• Convergence Security Journal
• /
• v.13 no.3
• /
• pp.9-15
• /
• 2013

Calculating of matching cost is an important for efficient stereo matching. To investigate the performance of matching process, the concepts of the existing methods are introduced. Also we analyze the performance and merits of them. The simplest matching costs assume constant intensities at matching image locations. We consider matching cost functions which can be distinguished between pixel-based and window-based approaches. The Pixel-based approach includes absolute differences (AD) and sampling-intensitive absolute differences (BT). The window-based approach includes the sum of the absolute differences, the sum of squared differences, the normalized cross-correlation, zero-mean normalized cross-correlation, census transform, and the absolute differences census transform (AD-Census). We evaluate matching cost functions in terms of accuracy and time complexity. In terms of the accuracy, AD-Census method shows the lowest matching error ratio (the best solution). The ZNCC method shows the lowest matching error ratio in non-occlusion and all evaluation part. But it performs high matching error ratio at the discontinuities evaluation part due to blurring effect in the boundary. The pixel-based AD method shows a low complexity in terms of time complexity.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.1-14
• /
• 2010

IEEE 802.15.4[1] has been standardized for the physical layer and MAC layer of LR-PANs(Low Rate-Wireless Personal Area Networks) as a technology for operations with low power on sensor networks. The standardization is applied to the variety of applications in the shortrange wireless communication with limited output and performance, for example wireless sensor or virtual wire, but it includes vulnerabilities for various attacks because of the lack of security researches. In this paper, we analyze the vulnerabilities against the denial of sleep attacks on the MAC layer of IEEE 802.15.4, and propose a detection mechanism against it. In results, we analyzed the possibilities of denial of sleep attacks by the modification of superframe, the modification of CW(Contention Window), the process of channel scan or PAN association, and so on. Moreover, we comprehended that some of these attacks can mount even though the standardized security services such as encryption or authentication are performed. In addition to, we model for denial of sleep attacks by Beacon/Association Request messages, and propose a detection mechanism against them. This detection mechanism utilizes the management table consisting of the interval and node ID of request messages, and signal strength. In simulation results, we can show the effect of attacks, the detection possibility and performance superiorities of proposed mechanism.

• Korean Journal of Legislative Studies
• /
• v.22 no.2
• /
• pp.53-75
• /
• 2016

This article presents a descriptive analysis on national security policy platforms promoted by the ruling parties of South Korea during general and presidential elections. National security platforms made during the elections campaigns are a window that allows us to see how the ruling party perceives the threat environment, opportunity-structures, policy preferences and material capabilities faced by the state. South Korea presents a unique case since it faces constant military threats from North Korea and interacts with China and the United States. Therefore, the national security policy platforms, which are explicitly campaigned during the general and presidential elections, showcases the worldview of the ruling party. The study essentially focuses on three areas of the platforms - its threat perception on North Korea, the ROK-US alliance and the future vision for the Korean peninsula by covering two presidential elections and three general elections for the last 20 years.

• Journal of Korea Water Resources Association
• /
• v.41 no.1
• /
• pp.1-15
• /
• 2008

The purpose of this study is to propose a procedure that will be able to find the most efficient sets of weight coefficients for the Geum-River basin in Korea. The result obtained from multi-objective optimization model is inherently sensitive to the weight coefficient on each objective. In multi-objective reservoir operation problems, the coefficient setting may be more complicated because of the natural variation of inflow. Therefore, for multi-objective reservoir operation problems, it may be important for modelers to provide reservoir operators with appropriate sets of weight coefficients considering the inflow variation. This study presents a procedure to find an appropriate set of weight coefficients under the situation that has inflow variation. The proposed procedure uses GA-CoMOM to provide a set of weight coefficient sets. A DEA-window analysis and a cross efficiency analysis are then performed in order to evaluate and rank the sets of weight coefficients for various inflow scenarios. This proposed procedure might be able to find the most efficient sets of weight coefficients for the Geum-River basin in Korea.

• KSCI Review
• /
• v.14 no.2
• /
• pp.255-262
• /
• 2006

A Malicious code is used to SMiShing disguised as finance mobile Vishing, using Phishing, Pharming mail, VoIP service etc. to capture of personal information. A Malicious code deletes in Anti-Virus Spyware removal programs. or to cure use. By the way, the Malicious cord which is parasitic as use a DLL Injection technique, and operate are Isass.exe, winlogon.exe. csrss.exe of the window operating system. Be connected to the process that you shall be certainly performed of an exe back, and a treatment does not work. A user forces voluntarily a process, and rebooting occurs, or a blue screen occurs, and Compulsory end, operating system everyone does. Propose a treatment way like a bird curing a bad voice code to use a DLL Injection technique to occur in these fatal results. Click KILL DLL since insert voluntarily an end function to Thread for a new treatment, and Injection did again the Thread which finish an action of DLL, and an end function has as control Thread, and delete. The cornerstone that the treatment way that experimented on at these papers and a plan to solve will become a researcher or the revolutionary dimension that faced of a computer virus, and strengthen economic financial company meeting Ubiquitous Security will become.

• Korean Journal of Remote Sensing
• /
• v.36 no.4
• /
• pp.535-544
• /
• 2020

In synthetic aperture radar (SAR) based ship detection application, false alarms frequently occur due to various noises caused by the radar imaging process. Among them, radio frequency interference (RFI) and azimuth smearing produce substantial false alarms; the latter also yields longer length estimation of ships than the true length. These two noises are prominent at cross-polarization and relatively weak at co-polarization. However, in general, the cross-polarization data are suitable for ship detection, because the radar backscatter from background sea surface is much less in comparison with the co-polarization backscatter, i.e., higher ship-sea image contrast. In order to improve the ship detection accuracy further, the RFI and azimuth smearing need to be mitigated. In the present letter, Sentinel-1 VV- and VH-polarization intensity data are used to show a novel technique of removing these noises. In this method, median image intensities of noises and background sea surface are calculated to yield arithmetic tendency. A band-math formula is then designed to replace the intensities of noise pixels in VH-polarization with adjusted VV-polarization intensity pixels that are less affected by the noises. To verify the proposed method, the adaptive threshold method (ATM) with a sliding window was used for ship detection, and the results showed that the 74.39% of RFI false alarms are removed and 92.27% false alarms of azimuth smearing are removed.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.5 s.43
• /
• pp.251-258
• /
• 2006

A Malicious code is used to SMiShing disguised as finance mobile Vishing, using Phishing, Pharming mail, VoIP service etc. to capture of personal information. A Malicious code deletes in Anti-Virus Spyware removal programs, or to cure use. By the way, the Malicious cord which is parasitic as use a DLL Injection technique, and operate are Isass.exe, winlogon.exe, csrss.exe of the window operating system. Be connected to the process that you shall be certainly performed of an exe back, and a treatment does not work. A user forces voluntarily a process, and rebooting occurs, or a blue screen occurs, and Compulsory end, operating system everyone does. Propose a treatment way like a bird curing a bad voice code to use a DLL Injection technique to occur in these fatal results. Click KILL DLL since insert voluntarily an end function to Thread for a new treatment, and Injection did again the Thread which finish an action of DLL, and an end function has as control Thread, and delete. The cornerstone that the treatment wav that experimented on at these papers and a plan to solve will become a researcher of the revolutionary dimension that faced of a computer virus, and strengthen economic financial company meeting Ubiquitous Security will become.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.67-73
• /
• 2018

From a software engineering point of view, tracing is a special form of logging that records program execution information. Tracers using dedicated hardware are often used because of the characteristics of tracers that need to generate and decode huge amounts of data in real time. Intel(R) PT uses proprietary hardware to record all information about software execution on each hardware thread. When the software execution is completed, the PT can process the trace data of the software and reconstruct the correct program flow. The hardware trace program can be integrated into the operating system, but in the case of the window system, the integration is not tight due to problems such as the kernel opening. Also, it is possible to trace only a single process and not provide a way to trace multiple process streams. In this paper, we propose a method to extend existing PT trace program to support multi - process stream traceability in Windows environment in order to overcome these disadvantages.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.97-101
• /
• 2019

If the operating system's core file contains an Intel PT, the debugger can not only check the program state at the time of the crash, but can also reconfigure the control flow that caused the crash. We can also extend the execution trace scope to the entire system to debug kernel panics and other system hangs. The second-generation PT, the WinIPT library, includes an Intel PT driver with additional code to run process and core-specific traces through the IOCTL and registry mechanisms provided by Windows 10 (RS5). In other words, the PT trace information, which was limited access only by the first generation PT, can be executed by process and core by the IOCTL and registry mechanism provided by the operating system in the second generation PT. In this paper, we compare and describe methods for collecting, storing, decoding and detecting malicious codes of data packets in a window environment using 1/2 generation PT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.55-63
• /
• 2006

Recently, there is much abnormal traffic driven by several worms, such as Nimda, Code Red, SQL Stammer, and so on, making badly severe damage to networks. Meanwhile, diverse prevention schemes for defeating abnormal traffic have been studied in the academic and commercial worlds. In this paper, we present the structure of a stepwise intrusion prevention system that is designed with the feature of putting limitation on the network bandwidth of each network traffic and dropping abnormal traffic, and then compare the proposed scheme with a pre-existing scheme, which is a True/False based an anomaly prevention scheme for several worm-patterns. There are two criteria for comparison of the schemes, which are Normal Traffic Rate (NTR) and False Positive Rate (FPR). Assuming that the abnormal traffic rate of a specific network is $\beta$ during a predefined time window, it is known that the average NTR of our stepwise intrusion prevention scheme increases by the factor of (1+$\beta$)/2 than that of True/False based anomaly prevention scheme and the average FPR of our scheme decrease by the factor of (1+$\beta$)/2.