• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1263-1269
• /
• 2014

Since the cyber defense has been dependent on commercial products and protection systems, in aspect of the recent trends, our cyber defence ecosystem can be more vulnerable. In case of general defense weapon companies, they have to be observed by the government such as certain proprietary technologies and products for the protection from the enemy. On the contrary, most cyber weapon companies have not been managed like that. For this reason, cyber attack can reach to the inside of our military through the security hole of commercial products. In this paper, we enhanced a military cyber protection ecosystems out of enemy attacks and analyze the hypothetical scenarios to evaluate and verify the vulnerability, and finally more securable ecosystem of military protection system is presented politically and technically.

• Journal of The Geomorphological Association of Korea
• /
• v.23 no.2
• /
• pp.109-125
• /
• 2016

This study aims to identify the landslide susceptible zones of Boeun area and provide reliable landslide susceptibility maps by applying different modeling methods. Aerial photographs and field survey on the Boeun area identified landslide inventory map that consists of 388 landslide locations. A total ofseven landslide causative factors (elevation, slope angle, slope aspect, geology, soil, forest and land-use) were extracted from the database and then converted into raster. Landslide causative factors were provided to investigate about the spatial relationship between each factor and landslide occurrence by using fuzzy set and logistic regression model. Fuzzy membership value and logistic regression coefficient were employed to determine each factor's rating for landslide susceptibility mapping. Then, the landslide susceptibility maps were compared and validated by cross validation technique. In the cross validation process, 50% of observed landslides were selected randomly by Excel and two success rate curves (SRC) were generated for each landslide susceptibility map. The result demonstrates the 84.34% and 83.29% accuracy ratio for logistic regression model and fuzzy set model respectively. It means that both models were very reliable and reasonable methods for landslide susceptibility analysis.

• Convergence Security Journal
• /
• v.19 no.2
• /
• pp.47-58
• /
• 2019

This study applied the Theory of Reasoned Action by Fishbein & Ajzen(1975) as the grounded theory and adopt sanctions of the General Deterrent Theory and protection motivation of the Protection Motivation Theory as the antecedents to discuss the theoretical factors and the cases of application in the field of information security. Then, it adopted subjective norm, a variable of the Theory of Reasoned Action, as a parameter to analyze the causality of sanctions, perceived vulnerability, response cost, and self-efficacy with the intention to follow the information security policies. As a result, all of the antecedents except for sanctions had causality with the intention and subjective norm proved its mediating effect as a parameter between the antecedents and the intention.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.4
• /
• pp.3-14
• /
• 2002

In this paper we classify the possible threat and introduce the method that measures the loss resulted from the threat in the university. This is the method that the amount of the loss minimized in the case of the same quality in damage as establish a economical prediction model. The method of measuring the loss is as follows. First, asset should be clearly identified and valued. Second, threats which may result in harm to asset should be classified. Third, vulnerabilities which is weaknesses associated with asset should be analyzed. Fourth, measure the value of the loss. we explain the valued method by the example.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.6
• /
• pp.133-140
• /
• 2011

Password-based authentication is the protocol that two entities share a password in advance and use the password as the basic of authentication. Password authentication schemes are divided into weak-password and strong-password authentication scheme. SPAS protocol, one of the strong-password authentication scheme, was proposed for secure against DoS attack. However it has vulnerability of the replay attack. In this paper, we analyze the vulnerability to the replay attack in SPAS protocol. Then we also propose an Improved-Strong Password Authentication Scheme (I-SPAS) with secure against the replay attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1023-1030
• /
• 2020

Wearable devices, such as a smart watch and a wrist band, store owner's private information in the devices so that security in a high level is required. Applications developed by third parties in Tizen request for an access to designated services through the desktop bus (D-Bus). The D-Bus verifies application's privileges to grant the request for an access. We developed a fuzzing tool, so-called DAN (the D-bus ANalyzer), to detect errors in implementations for privilege verifications and access controls within Tizen's system services. The DAN has found a number of vulnerable services which granted accesses to unauthorized applications. We built a proof-of-concept application based on those findings to demonstrate a bypass in the privilege examination.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2021.06a
• /
• pp.239-239
• /
• 2021

최근 기후변화로 인해 국지성 집중호우와 태풍의 발생빈도가 증가하고 있다. 특히 우리나라 국토는 전체면적 중 산지면적이 63%에 해당하여 산지에서 발생하는 산사태와 토석류에 취약한 실정이다. 이러한 피해를 사전에 예방·대비하기 위해 국내·외에서는 재해지도를 제작하여 관리하고 있지만 대부분의 재해지도는 격자형식으로 제작되어 있어 실무자들이 활용하기에는 다소 어려움이 있다. 따라서 본 연구에서는 산지재해에 취약한 강원도 강릉시 지방도를 대상으로 산림청에서 개발한 산사태위험지도와 토석류 위험지도를 중첩하여 복합재해지도를 제작하였다. 먼저 산사태위험지도에 유역의 개념을 도로에 적용하고서 지방도로를 200m 간격으로 분할하여 도로 중심으로 유역을 제작하였으며, 해당 유역에 산사태위험면적과 토석류위험면적 값을 이용하여 도로의 등급을 1등급(매우 위험) ~ 5등급(매우 안전)으로 분류하였다. 또한 복합재해지도 결과의 검증을 위해 SINMAP모형을 이용하여 오차율을 비교분석한 결과 15% 이내인 것으로로 나타났다. 본 연구는 복합재해에 대비 할 수 있는 유역의 개념을 적용한 재해지도를 제작하며 도로관리자의 숙련도에 상관없이 재해지도를 쉽게 이해하고 활용 할 수 있을 것으로 판단된다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.69-79
• /
• 2010

In the current cloud environments, the applications are executed on the remote cloud server, and they also utilize computing resources of the remote cloud server such as physical memory and CPU. Therefore, if remote server is exposed to security threat, every applications in remote server can be victim by several security-attacks. Especially, despite many advantages, both individuals and businesses often have trouble to start the cloud services according to the malicious administrator of the cloud server. We propose a security-enhanced local process executing scheme resolving vulnerability of current cloud computing environments. Since secret data is stored in the local, we can protect secret data from security threats of the cloud server. By utilizing computing resource of local computer instead of remote server, high-secure processes can be set free from vulnerability of remote server.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2018.05a
• /
• pp.17-17
• /
• 2018

재난발생 위험은 불확실성을 내포하고 있으며, 이러한 불확실성 요인을 줄이고 사전에 소멸시키는 일은 매우 중요한 사항이 될 수 있다. 또한 재난관리 관점에서 그것이 발생했을 때 어떤 식으로 대응할지에 대한 과정이 체계적으로 갖추어져 있어야 하며, 복구 및 재발 방지를 위한 지속적인 노력이 수반될 필요성이 있다. 본 연구에서는 기후정보를 활용한 중장기 수문예측을 실시하고 통합홍수위험평가 시스템 구축을 통한 홍수위험도 분석을 실시하였다. 이를 위하여 우리나라 243개 지자체를 대상으로 홍수관련 위해성, 노출성, 취약성 자료를 수집하여 표준화하였으며, 전문가 Delphi-AHP 설문조사 분석을 통하여 가중치를 적용하고 위험도를 예측 평가하였다. 이러한 중장기 위험 예측 정보는 한 달 또는 수개월 전에 지자체 행정력을 집중 및 분산시키고, 수재해(홍수/가뭄 등) 위험관리 계획 수립이 가능하여 재난관리자에게 유용한 정보로 활용될 수 있을 것이다. 또한 재난의 생애주기(Life Cycle)별 예방, 대비, 대응, 복구 단계에 따라 사전과 사후에 가능한 주요 활동들을 구체화 할 수 있으며, 시간 스케일별 기후예측 정보를 활용한 재난관리 패러다임 전환과 골든타임 확보 등 수자원예측 분야 기술적 진보를 이룰 수 있을 것으로 기대한다. 향후 통계 역학 모형 기반 중 장기 예측 정보의 신뢰도가 향상 된다면 보다 다양한 분야 예측 정보 서비스 및 활용이 가능할 것이다.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.19 no.6
• /
• pp.163-179
• /
• 2020

With the expansion of platform-based taxi service, mobility and convenience of users are getting better. However, due to profitability problem, marginalized areas in the supply of the service are expected to appear. As such, this study analyzed spatial marginalization of taxi service caused by imbalance in supply and demand during the night-time when public transportation service is suspended. According to hot-spot analysis of taxi, outskirt of a city and residential areas showed high vacancy and greater number of drop-offs compared to the number of pick-ups. On the contrary, they were confirmed low in the center and sub-centers of a city. Centrality analysis also showed a similar pattern with hot-spot analysis. Due to this, drivers may refuse to pick up a customer bound for an area with lower out-degree centrality compared to in-degree centrality as it might be difficult for the drivers to pick up another customer after dropping off the current customer. Thus, customers may need to wait for a taxi for a longer time. For this reason, improvement in spatial marginalization caused by mismatch of supply and demand is required. Also, the outcome of this study is expected to be utilized as a basic data.