remain almost elastic. In this paper, lateral behavior and related benefits of this system with narrow-flange link beams is experimentally investigated in chevron braced simple steel frames. For this purpose, five specimens with IPE (narrow-flange I section) shear panels were examined. All of the specimens showed high ductility and dissipated almost all input energy imposed to the structure. For example, maximum SPS shear distortion of 0.128-0.156 rad, overall ductility of 5.3-7.2, response modification factor of 7.1-11.2, and finally maximum equivalent viscous damping ratio of 35.5-40.2% in the last loading cycle corresponding to an average damping ratio of 26.7-30.6% were obtained. It was also shown that the beam, columns and braces remained elastic as expected. Considering this fact, by just changing the probably damaged shear panel pieces after earthquake, the structure can still be continuously used as another benefit of this proposed retrofitting system without the need to change the floor beam.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.963-974
• /
• 2018

With the growing interest in cryptocurrency such as bitcoin, the blockchain technology has attracted much attention in various applications as a distributed security platform with excellent security. However, Cryptojacking, an attack that hijack other computer resources such as CPUs, has occured due to vulnerability to the Cryptomining process. In particular, browser-based Cryptojacking is considered serious because attacks can occur only by visiting a Web site without installing it on a visitor's PC. The current Cryptojacking detection system is mostly signature-based. Signature-based detection methods have problems in that they can not detect a new Cryptomining code or a modification of existing Cryptomining code. In this paper, we propose a Cryptojacking detection solution using a dynamic analysis-based that uses a headless browser to detect unknown Cryptojacking attacks. The proposed dynamic analysis-based Cryptojacking detection system can detect new Cryptojacking site that cannot be detected in existing signature-based Cryptojacking detection system and can detect it even if it is called or obfuscated by bypassing Cryptomining code.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.5
• /
• pp.171-176
• /
• 2015

Because the specific security technology alone can not cope with sophisticated attacks, various security management models are applied. But, they do not focus on the vulnerability of the highest part because they offer so many common security management criteria. By analyzing the main information and confidential leakage cases inflicting enormous damage to our society, we found that attackers are using mainly an interface vulnerabilities - the paths that connect the internal and external of the organization, such as e-mail, web server, portable devices, and subcontractor employees. Considering the reality that time and resources to invest in security domain are limited, we point out the interface security vulnerabilities the possibility of attackers to exploit and present a convergence method of security measures. Finally, based of ROI(Return on Investment), we propose the real-time security management system through the intensive and continuous management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1261-1266
• /
• 2021

Existing information security risk assessment methods focus on evaluating the vulnerability of information assets. However, when the form of information assets changes and new types of information assets emerge, there is a limitation in that the evaluation standards for them are also added or deleted. Existing methods have insufficient research on the path through which cyber threats are introduced. In particular, there is very little research on blocking the inflow path for web-based information systems with public IPs. Therefore, this paper introduces the main research contents of the BDLA (Blockade and Defense Level Analysis)-based information security risk assessment model. In addition, by applying the BDLA-based information security risk assessment model, the information security risk level was studied by measuring the blockade level and security equipment level of 17 public institutions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.146-149
• /
• 2022

With internet development, many peoples use their email to exchange documents, register for web services, and much more. Some individuals/organizations (including educational institutions) use their own domain name for email instead of a domain provided by commercial email services. However, suppose the domain used for custom email expires. In that case, other individuals/organizations can reuse the domain, and the new domain owner can send and receive all emails incoming to the domain. It makes us concerned about Privacy violations. Email that new domain owners can look into also contains sensitive emails like password reset notifications, credit card statements, order history, and more. In this research, we would like to describe the privacy violations caused by the expired domain used for email that did not remove all dependencies of email users and propose a solution.

• Journal of Preventive Medicine and Public Health
• /
• v.57 no.4
• /
• pp.370-378
• /
• 2024

Objectives: Comorbidities increase susceptibility to severe coronavirus disease 2019 (COVID-19) infections, but limited information has been published regarding human immunodeficiency virus (HIV) and COVID-19 co-infections. This study explored the relationships among socioeconomic characteristics, sexual behaviors, and COVID-19 infection rates among Korean men who have sex with men (MSM) who are also living with HIV. Methods: Data were collected through a web survey aimed at members of the largest gay portal site in Korea, supported by the National Research Foundation of Korea (n=1005). The primary independent variables included COVID-19-related vaccinations and sexual behaviors. The dependent variable was the incidence of COVID-19 infection among respondents during the pandemic. For statistical analysis, hierarchical multiple logistic regression was performed, controlling for potential confounding variables. Results: Model I indicated that older MSM were less likely to contract COVID-19 (adjusted odds ratio [aOR], 0.98; 95% confidence interval [CI], 0.96 to 0.99). Model II demonstrated that HIV-positive MSM were nearly twice as likely to be infected with COVID-19 compared to their HIV-negative counterparts (aOR, 1.97; 95% CI, 1.14 to 3.41). Furthermore, even after accounting for COVID-19 vaccination status in model III, HIV-positive MSM continued to show a higher risk of infection (aOR, 1.93; 95% CI, 1.12 to 3.35). Conclusions: The findings of this study indicate that HIV-positive MSM are at an increased risk of contracting COVID-19, even when their vaccination status is considered. Therefore, it is essential to prioritize the prevention of COVID-19 infections in HIV-positive individuals by administering appropriate antiretroviral therapy and ensuring adherence to public health guidelines.

• Maritime Security
• /
• v.1 no.1
• /
• pp.215-240
• /
• 2020

In 2017, the U.S. DARPA coined 'mosaic warfare' as a new way of warfighting. According to the Timothy Grayson, director of DARPA's Strategic Technologies Office, mosaic warfare is a "system of system" approach to warfghting designed around compatible "tiles" of capabilities, rather than uniquely shaped "puzzle pieces" that must be fitted into a specific slot in a battle plan in order for it to work. Prior to cover mosaic warfare theory and recent development, it deals analyze its background and several premises for better understanding. The U.S. DoD officials might acknowledge the current its forces vulnerability to the China's A2/AD assets. Furthermore, the U.S. seeks to complete military superiority even in other nation's territorial domains including sea and air. Given its rapid combat restoration capability and less manpower casualty, the U.S. would be able to ready to endure war of attrition that requires massive resources. The core concept of mosaic warfare is a "decision centric warfare". To embody this idea, it create adaptability for U.S. forces and complexity or uncertainty for the enemy through the rapid composition and recomposition of a more disag g reg ated U.S. military force using human command and machine control. This allows providing more options to friendly forces and collapse adversary's OODA loop eventually. Adaptable kill web, composable force packages, A.I., and context-centric C3 architecture are crucial elements to implement and carry out mosaic warfare. Recently, CSBA showed an compelling assessment of mosaic warfare simulation. In this wargame, there was a significant differences between traditional and mosaic teams. Mosaic team was able to mount more simultaneous actions, creating additional complexity to adversaries and overwhelming their decision-making with less friendly force's human casualty. It increase the speed of the U.S. force's decision-making, enabling commanders to better employ tempo. Consequently, this article finds out and suggests implications for Korea armed forces. First of all, it needs to examine and develop 'mosaic warfare' in terms of our security circumstance. In response to future warfare, reviewing overall force structure and architecture is required which is able to compose force element regardless domain. In regards to insufficient defense resources and budget, "choice" and "concentration" are also essential. It needs to have eyes on the neighboring countries' development of future war concept carefully.

• Journal of The Korean Association For Science Education
• /
• v.30 no.8
• /
• pp.933-952
• /
• 2010

This study aims to characterize debate on a socio-scientific issue in the Internet and to provide implications from a postmodernist perspective. This study concentrates on disentanglement of the complex relationship among society, economy, politics and science in an issue and characterization of the given text centering on its originality, the relationship between writer and reader, and the purpose of utterance. Sixty-six most read articles on a web message board were chosen and analyzed as a typical case of a socio-scientific issue in the internet. In them, five scientific disputes were identified: the cause of mad cow disease (MCD), specified risk material and the incubation period, the cause of new variant Creutzfeld-Jakob disease (vCJD), vulnerability of vCJD and the relation of Alzheimer and vCJD in American patients. Each argument is intertwined with social, economic and political problems such as its impact on the domestic beef market, feeding environment of imported cattle and the retaliation against denial of importation. With regard to originality, it is found that the originality of an author is weakened but communal through repetitive quotation of 'Peom', cutting and pasting, and engagement of readers with their comments. Furthermore, in order to close the gap between writer and reader, identity and personal narrative of the writers are often introduced into their writing. In terms of purpose of utterance, these are intended to deliver one's feelings or facilitate human behavior rather than inform through verification of a principle.

• Korean Journal of Remote Sensing
• /
• v.36 no.3
• /
• pp.475-486
• /
• 2020

Climate change scenarios are the basis of research to cope with climate change, and consist of large-scale spatio-temporal data. From the data point of view, one scenario has a large capacity of about 83 gigabytes or more, and the data format is semi-structured, making it difficult to utilize the data through means such as search, extraction, archiving and analysis. In this study, a tool for analyzing extreme climate events based on spatial information is developed to improve the usability of large-scale, multi-period climate change scenarios. In addition, a pilot analysis is conducted on the time and space in which the heavy rain thresholds that occurred in the past can occur in the future, by applying the developed tool to the RCP8.5 climate change scenario. As a result, the days with a cumulative rainfall of more than 587.6 mm over three days would account for about 76 days in the 2080s, and localized heavy rains would occur. The developed analysis tool was designed to facilitate the entire process from the initial setting through to deriving analysis results on a single platform, and enabled the results of the analysis to be implemented in various formats without using specific commercial software: web document format (HTML), image (PNG), climate change scenario (ESR), statistics (XLS). Therefore, the utilization of this analysis tool is considered to be useful for determining future prospects for climate change or vulnerability assessment, etc., and it is expected to be used to develop an analysis tool for climate change scenarios based on climate change reports to be presented in the future.