• Title/Summary/Keyword: vulnerability analysis

Search Result 1,312, Processing Time 0.024 seconds

Analysis on a New Intrinsic Vulnerability to Keyboard Security (PS/2 키보드에서의 RESEND 명령을 이용한 패스워드 유출 취약점 분석)

  • Lee, Kyung-Roul;Yim, Kang-Bin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.3
    • /
    • pp.177-182
    • /
    • 2011
  • This paper introduces a possibility for attackers to acquire the keyboard scan codes through using the RESEND command provided by the keyboard hardware itself, based on the PS/2 interface that is a dominant interface for input devices. Accordingly, a keyboard sniffing program using the introduced vulnerability is implemented to prove the severeness of the vulnerability, which shows that user passwords can be easily exposed. As one of the intrinsic vulnerabilities found on the existing platforms, for which there were little considerations on the security problems when they were designed, it is required to consider a hardware approach to countermeasure the introduced vulnerability.

The Assessment of Future Flood Vulnerability for Seoul Region (서울 지역의 미래 홍수취약도 평가)

  • Sung, Jang Hyun;Baek, Hee-Jeong;Kang, Hyun-Suk;Kim, Young-Oh
    • Journal of Wetlands Research
    • /
    • v.14 no.3
    • /
    • pp.341-352
    • /
    • 2012
  • The purpose of this study is to statistically project future probable rainfall and to quantitatively assess a future flood vulnerability using flood vulnerability model. To project probable rainfall under non-stationarity conditions, the parameters of General Extreme Value (GEV) distribution were estimated using the 1 yr data added to the initial 30 yr base series. We can also fit a linear regression model between time and location parameters after comparing the linear relationships between time and location, scale, and shape parameters, the probable rainfall in 2030 yr was calculated using the location parameters obtained from linear regression equation. The flood vulnerability in 2030 yr was assessed inputted the probable rainfall into flood vulnerability assessment model suggested by Jang and Kim (2009). As the result of analysis, when a 100 yr rainfall frequency occurs in 2030 yr, it was projected that vulnerability will be increased by spatial average 5 % relative to present.

Assessment of Flooding Vulnerability Based on GIS in Urban Area - Focused on Changwon City - (GIS 기반의 도시지역 침수 취약성 평가 - 창원시를 대상으로 -)

  • Song, Bong-Geun;Lee, Taek-Soon;Park, Kyung-Hun
    • Journal of the Korean Association of Geographic Information Studies
    • /
    • v.17 no.4
    • /
    • pp.129-143
    • /
    • 2014
  • The purpose of this study is to evaluate flooding vulnerability considering spatial characteristics focused on Changwon-si, Gyeongsangnam-do. Assessment Factors are water cycle area ratio, surface runoff, and precipitation. And construction of assessment factors and vulnerability was analyzed by GIS program. Water cycle ratio and surface runoff were vulnerable in urban area. Precipitation was often distributed in agriculture of the northern region. Results of flooding vulnerability were low in agriculture and forest of the northern region. In contrast, urban area was high because there has covered impervious land cover. Analytical results of flooding vulnerability density using hotspot spatial cluster analysis were high in urban area. And these areas were situated in down stream so flooding were generated. Therefore, flooding vulnerability assessment of this study can help for selecting construction sites of pervious land cover and rainwater management facilities in urban and environmental planning.

Degree of the Contribution of Disaster and Safety Education as an Index of Climate Change Vulnerability (기후변화 취약성 평가지표로서 재난안전교육의 기여도 산정)

  • Chung, Gunhui
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.15 no.8
    • /
    • pp.5349-5354
    • /
    • 2014
  • Climate change is one of the most important factors increasing a system's vulnerability. Therefore, various methods have been applied to evaluate the vulnerability to develop an appropriate adaptation policy to minimize the effects of climate change. On the other hand, it has barely been used to examine the suitability of the selected proxy variables to calculate the vulnerability. In this study, it was shown that the degree of disaster and safety education should be considered as one of the proxy variables in non-structural measures when the vulnerability is calculated using an expert survey. As a result, the degree of the contribution on the climate change vulnerability can be different according to the education target and the characteristics of various systems. The results might be useful for developing a climate change adaptation policy in a specific area.

Prioritizing the Importance of the Factors Related to the Vulnerability of Agricultural Water Resources and Infra-structures to Climate Change (농어촌용수 및 농업생산기반시설에 대한 기후변화 취약성 관련인자 중요도 평가)

  • Choi, Youngwan;Jang, Min-Won;Bae, Seung-Jong;Jung, Kyung-Hun;Hwang, Syewoon
    • Journal of Korean Society of Rural Planning
    • /
    • v.25 no.1
    • /
    • pp.75-87
    • /
    • 2019
  • As the impacts of climate change have been emerged all the way through society, the potential risks specifically on agricultural water and facilities are recently getting concerned. Evaluating vulnerability of agriculture to climate change on is a time-tested strategy. While a number of researches on the adaption and mitigation of climate change were performed in various aspects for sustainable agricultural production, the vulnerability of management system for agricultural water and infrastructure has not been investigated yet. This study is aimed to clarify the definition of vulnerability to climate change, find the major indicators able to presume the vulnerability, and finally determine the relative importance of the indicators based on the specialist questionnaire survey and its analyses. The lists of indicators for major parts of agricultural water management such as, water use, flood control, reservoir related issues, and pumping and drainage systems are initialized referring to the related precedent studies. The primary survey was conducted in the form of Delphi to complement the list and methods and the main survey was then conducted using AHP(Analytic Hierarchy Process) technique to quantitatively prioritize the indicators. The results derived in this study would be directly adopted in weighting importance of indicators to investigate the indicator-based vulnerability analysis to climate change in agricultural water and infrastructure management.

Attack Detection Technology through Log4J Vulnerability Analysis in Cloud Environments (클라우드 환경에서 Log4J 취약점 분석을 통한 공격 탐지 기술)

  • Byeon, Jungyeon;Lee, Sanghee;Yoo, Chaeyeon;Park, Wonhyung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2022.05a
    • /
    • pp.557-559
    • /
    • 2022
  • The use of open source has the advantage that the development environment is convenient and maintenance is easier, but there is a limitation in that it is easy to be exposed to vulnerabilities from a security point of view. In this regard, the LOG4J vulnerability, which is an open source logging library widely used in Apache, was recently discovered. Currently, the risk of this vulnerability is at the 'highest' level, and developers are using it in many systems without being aware of such a problem, so there is a risk that hacking accidents due to the LOG4J vulnerability will continue to occur in the future. In this paper, we analyze the LOG4J vulnerability in detail and propose a SNORT detection policy technology that can detect vulnerabilities more quickly and accurately in the security control system. Through this, it is expected that in the future, security-related beginners, security officers, and companies will be able to efficiently monitor and respond quickly and proactively in preparation for the LOG4J vulnerability.

  • PDF

Vulnerability to human immunodeficiency virus infection and associated factors among married women in northwest Ethiopia: a cross-sectional study

  • Asiya Hussien;Abdissa Boka;Asnake Fantu
    • Women's Health Nursing
    • /
    • v.28 no.4
    • /
    • pp.307-316
    • /
    • 2022
  • Purpose: This study investigated the vulnerability to human immunodeficiency virus (HIV) infection and associated factors among married women in northwest Ethiopia. Methods: A community-based cross-sectional survey (n=657) was conducted from April 1 to 15, 2020, in Metema District, northwest Ethiopia, in four randomly selected kebele administrations (the lowest level of local government). The inclusion criteria were married women aged ≥18 years residing with their husbands. Logistic regression analysis was conducted to identify factors associated with married women's vulnerability to HIV infection. Results: Participants were on average 33.70±9.50 years and nearly one-fourth (n=148, 22.5%) were identified as vulnerable to HIV infection (i.e., experienced sexually transmitted disease symptoms or an extramarital affair of either spouse within the past 12 months). Only 18.9% reported sexual communication with their husband. Respondents who did not discuss the risk of HIV infection with their husbands had fivefold odds of vulnerability (adjusted odds ratio [AOR], 5.02; 95% confidence interval [CI], 1.43-17.5). Those who did not have premarital sex (AOR, 0.20; 95% CI, 0.05-0.77) had no worries about HIV infection (AOR, 0.27; 95% CI, 0.08-0.94), sufficient income (AOR, 0.56; 95% CI, 0.16-0.86), and less than four children (AOR, 0.69; 95% CI, 0.50-0.97) had decreased odds of being vulnerable to HIV than their counterparts. Conclusion: Not discussing risk of HIV infection with husband was a major factor of vulnerability to HIV infection as was premarital sex, worry about HIV, income, and number of children. Measures to strengthen couple's sexual communication and support economical stability is important for decreasing HIV vulnerability.

Designing a Drone Delivery Network for Disaster Response Considering Regional Disaster Vulnerability Index (재난 취약도 지수를 고려한 재난 대응 드론 거점 입지 선정)

  • OkKyung Lim;SangHwa Song
    • The Journal of Bigdata
    • /
    • v.9 no.1
    • /
    • pp.115-126
    • /
    • 2024
  • The scale and cost of disasters are increasing globally, emphasizing the importance of logistics activities in disaster response. A disaster response logistics system must place logistics hub centers in regions relatively safe from disasters and ensure the stable supply of relief goods and emergency medicines to the affected areas. Therefore, this study focuses on locating drone delivery centers that minimize disaster vulnerability when designing a disaster response delivery network. To facilitate the transport of relief supplies via drones, the maximum delivery range of drones is considered and we employed a natural disaster vulnerability index to develop optimization models for selecting drone delivery center locations that minimize disaster vulnerability. The analysis indicates that while the optimization models to minimize disaster vulnerability increase the number of hub investments, these approaches mitigate disaster vulnerability and allows the safe and effective operation of a disaster response logistics system utilizing drone deliveries.

Efficient method for finding patched vulnerability with code filtering in Apple iOS (코드 필터링 기법을 이용한 iOS 환경에서의 패치 분석 방법론)

  • Jo, Je-gyeong;Ryou, Jae-cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.1021-1026
    • /
    • 2015
  • Increasing of damage by phishing, government and organization response more rapidly. So phishing use malware and vulnerability for attack. Recently attack that use patch analysis is increased when Microsoft announce patches. Cause of that, researcher for security on defense need technology of patch analysis. But most patch analysis are develop for Microsoft's product. Increasing of mobile environment, necessary of patch analysis on mobile is increased. But ordinary patch analysis can not use mobile environment that there is many file and small size. So we suggest this research that use code filtering instead of Control Flow Graph and Abstract Syntax Tree.

A Study of Wired and wireless VoIP vulnerability analysis and hacking attacks and security (유무선 VoIP 취약점 분석과 해킹공격 및 보안 연구)

  • Kwon, Se-Hwan;Park, Dea-Woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.16 no.4
    • /
    • pp.737-744
    • /
    • 2012
  • Recently VoIP has provided voice(both wired and wireless from IP-based) as well as the transmission of multimedia information. VoIP used All-IP type, Gateway type, mVoIP etc. Wired and wireless VoIP has security vulnerabilities that VoIP call control signals, illegal eavesdropping, service misuse attacks, denial of service attack, as well as wireless vulnerabilities etc. from WiFi Zone. Therefore, the analysis of security vulnerabilities in wired and wireless VoIP and hacking incidents on security measures for research and study is needed. In this paper, VoIP (All-IP type, and for Gateway type) for system and network scanning, and, IP Phone to get the information and analysis of the vulnerability. All-IP type and Gateway type discovered about the vulnerability of VoIP hacking attacks (Denial of Service attacks, VoIP spam attacks) is carried out. And that is a real VoIP system installed and operated in the field of security measures through research and analysis is proposed.