• Journal of the Society of Naval Architects of Korea
• /
• v.48 no.5
• /
• pp.404-413
• /
• 2011

It is important to assess and improve the warship survivability for the weapon threats which have a critical effect on warship. The survivability of the warship is defined as the capability of a warship to avoid or withstand a man-made hostile environment. The survivability of the warship consists of three categories (Susceptibility, Vulnerability and Recoverability). Firstly, the susceptibility is defined as the inability of a warship to avoid radars, guns, missiles and etc. Secondly, the vulnerability is defined as the inability of a warship to withstand the man-made hostile environment. Finally, the recoverability is defined as the ability of a warship to recover the damaged components and systems. Among them, this paper has described the vulnerability assessment for the hypothetical system which is composed of critical components. Also, the procedure which is suggested to calculate the vulnerable probability of the damaged warship is based on the Vulnerable Area Method.

• Journal of the Society of Naval Architects of Korea
• /
• v.50 no.6
• /
• pp.383-389
• /
• 2013

Analysis and review of survivability is one of the most important aspects when naval vessels are designed. Because aiming points of threat towards the naval vessels in the battle field could not be estimated exactly, probabilistic and statistic approach is frequently introduced to evaluate and enhance the vessel survivability. Some commercial survivability analysis programs are used to perform the analysis for enhancement of susceptibility, vulnerability and recoverability but, they are usually classified and impossible to be exported to other countries because of their national security. In this paper, a simplified vulnerability analysis program is developed to evaluate the vulnerability of the warship in aspects of structure, redundancy and its mission capability at the conceptual design stage. To verify the developed program, the analysis results were compared with those of the commercial program MOTISS(Measure of Total Integrated System Survivability).

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1995.11a
• /
• pp.51-58
• /
• 1995

The importance of the risk analysis tool has been recognized and its use also has been emphasized by a number of researchers recently The methodology were examined but neither algorithms nor practical applications have been implemented or practiced in Korea. In this paper, the architecture of the Buddy System, one of the automated risk assessment tools. is analyzed in depth to provide the algorithmic understanding and to promote the development of the risk analysis methodology. The Buddy System mainly uses three main factors of vulnerability, threat and countermeasures as a nucleus of the qualatative analysis with the modified loss expectancy value. These factors are identified and assessed by the separation of duties between the end user and security analyst. The Buddy System uses five axioms as its bases of assessment algorithm and the assessed vulnerability level is strictly within these axioms. Since the In-place countermeasures reduce the vulnerability level up to a certain level. the security analyst may use "what if " model to examine the impact of additional countermeasures by proposing each to reduce the vulnerability level further to within the acceptable range. The emphasis on the qualitative approach on vulnerability leveling is very well balanced with the quantitative analysis that the system performance is prominent.prominent.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.177-182
• /
• 2011

This paper introduces a possibility for attackers to acquire the keyboard scan codes through using the RESEND command provided by the keyboard hardware itself, based on the PS/2 interface that is a dominant interface for input devices. Accordingly, a keyboard sniffing program using the introduced vulnerability is implemented to prove the severeness of the vulnerability, which shows that user passwords can be easily exposed. As one of the intrinsic vulnerabilities found on the existing platforms, for which there were little considerations on the security problems when they were designed, it is required to consider a hardware approach to countermeasure the introduced vulnerability.

• Proceedings of the Korean Society of Soil and Groundwater Environment Conference
• /
• 2005.10a
• /
• pp.247-249
• /
• 2005

• Earthquakes and Structures
• /
• v.12 no.2
• /
• pp.223-236
• /
• 2017

Seismic assessment and rehabilitation of Monumental Buildings constitute an important issue in many regions around the world to preserve cultural heritage. On the contrary, many recent earthquakes have demonstrated the high vulnerability of this type of structures. The high nonlinear masonry behaviour requires ad hoc refined finite element numerical models, whose complexity and computational costs are generally unsuitable for practical applications. For these reasons, several authors proposed simplified numerical strategies to be used in engineering practice. However, most of these alternative methods are oversimplified being based on the assumption of in-plane behaviour of masonry walls. Moreover, they cannot be used for modelling the monumental structures for which the interaction between plane and out-plane behaviour governs the structural response. Recently, an innovative discrete-modelling approach for the simulation of both in-plane and out of-plane response of masonry structures was proposed and applied to study several typologies of historic structures. In this paper the latter model is applied with reference to a real case study, and numerically compared with an advanced finite element modelling. The method is applied to the St.Venerio church in Reggiolo (Italy), damaged during the 2012 Emilia-Romagna earthquake and numerically investigated in the literature.

• Journal of Information Processing Systems
• /
• v.6 no.4
• /
• pp.563-574
• /
• 2010

The growing number of web applications in the global economy has made it critically important to develop secure and reliable software to support the economy's increasing dependence on web-based systems. We propose an intercepting filter approach to mitigate the risk of injection flaw exploitation- one of the most dangerous methods of attacking web applications. The proposed approach can be implemented in Java or .NET environments following the intercepting filter design pattern. This paper provides examples to illustrate the proposed approach.

• Journal of the Korea Concrete Institute
• /
• v.20 no.1
• /
• pp.51-58
• /
• 2008

Analytical probabilistic vulnerability analysis requires extensive computing effort as a result of the randomness in both input motion and response characteristics. In this study, a new methodology whereby a set of vulnerability curves are derived based on the fundamental response quantities of stiffness, strength and ductility is presented. A response database of coefficients describing lognormal vulnerability relationships is constructed by employing aclosed-form solution for a generalized single-degree-of-freedom system. Once the three fundamental quantities of a wide range of structural systems are defined, the vulnerability curves for various limit states can be derived without recourse to further simulation. Examples of application are given and demonstrate the extreme efficiency of the proposed approach in deriving vulnerability relationships.

• Journal of The Korean Society of Agricultural Engineers
• /
• v.57 no.1
• /
• pp.59-67
• /
• 2015

Because reservoirs that supply irrigation water play an important role in water resource management, it is necessary to evaluate the vulnerability of this particular water supply resource. The purpose of this study is to provide water supply risk maps of agricultural reservoirs in South Korea using irrigation vulnerability model and cluster analysis. To quantify water supply risk, irrigation vulnerability indices are estimated to evaluate the performance of the water supply on the agricultural reservoir system using a probability theory and reliability analysis. First, the irrigation vulnerability probabilities of 1,346 reservoirs managed by Korea Rural Community Corporation (KRC) were analyzed using meteorological data on 54 meteorological stations over the past 30 years (1981-2010). Second, using the K-mean method of non-hierarchical cluster analysis and pre-simulation approach, cluster analysis was applied to classify into three groups for characterizing irrigation vulnerability in reservoirs. The morphology index, watershed area, irrigated area, and ratio between watershed and irrigated area are selected as the clustering analysis parameters. It is suggested that the water supply risk map be utilized as a basis for the establishment of risk management measures, and could provide effective information for a reasonable decision making on drought risk mitigation.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.127-137
• /
• 2012

Recently, as modern Internet uses mashups, Web 3.0, JavaScript/AJAX widely, the rate at which new vulnerabilities are being discovered is increasing rapidly. It can subsequently introduce big security threats. In order to efficiently mitigate these web application vulnerabilities and security threats, it is needed to rank vulnerabilities based on severity and consider the severe vulnerabilities during a specific phase of software development lifecycle (SDLC) for web applications. In this paper, we have first verified whether the risk rating methodology of OWASP Top 10 vulnerabilities is a reasonable one or not by analyzing the vulnerability data of web applications in the US National Vulnerability Database (NVD). Then, by inspecting the vulnerability information of web applications based on OWASP Top-10 2010 list and CWE (Common Weakness Enumeration) directory, we have mapped the web-related entries of CWE onto the entries of OWASP Top-10 2010 and prioritized them. We have also presented which phase of SDLC is associated with each vulnerability entry. Using this approach, we can prevent or mitigate web application vulnerabilities and security threats efficiently.