• Nuclear Engineering and Technology
• /
• v.52 no.12
• /
• pp.2687-2698
• /
• 2020

Most of the machine learning-based intrusion detection tools developed for Industrial Control Systems (ICS) are trained on network packet captures, and they rely on monitoring network layer traffic alone for intrusion detection. This approach produces weak intrusion detection systems, as ICS cyber-attacks have a real and significant impact on the process variables. A limited number of researchers consider integrating process measurements. However, in complex systems, process variable changes could result from different combinations of abnormal occurrences. This paper examines recent advances in intrusion detection algorithms, their limitations, challenges and the status of their application in critical infrastructures. We also introduce the discussion on the similarities and conflicts observed in the development of machine learning tools and techniques for fault diagnosis and cybersecurity in the protection of complex systems and the need to establish a clear difference between them. As a case study, we discuss special characteristics in nuclear power control systems and the factors that constraint the direct integration of security algorithms. Moreover, we discuss data reliability issues and present references and direct URL to recent open-source data repositories to aid researchers in developing data-driven ICS intrusion detection systems.

• Smart Media Journal
• /
• v.7 no.4
• /
• pp.70-78
• /
• 2018

Current trends in information system have led many companies to adopt security solutions. However, even with a large budget, they cannot function properly without proper security monitoring that manages them. Security monitoring necessitates a quick response in the event of a problem, and it is needed to design appropriate visualization dashboards for monitoring purposes so that necessary information can be delivered quickly. This paper shows how to visualize a security log using the open source program Elastic Stack and demonstrates that the proposed method is suitable for network security monitoring by implementing it as a appropriate dashboard for monitoring purposes. We confirmed that the dashboard was effectively exploited for the analysis of abnormal traffic growth and attack paths.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.4
• /
• pp.135-140
• /
• 2015

The WDSS improves defensive capacity against web application layer DDoS attack by using web cache server and L7 switch which are added on the DDoS shelter system. When web DDoS attack occurs, security agents divert traffic from backbone network to sub-network of the WDSS and then DDoS protection device and L7 switch block abnormal packets. In the meantime, web cache server responds only to requests of normal clients and maintains stable web service. In this way, the WDSS can counteract the web DDoS attack which generates small traffic and depletes server-client session resource. Furthermore, the WDSS does not require IP tunneling because it is not necessary to retransfer the normal requests to original web server. In this paper, we validate operation of the WDSS and verify defensive capability against web application layer DDoS attacks. In order to do this, we built the WDSS on backbone network of an ISP. And we performed web DDoS tests by using a testing system that consists of zombie PCs. The tests were performed by three types and various amounts of web DDoS attacks. Test results suggest that the WDSS can detect small traffic of the web DDoS attacks which do not have repeat flow whereas the formal DDoS shelter system cannot.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.35 no.3
• /
• pp.133-144
• /
• 2017

Recently, weather information is getting closer to our real life, and it is a very important factor especially in the transportation field. Although the damage caused by the abnormal climate changes around the world has been gradually increased and the correlation between the road risk and the possibility of traffic accidents is very high, the domestic research has been performed at the level of basic research. The Purpose of this study is to develop a risk map for the road hazard forecasting service of weather situation by linking real - time weather information and traffic information based on accident analysis data by weather factors. So, we have developed a collection and analysis about related data, processing, applying prediction models in various weather conditions and a method to provide the road hazard map for national highways and provincial roads on a web map. As a result, the road hazard map proposed in this study can be expected to be useful for road managers and users through online and mobile services in the future. In addition, information that can support safe autonomous driving by continuously archiving and providing a risk map database so as to anticipate and preemptively prepare for the risk due to meteorological factors in the autonomous driving vehicle, which is a key factor of the 4th Industrial Revolution, and this map can be expected to be fully utilized.

• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.499-506
• /
• 2021

Hackers' cyber attack techniques are becoming more sophisticated and diversified, with a form of attack that has never been seen before. In terms of information security vulnerability standard code (CVE), about 90,000 new codes were registered from 2015 to 2020. This indicates that security threats are increasing rapidly. When new security vulnerabilities occur, damage should be minimized by preparing countermeasures for them, but in many cases, companies are insufficient to cover the security management level and response system with a limited security IT budget. The reason is that it takes about a month for analysts to discover vulnerabilities through manual analysis, prepare countermeasures through security equipment, and patch security vulnerabilities. In the case of the public sector, the National Cyber Safety Center distributes and manages security operation policies in a batch. However, it is not easy to accept the security policy according to the characteristics of the manufacturer, and it takes about 3 weeks or more to verify the traffic for each section. In addition, when abnormal traffic inflow occurs, countermeasures such as detection and detection of infringement attacks through vulnerability analysis must be prepared, but there are limitations in response due to the absence of specialized security experts. In this paper, we proposed a method of using the security policy information sharing site "snort.org" to prepare effective countermeasures against new security vulnerability attacks.

• Maxillofacial Plastic and Reconstructive Surgery
• /
• v.16 no.4
• /
• pp.419-427
• /
• 1994

Because of the prominence of the nose and its central location, it is the most frequently encountered fractures in the face. Yet reports about the nasal bone fractures are virtually rare in the oral and maxillofacial surgical literatures. This is a retrospective study on 19 nasal bone fractures treated in Chosun university hospital Department of Oral & Maxillofacial Surgery from Jan. 1991 to Sep. 1993, under admission to our Dept. and the obtained results were as follows. 1. Of the 240 patients with facial bone fractures, 28 patients suffered nasal fractures(12%) and male to female ratio was 5.3:1. 2. The most frequent cause was traffic accidents(39%)m, the next fall down(36%), first blow(4%). 3. The age frequency was the highest in the fifth decade (32%). 4. Clinical classification of nasal fractures was simple fractures(74%), combined fractures(26%), and single fractures(37%), combined fractures(63%). 5. The most frequently combined site was maxilla(50%). 6. Treatments of nasal fractures were closed reduction(63%), open reduction(5%), and secondary rhinoplasty(32%). 7. The initial treatment time from accident was 1.7 days in single fractures, and 3.5 days in combined fractures, and the period of splint retained was about 8.2 days in single fracture, about 8.7 in combined fracture. 8. It was necessary to treat secondarily in delayed treatment, and all treatment methods showed relatively good prognosis. 9. Closed reduction was treated under local anesthesia, but open reduction & secondary rhinoplasty was treated under general anesthesia except 1 case. 10. The complications were disturbance of swellings 5 cases, ethetic problem 5 cases, epiphora 3 cases, abnormal sensation 6 cases in relation with other fractures.

• Journal of the Korean Society of Safety
• /
• v.31 no.6
• /
• pp.121-128
• /
• 2016

Social Media transformed the mass media based information traffic, and it has become a key resource for finding value in enterprises and public institutions. Particularly, in regards to disaster management, the necessity for public participation policy development through the use of social media is emphasized. National Disaster Management Research Institute developed the Social Big Board, which is a system that monitors social Big Data in real time for purposes of implementing social media disaster management. Social Big Board collects a daily average of 36 million tweets in Korean in real time and automatically filters disaster safety related tweets. The filtered tweets are then automatically categorized into 71 disaster safety types. This real time tweet monitoring system provides various information and insights based on the tweets, such as disaster issues, tweet frequency by region, original tweets, etc. The purpose of using this system is to take advantage of the potential benefits of social media in relations to disaster management. It is a first step towards disaster management that communicates with the people that allows us to hear the voice of the people concerning disaster issues and also understand their emotions at the same time. In this paper, Korean language text mining based Social Big Board will be briefly introduced, and disaster issue detection model, which is key algorithms, will be described. Disaster issues are divided into two categories: potential issues, which refers to abnormal signs prior to disaster events, and occurrence issues, which is a notification of disaster events. The detection models of these two categories are defined and the performance of the models are compared and evaluated.

• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.101-112
• /
• 2010

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.357-360
• /
• 2008

Vital sign monitoring system using IEEE 502.IS.4 based wireless sensor network(WSN) is designed and developed on mobile environment and sensor node platform. WSN and CDMA are integrated to create a wide coverage to support various environments like inside and outside. We developed query processor to use selective any devices(ECG, Blood pressure and sugar module) and control of the self-organizing network of sensor nodes in a wireless sensor network. Vital sign from wireless medical any devices are analysed in cell phone first for real time signal analyses and the abnormal vital signs are sent and save to hospital server for detail signal processing. wireless signal traffic in wireless sensor network environment or data communication inside the cell phone is reduced.

• KSCE Journal of Civil and Environmental Engineering Research
• /
• v.38 no.2
• /
• pp.319-325
• /
• 2018

Pot-holes are steadily increasing due to abnormal climate such as heavy rainfall and frequent snowfall. Pot-hole related to traffic accidents cause injuries, car damage and distress of road facilities. To reduce pot-holes, the use of an anti-stripping agent is mandatorily recommended to asphalt concrete mixture. Hydrated lime is commonly used as anti-stripping agent due to the convenience and economics. Byproduct ash from circulating fluidized bed boiler was reviewed as an anti stripping agent. According to the test results, the byproduct ash is satisfied with TSR specification using 1% to 3% by weight of the asphalt mixture. The byproduct ash was examined under various condition changes of aggregate and asphalt concrete mixture considering quality movement. According to the results, using the byproduct ash was measured average 0.87 of TSR and coverage rates of 60% after rolling bottle test. Test results also revealed that the byproduct ash showed stable performance. Using the byproduct ash to decrease pot-hole in asphalt concrete pavement is suitable for demonstrating stable performance as anti-stripping agent.