• Journal of Internet Computing and Services
• /
• v.22 no.4
• /
• pp.1-11
• /
• 2021

As the Internet developed, various and complex cyber attacks began to emerge. Various detection systems were used outside the network to defend against attacks, but systems and studies to detect attackers inside were remarkably rare, causing great problems because they could not detect attackers inside. To solve this problem, studies on the lateral movement detection system that tracks and detects the attacker's movements have begun to emerge. Especially, the method of using the Remote Desktop Protocol (RDP) is simple but shows very good results. Nevertheless, previous studies did not consider the effects and relationships of each logon host itself, and the features presented also provided very low results in some models. There was also a problem that the model could not explain why it predicts that way, which resulted in reliability and robustness problems of the model. To address this problem, this study proposes an interpretable RDP-based lateral movement detection system using page rank algorithm and SHAP(Shapley Additive Explanations). Using page rank algorithms and various statistical techniques, we create features that can be used in various models and we provide explanations for model prediction using SHAP. In this study, we generated features that show higher performance in most models than previous studies and explained them using SHAP.

• The Journal of Society for e-Business Studies
• /
• v.26 no.4
• /
• pp.37-52
• /
• 2021

Due to the spread of COVID-19, it is rapidly changing from face-to-face to non-face-to-face work environments and is changing to a digital work environment that can be accessed anytime, anywhere, providing convenience to all lives. However, the number of breaches, personal information leakage, and technology leakage targeting SMEs that are vulnerable to security continues to increase. Accordingly, the government has been continuously promoting the information security consulting support project for SMEs every year since 2014. Therefore, this study intends to develop a performance model and measurement methodology for continuous and more systematic support and efficient management of information protection support projects in consideration of the importance of information security for SMEs. It is intended to be used as basic data when setting future operational directions and goals. The main method of this study is to derive performance models and indicators for SME information security support projects based on domestic literature, case studies, and survey results, utilize expert advice to verify the developed performance measurement indicators, and use pilot-test questionnaires. Conduct evaluation through surveys. Based on the verified indicators, we would like to present a performance model and measurement index for the information security support project for SMEs.

• Journal of Radiation Protection and Research
• /
• v.28 no.3
• /
• pp.155-163
• /
• 2003

The groundwater flow and contaminant transport numerical models have been established for analyzing the movements of pollutants in subsurface soil at Daeduk site. The groundwater flow and concentration of U-234 using the numerical models were simulated around Daeduk nuclear facilities. The computed groundwater flow was mainly advected toward the direction of east and southeast around HANARO in the site. The radioactive material entered into the subsurface soil was transported along the same direction with groundwater flow. The radioactive material deposited on the surface from the calculated concentration distributions was not affected by surrounding environment of the site.

• Journal of Radiation Protection and Research
• /
• v.28 no.3
• /
• pp.207-213
• /
• 2003

Carbon-14 is one of the major radionuclides released by CANDU Nuclear Power Plants(NPPs). It is almost always emitted as gas through the stack. From CANDU NPPs about 95% of all carbon-14 is released as carbon dioxide. Carbon-14 is a low energy beta emitter which, therefore, gives only a small skin dose from external radiation. As carbon dioxide Is physiologically rather inert gases for man's metabolism, the inhalation dose is probably less than 1 % of the ingestion dose. But this source of carbon-14, formed in a closed, nor-oxidative environment, was subsequently released into the workplace as an insoluble particulate when these systems were opened lip for re-tubing at CANDU NPPs. As a part of the improvement of dosimetry program at Wolsong Nuclear Power Plants, the carbon-14 metabolism based on references was investigated and studied to setup the internal dosimetry program due to inhalation of carbon-14.

• Journal of the Korea Convergence Society
• /
• v.8 no.8
• /
• pp.51-57
• /
• 2017

A wireless sensor network is composed of many resource constrained sensor nodes. These networks are attacked by malicious attacks like DDoS and routing attacks. In this paper, we propose the intrusion detection and prevention system using convergence of software-defined networking and security technology in wireless sensor networks. Our proposed scheme detects various intrusions in a central server by accumulating log messages of OpenFlow switch through SDN controller and prevents the intrusions by configuring OpenFlow switch. In order to validate our proposed scheme, we show it can detect and prevent some malicious attacks in wireless sensor networks.

• Journal of KIISE
• /
• v.44 no.4
• /
• pp.352-362
• /
• 2017

This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.

• Journal of Radiation Protection and Research
• /
• v.23 no.4
• /
• pp.243-249
• /
• 1998

The methodology for justification and optimization of the countermeasures related with contamination management of milk was designed based on the cost and benefit analysis. The application results were discussed for the deposition on August 15, when pasture is fully developed in Korean agricultural conditions. A dynamic food chain model DYNACON was used to estimate the time-dependent radioactivity of milk after the deposition. The considered countermeasures are (1) the ban of milk consumption (2) the substitution of clean fodder, which are effective in reducing the ingestion dose as well as simple and easy to carry out in the first year after the deposition. The total costs of the countermeasures were quantitatively estimated in terms of cost equivalent of doses and monetary costs. It is obvious that a fast reaction after the deposition is an important factor in cost effectiveness of the countermeasures. In most cases, the substitution of clean fodder was more effective countermeasure than the ban of consumption. A fast reaction after the deposition made longer justifiable/optimal duration of the countermeasure.

• 한국HCI학회:학술대회논문집
• /
• 2007.02b
• /
• pp.206-212
• /
• 2007

웹을 기반으로 하는 e-러닝에 대한 교육적 수요는 증가하고 있다. 이와 동시에, 학습 공간으로서의 사이버 공간의 활용에 대한 고민도 증가하였다. 전통적인 학습활동을 사이버 공간에 복제하려 했던 고전적 방식이 e-러닝 또는 사이버 학습이 아니라는 사실을 확인하기 시작했기 때문이다. e-러닝의 가치가 강조됨에도 불구하고, 실제 사이버 공간에서 일어나는 학습자의 특성과 학습활동이 구체적으로 어떻게 일어나는 지에 대한 탐색은 미흡하다. 산재한 정보를 스스로 가공한 지식, '학습하는 방법을 학습'하는 것이라는 개념들이 제시됨에도 불구하고, 사이버 공간에 산재한 정보, 학습하는 방법의 학습, 그리고 사이버 공간의 학습특성에 대한 논란은 여전하다. 본 연구에서는 실제 사이버 학습 사이트를 이용하고 있는 학습자들의 행동을 중심으로, 학습자의 특성을 탐색하였다. 사이버 공간에서 보이는 스스로 학습하는 방법이 무엇인지 확인하고 이것이 다양한 학습자 유형으로 구분되는 지를 확인하고자 하였다. 연구대상이 된 사이버 학습 사이트는 서울, 부산, 대구, 광주 교육청에서 운영하는 사이버 가정 학습관이었다. 총 1535명의 사이버 가정 학습관 이용자들의 특성이 분석되었다. 사이버 가정학습관 이용자들의 행동특성은 9개의 요인-놀이 활동, 공동 경험, 현실 정체, 공동 성취, 개인주의, 경쟁 지향, 성취감, 편리성(조작 용이), 생생함-으로 구분되었다. 9개의 활동 요인을 기준으로 하여 확인된 학습자 유형은 4가지로 나타났다. 4가지 학습자 유형은 각각 독야청청형, 동고동락형, 의무방어형, 희희낙낙형으로 명명되었다. 이들 유형은 학습 활동 정도 및 사이트 이용 행동, 학습 스타일(사이버 학습 활동 양식)에서 서로 차이가 있었다. 본 연구는 기존의 이론적인 모델에 기초하여 임의적으로 구분된 사이버 학습자 유형 구분이 아닌, 실제 학습 활동을 탐색하였다는 측면에서 의미가 있다. 특히, 기존의 오프라인 학습 이론 및 학습자 특성 연구를 사이버 학습에 그대로 적용할 것이 아니라 사이버 공간의 특성이 실제 학습 활동에서 어떻게 나타났는지를 밝히려고 했다는데 그 의의가 있다. 향후, 사이버 학습자 유형에 따른, 사이버 학습활동의 촉진방안이나 학습 효과의 차이를 높일 수 있는 구체적인 학습 시스템의 설계 및 운영 모델에 대한 탐색이 필요할 것이다.

• Journal of Radiation Protection and Research
• /
• v.11 no.2
• /
• pp.139-145
• /
• 1986

An improved mothod of assessing fuel status by analyzsis of the fission product in the reactor coolant system is proposed. The release mechanism of specific fission products is established for determination of the coefficients in the equations which relate the radioactivities with the amount of defected fuel. Knock-out and migration models are employed in the formulation of the release mechanism. The influence of the tramp uranium is quantified. Sample calculations were made for KNU 1 reactor system using the I-131 and I-133 concentrations in the primary coolant. The estimated number of defected fuel pins in the third and sixth cycles appeared to be $9.34{\pm}1.13\;and\;0.294{\pm}0.092$, respectively.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.27 no.6
• /
• pp.723-731
• /
• 2009

Recently, it has been strangely increasing rainfall and rainfall meter by global warming. so flood damage is being increase. It has happened there are so many damaged by influence by backwater of dam. However, the alleviative solutions of flood damages are focused on the lower river basin where the density of population is higher than upper river basin. This research proceeds based on design and build 3D topography model and reflects the topographical factors of upper river basin. It also simulated the circumstances of flooding by investigation of factors of outflow, hence, as a result, we would find out the vulnerable area for flooding and scale of damages effectively. This research suggests the solution and method of flooding for vulnerable area of the flooding to reduce the damages by predicting flooding. Thus, the suggestion may support to make a decision efficiently to prevent the damage of flooding.