• Journal of the Korean Society for Railway
• /
• v.19 no.2
• /
• pp.159-169
• /
• 2016

The current railway control system in Korea is comprised of signaling, electric rail power, communication, and maintenance systems that are independent of each other. Further, these systems have different mediums and protocols for transmitting the field equipment data to the central control system. The Safety Supervision System has as its purpose the collecting of safety-related data from each system to predict and prevent accidents, this system utilizes standard protocol. Safety-related data need to be collected from field data transmission devices of the existing control system, the data should be collected without affecting the communication of the existing system. In this study, sniffing skill, which is typically used for network traffic monitoring or security, is used to collect data. The problems arising from the use of sniffing devices are noted, and the Packet Conversion Node is proposed as a solution to the problems. Further, functional and performance testing were completed for the prototype, and the software architecture and packet conversion process were verified.

• The Journal of Society for e-Business Studies
• /
• v.20 no.4
• /
• pp.1-17
• /
• 2015

A river water level monitoring system which prevents salt water damages and effectively excludes floods has been developed to contribute efficient operation of Nakdong river estuary barrage. The system can be used for monitoring upstream conditions more quickly and do appropriate responses over changes. Telemetry and telecontrols using PLCs have been built at the three sites that directly influence on the operation of barrage gates, and are linked to Nakdong river estuary barrage's IOS (Integrated Operation System) through public communication networks. By using PLC, the system can achieve even higher reliability and versatility than before as well as easy management. By power control devices, we can remotely control the power of PLCs to treat the minor troubles instantly without going on-sites. The power control devices also save data in preparation for the cases of communication failures. The system uses ADSL (FTTH) as a main network between SCADA server and PLCs, and CDMA (M2M) as a secondary network. In order to compensate security vulnerabilities of public communication network, we have installed the VPNs for secure communication between center and the observation stations, just like a dedicated network. Generally, river water level observations have been used custom-manufactured remote terminals to suit their special goals. However, in this case, we have established a system with open architecture considering the interface between different systems, the ease of use and maintenance, security, price, etc.

• Strategy21
• /
• s.40
• /
• pp.131-143
• /
• 2016

On 12 July 2016, China's maritime claim to most of the South China Sea (SCS) based on the so-called nine-dash line was rejected by the Arbitral Tribunal, constituted under Annex VII to the UN Convention on the Law of the Sea (UNCLOS) concerning issues in the South China Sea including the legality of the so-called "nine-dashed line", the status of certain maritime features and their corresponding maritime entitlements, together with the lawfulness of certain actions by China which the Philppines, in a case brought in 2013, alleged were violations. As having the Tribunal determined that China's claim had no legal grounds in UNCLOS, thus undermining China's claims, and establishing that China has no exclusive legal rights to control the area roughly the size of India. There are some major implications from the Tribunal's ruling in the Arbitration award. These include implications on: how to delimit the maritime boundary in disputed waters, how to promote maritime confidence-building measures, how to safeguard maritime safety and security, and how to promote the rule of law in the SCS. Since its application of UNCLOS in East Asia, it has been obvious that the only way to resolve maritime disputes in the region is to build strong maritime cooperative partnerships under the auspices of the rule of law.

• The Journal of Society for e-Business Studies
• /
• v.12 no.4
• /
• pp.17-27
• /
• 2007

This paper proposes a key distribution and authentication protocol between user, service provider and key distribution center (KDC). This protocol is based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. In the proposed protocol, user and server update the session key under token-update operation, and user can process repeated efficient authentications by using updated session keys. And another merit is that KDC needs not to totally control the session key between user and server in proposed protocol. Even an attacker steals the parameters from the KDC, the attacker still can not calculate session key. According to the comparison and analysis with other protocols, our proposed protocol provides good efficiency and forward secure session key.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.871-883
• /
• 2014

New types of attacks that mainly compromise the public, portal and financial websites for the purpose of economic profit or national confusion are being emerged and evolved. In addition, in case of 'drive by download' attack, if a host just visits the compromised websites, then the host is infected by a malware. Website falsification detection system is one of the most powerful solutions to cope with such cyber threats that try to attack the websites. Many domestic CERTs including NCSC (National Cyber Security Center) that carry out security monitoring and response service deploy it into the target organizations. However, the existing techniques for the website falsification detection system have practical problems in that their time complexity is high and the detection accuracy is not high. In this paper, we propose website falsification detection system based on image and code analysis for improving the performance of the security monitoring and response service in CERTs. The proposed system focuses on improvement of the accuracy as well as the rapidity in detecting falsification of the target websites.

• Journal of Advanced Marine Engineering and Technology
• /
• v.38 no.6
• /
• pp.761-770
• /
• 2014

In september 2004 and 2006, topographical and sedimentological survey were carried out using multibeam echosounder, which were to investigate shape characteristics, temporal changes and control factors of the subaqueous dunes in the southern Gyeonggi Bay. The present tidal current and sedimentary characteristics of study area make conditions that the sizes (length and height) of large subaqueous dunes are developed and maintained sufficiently. The change of sedimentary characteristics over time, the decrease in grain size causes reduction in the height of very large subaqueous dunes. Therefore it shows that the grain size of surface sediments is a primary control factor in defining subaqueous dune sizes in the study area.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1123-1129
• /
• 2015

Macro(automatic hunting) of mobile game is a program that touch the screen by defined rules like a game bot in PC online games, and it is used by make various ways like android application or windows application program. This gives honest users deprivation and make to lose their interest. Finally they would leave the game and gradually game life would be shorten. Although many studies to prevent these problems in PC online game are conducted, applying mobile game to PC's way is difficult because mobile games are limited to use the network and device performance is different with PC. In this paper, we propose a framework for macro detection by using the touch event information. A touch event on the mobile game is a necessary control command to the game. Because macro touches the screen with the same pattern, there is a difference between normal user's behavior and macro's operation. In mobile games that casual games are mostly, Touch event is the best difference that identify normal user against macro for a short period of time. As a result of detecting macros used in real mobile game by using the proposed framework it showed 100% accuracy and 0% false positive rate.

• Journal of Electrical Engineering and Technology
• /
• v.12 no.1
• /
• pp.19-28
• /
• 2017

False data injection attacks have recently been introduced as one of important issues related to cyber-attacks on electric power grids. These attacks aim to compromise the readings of multiple power meters in order to mislead the operation and control centers. Recent studies have shown that if a malicious attacker has complete knowledge of the power grid topology and branch admittances, s/he can adjust the false data injection attack such that the attack remains undetected and successfully passes the bad data detection tests that are used in power system state estimation. In this paper, we investigate that a practical false data injection attack is essentially a cyber-attack with uncertain information due to the attackers lack of knowledge with respect to the power grid parameters because the attacker has limited physical access to electric facilities and limited resources to compromise meters. We mathematically formulated a method of identifying the most vulnerable locations to false data injection attack. Furthermore, we suggest minimum topology changes or phasor measurement units (PMUs) installation in the given power grids for mitigating such attacks and indicate a new security metrics that can compare different power grid topologies. The proposed metrics for performance is verified in standard IEEE 30-bus system. We show that the robustness of grids can be improved dramatically with minimum topology changes and low cost.

• Journal of Korean Society of societal Security
• /
• v.1 no.1
• /
• pp.69-79
• /
• 2008

Operational continuity is not a simple issue that can be solved by a Back-Up center or an alternate site. Strategic issues including law, standards, etc demand a new approach in terms of the operational continuity management (OCM). Also, it is necessary to develop a new framework of OCM governance as a part of the corporate governance. Experts from corporate governance insist that OCM can be included in the corporate operational control and so it is important to set up a strategy for OCM in the organization. This paper describes how OCM governance suggests two aspects of effectively controlling corporate risks in the viewpoint of corporate governance. First of all, the top corporate management develops the strategy of operational continuity with regard to the corporate governance. Secondly, there is the aspect of how to build up and manage the strategy of operational continuity in the corporations.

• Journal of Advanced Marine Engineering and Technology
• /
• v.39 no.7
• /
• pp.709-715
• /
• 2015

Underwater gliders do not typically have separate propellers for forward motion. They generate propulsive forces based on the difference between their buoyancy and gravity. They can control the volume from the buoyancy engine to adjust the propulsive force. In addition, the attitude of the underwater glider is controlled by a rubberless motion controller. The motion controller can change the mass center and moment of inertia of the inner moving mass. Owing to the change in these parameters, the attitude of the underwater glider is changed. In this study, we derive nonlinear, six degree of freedom (DOF) mathematical models for the motion controller and buoyancy engine. Using these equations, we perform dynamic simulations of the proposed underwater glider, and verify the suitability of the design and dynamic performances of the proposed underwater glider. We then perform the motion control simulation for the pitch and roll angle, and analyze the dynamic performance according to the pitch and roll angles.