• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.471-484
• /
• 2018

Recently, cyber threats are frequently occurring in ICS(industrial control systems) of government agencies, infrastructure, and manufacturing companies. In order to cope with such cyber threats, it is necessary to apply CTI to ICS. For this purpose, a security information collection system is needed. However, it is difficult to install security solution in control devices such as PLC. Therefor, it is difficult to collect security information of ICS. In addition, there is a problem that the security information format generated in various assets is different. Therefore, in this paper, we propose an efficient method to collect ICS security information. We utilize CybOX/STIX/TAXII CTI models that are easy to apply to ICS. Using this model, we designed the formats to collect security information of ICS assets. We created formats for system logs, IDS logs, and EWS application logs of ICS assets using Windows and Linux. In addition, we designed and implemented a security information collection system that reflects the designed formats. This system can be used to apply monitoring system and CTI to future ICS.

• Water for future
• /
• v.25 no.1
• /
• pp.93-100
• /
• 1992

A study on the Derivation of the Unit Hydrograph using Multiple Regression Moe이. The purpose of this study is to deriver an optimal unit hydrograph suing the multiple regression model, particularly when only small amount of data is available. The presence of multicollinearity among the input data can cause serious oscillations in the derivation of the unit hydrograph. In this case, the oscillations in the unit hydrograph ordinate are eliminated by combining the data. The data used in this study are based upon the collection and arrangement of rainfall-runoff data(1977-1989) at the Soyang-river Dam site. When the matrix X is the rainfall series, the condition number and the reciprocal of the minimum eigenvalue of XTX are calculated by the Jacobi an method, and are compared with the oscillation in the unit hydrograph. The optimal unit hydrograph is derived by combining the numerous rainfall-runoff data. The conclusions are as follows; 1)The oscillations in the derived unit hydrograph are reduced by combining the data from each flood event. 2) The reciprocals of the minimum eigen\value of XTX, 1/k and the condition number CN are increased when the oscillations are active in the derived unit hydrograph. 3)The parameter estimates are validated by extending the model to the Soyang river Dam site with elimination of the autocorrelation in the disturbances. Finally, this paper illustrates the application of the multiple regression model to drive an optimal unit hydrograph dealing with the multicollinearity and the autocorrelation which cause some problems.

• Journal of Digital Convergence
• /
• v.12 no.8
• /
• pp.351-359
• /
• 2014

The log data generated by security equipment have been synthetically analyzed on the ESM(Enterprise Security Management) base so far, but due to its limitations of the capacity and processing performance, it is not suited for big data processing. Therefore the another way of technology on the big data platform is necessary. Big Data platform can achieve a large amount of data collection, storage, processing, retrieval, analysis, and visualization by using Hadoop Ecosystem. Currently ESM technology has developed in the way of SIEM (Security Information & Event Management) technology, and to implement security technology in SIEM way, Big Data platform technology is essential that can handle large log data which occurs in the current security devices. In this paper, we have a big data platform Hadoop Ecosystem technology for analyzing the security log for sure how to implement the system model is studied.

• Journal of the Korea Computer Industry Society
• /
• v.4 no.12
• /
• pp.965-974
• /
• 2003

Today's network consists of a large number of routers and servers running a variety of applications. In this paper, we have designed and constructed the general simulation environment of network security model composed of multiple IDSs agent and a firewall agent which coordinate by CNP (Contract Net Protocol). The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. Command console in the CNP is a manager who controls the execution of agents or a contractee, who performs intrusion detection. In the knowledge-based network security model, each model of simulation environment is hierarchically designed by DEVS (Discrete Event system Specification) formalism. The purpose of this simulation is the application of rete pattern-matching algorithm speeding up the inference cycle phases of the intrusion detection expert system. we evaluate the characteristics and performance of CNP architecture with rete pattern-matching algorithm.

• The Journal of Information Systems
• /
• v.12 no.2
• /
• pp.57-72
• /
• 2003

The purpose of this paper is to propose the modeling of multiagent based SCM and implement the prototype in the Internet environment. SCM process follows the supply chain operations reference (SCOR) model which has been suggested by Supply Chain Counsil. SCOR model has been positioned to become the industry standard for describing and improving operational process in SCM. Five basic processes, plan, source, matte, deliver and return are defined in the SCOR model, through which a company establishes its supply chain competitive objectives. A supply chain is a world wide network of suppliers, factories, warehouses, distribution centers and retailers through which raw materials are acquired, transformed or manufactured and delivered to customers by autonomous or semiautonomous process. With the pressure from the higher standard of customer compliance, a frequent model change, product complexity and globalization, the combination of supply chain process with an advanced infrastructure in terms of multiagent systems have been highly required. Since SCM is fundamentally concerned with coherence among multiple decision makers, a multiagent framework based on explicit communication between constituent agents such as suppliers, manufacturers, and distributors is a natural choice. Multiagent framework is defined to perform different activities within a supply chain. Dynamic and changing functions of supply chain can be dealt with multi-agent by cooperating with other agents. In the areas of inventory management, remote diagnostics, communications with field workers, order fulfillment including tracking and monitoring, stock visibility, real-time shop floor data collection, asset tracking and warehousing, customer-centric supply chain can be applied and implemented utilizing multiagent. In this paper, for the order processing event between the buyer and seller relationship, multiagent were defined corresponding to the SCOR process. A prototype system was developed and implemented on the actual TCP/IP environment for the purchase order processing event. The implementation result assures that multiagent based SCM enhances the speed, visibility, proactiveness and responsiveness of activities in the supply chain.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.6
• /
• pp.929-934
• /
• 2018

The Internet of Things (IoT) is the network of devices embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data without any human intervention. The importance of time information is increased in order to impose order on scattered sensor data streams, resolving conflicts through time stamp information and so on. Time information and time synchronization are critical building blocks in the IoT. They allow devices to share a consistent notion of time and it is easier to build efficient and robust collaborative services. This paper proposes a standard time management scheme in the Internet of Things. Many IoT applications involve collection and forwarding of event data. It is useful to know when an event occurs for the purposes of triggering an action. In order to verify the feasibility of the proposed scheme, it is implemented and evaluated in the Arduino development environment.

• The Journal of the Korea Contents Association
• /
• v.3 no.4
• /
• pp.38-47
• /
• 2003

Distributed problem solving is the cooperative solution of problem by a decentralized and loosely couped collection of knowledge-sources (KS's), located in a number of distinct processor nodes. The contract net protocol has been developed to specify problem-solving communication and control for nodes in a distributed problem solver. Task distribution is affected by a negotiation process, a discussion carried on between nodes with tasks to be executed and nodes that may be able to execute tasks In this paper, we present the coordination method among distributed intrusion detection system and firewall by the contract net protocol. The method enhances the intrusion detection performance and provides the communication methods. To mode IDS and firewall, security models hue been hierarchically constructed based on the DEVS (Discrete Event system Specification) formalism. Each ID agent cooperates through the contract net protocol for detecting intrusions. The IDS which detects the intrusion informs to firewall, so the harmful network traffic is blocked. If an agent detects infusions, the agent transfers attacker's information to a firewall. Using this mechanism attacker's packets detected by In can be prevented from damaging the network.

• The Korean Journal of Archival Studies
• /
• no.66
• /
• pp.37-67
• /
• 2020

Recently, industrial heritages have been transformed into cultural facilities in the wake of urban Regeneration. This focus is mainly on appearance, and the explanation is often abbreviated as a master narrative, and the placeness is not sufficiently inherited. The placeness of industrial heritage contains not only historical but also personal memories. Place memory must be collected and managed in order for the placeness that can be the source of identity to be preserved and utilized. To this end, this study suggested collecting place memories based on personal life histories. Using the case of collecting Andong Station and Cheongju Tobacco Factory, the life narrative was broken down into an event and the process of reinterpreting it as a place memory was proposed to implement archiving of industrial heritage sites. This methodology means that it can be supplemented rather than replaced.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1391-1396
• /
• 2021

The boundary-based security system has the advantage of high operational efficiency and easy management of security solutions, and is suitable for denying external security threats. However, since it is operated on the premise of a trusted user, it is not suitable to deny security threats that occur from within. A zero trust access control model was proposed to solve this problem of the boundary-based security system. In the zero trust access control model, the security requirements for real-time security event monitoring must be satisfied. In this study, we propose a monitoring method for the most basic file access among real-time monitoring functions. The proposed monitoring method operates at the kernel level and has the advantage of fundamentally preventing monitoring evasion due to the user's file bypass access. However, this study focuses on the monitoring method, so additional research to extend it to the access control function should be continued.

• Journal of The Korean Society of Integrative Medicine
• /
• v.9 no.3
• /
• pp.99-110
• /
• 2021

Purpose: The purpose of this study was to understand the experience and meaning of falls among care workers caring for the elderly. Methods: The participants comprised 10 care workers in Seoul and Gyeonggi Province, South Korea. The data collection period was from September to November 2020, and the data were obtained through individual in-depth interviews. The collected data were analyzed using the content analysis method of qualitative research. The main interview questions were as follows: First, in the event of a fall, "can you tell us about your experience and how you dealt with the fall?; second, "can you tell us about your role and the role of family members or the center that manages falls that occur outside of nursing visits.", third, "can you tell us about the difficulties in managing falls based on your experience?", and fourth, "how are falls that occur during nursing visits managed?" Results: As a result of analyzing the experiences of nursing care workers of falls while caring for elders in their homes, five main themes were derived. These were understanding the characteristics of the elderly at home, understanding possible emergency situations, providing caring services, minimizing physical harm, and delivering clear information. Conclusion: A significant finding of this study was that care workers who visit and provide care to elders at home confirmed the need for standard guidelines on appropriate responses in the event of a fall at home and the importance of managing emergencies arising from falls among elders at home. These results highlight the need for the development of emergency response education programs, such as programs on fall care among nurses and care workers who provide care to the elderly, and for enhanced understanding of the fall risk of elders who live at home.