• Journal of the Korea Institute of Military Science and Technology
• /
• v.13 no.6
• /
• pp.1099-1105
• /
• 2010

The purpose of this paper is to propose a methodology that can estimate optimal requirement of attack helicopter Korea army will be operating in future. For estimating optimal requirement, attack helicopter's operation concept, performance, battlefield environment and enemy threat are considered. We use a wargame model, AAsim(Army Aviation simulation), as a analytic simulation model which is used to analyze DOTMLPF and operation in army aviation field. In this paper, we conduct battle experiment for anti armored corps operation which reflects attack helicopter's combat effectiveness very well. As a result of simulation, the destructive rate for enemy armored corps per each attack helicopter can be calculated. In this paper, we propose optimal requirement of attack helicopter using that destructive rate for enemy armored corps.

• Journal of computational fluids engineering
• /
• v.13 no.2
• /
• pp.1-7
• /
• 2008

For Aerodynamic analysis of vehicle at altitude, 100km, the validity of governing equations based on continuum model, was reviewed. Also, as the preliminary study for the sub-orbital space plane development, a candidate geometry was suggested and computational fluid dynamic(CFD) analysis was performed for various angles of attack in subsonic and supersonic flow regimes to analyze the aerodynamic characteristics and performance. The inviscid flow analyses showed that the stall starts at angle of attack above $20^{\circ}$, the maximum drag is generated at angle of attack, $87^{\circ}$ and the maximum lift to drag ratio is about 8 in subsonic flow. In supersonic, the stall angle is about $40^{\circ}$ and the maximum drag is generated at angle of attack, $90^{\circ}$. Also, mach number distribution of re-entry vehicle was computed versus altitudes.

• The Journal of the Korea Contents Association
• /
• v.4 no.1
• /
• pp.49-55
• /
• 2004

DDoS is an attack type that interfere with normal service by running out network bandwidth, process throughput, and system resource. It can be recognized intuitively by network slowdown and connection impossibility state, but it is necessary to detect DDoS attack by exact and quantitative analysis. In this paper, the exact and efficient DDoS attack detection system which is able to detect traffic flooding by MIB information, and attack traffic by packet analysis is proposed and realized.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.97-108
• /
• 2012

In this study, we analysis the distributing malware using email on the korean defense service and defense industry as the social engineering attack. E-mail attack distributes the document files with the malware. Using the malware, attacker get the Information of the targeted people and devices. we proposed expected new types of attacks by analysis and transformation. And, expect the new email attack agendas which will be tried.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.390-393
• /
• 2014

The importance of this emerging information security and u-Korea or ubiquitous IT era, and the information security is more important. Especially, the small core device password encryption algorithm is an important part of the secure side channel attack cryptographic algorithms. However, it can provide high level of security, an adversary can attack small core device through implementation of cryptographic algorithms. In this paper describes for the Power Analysis attack and analyze the experimental environment.

• ETRI Journal
• /
• v.30 no.6
• /
• pp.868-870
• /
• 2008

The rotation-based transformation (RBT) for privacy preserving data mining is vulnerable to the independent component analysis (ICA) attack. This paper introduces a modified multiple-rotation-based transformation technique for special mining applications, mitigating the ICA attack while maintaining the advantages of the RBT.

• The Journal of the Korea Contents Association
• /
• v.18 no.4
• /
• pp.48-59
• /
• 2018

Recently, network technology has been used in various fields due to development of network technology. However, there has been an increase in the number of attacks targeting public institutions and companies by exploiting the evolving network technology. Meanwhile, the existing network intrusion detection system takes much time to process logs as the amount of network log increases. Therefore, in this paper, we propose a Spark-based network log analysis system that detects unstructured network attack pattern. by using Snort. The proposed system extracts and analyzes the elements required for network attack pattern detection from large amount of network log data. For the analysis, we propose a rule to detect network attack patterns for Port Scanning, Host Scanning, DDoS, and worm activity, and can detect real attack pattern well by applying it to real log data. Finally, we show from our performance evaluation that the proposed Spark-based log analysis system is more than two times better on log data processing performance than the Hadoop-based system.

• Journal of the Korea Convergence Society
• /
• v.9 no.8
• /
• pp.41-46
• /
• 2018

As the industry related to drones has been activated, the public interest in drones has increased explosively, and many cases of drone-using are increasing. In the case of military drones, the security problem is the level of defense of the aircraft or cruise missiles, but commercial small and low cost drones are often released and utilized without security count-measure. This makes it possible for an attacker to easily gain access to the root of the drones, access internal files, or send fake packets. However, this droning problem can lead to another dangerous attack. In this regard, this paper has identified the vulnerabilities inherent in the commercial drones by analyzing the attack cases in the communication process of the specific drones. In this paper, we analyze and test the vulnerability in terms of scanning attack, meson attack, authentication revocation attack, packet stop command attack, packet retransmission attack, signal manipulation and de-compile attack. This study is useful for the analysis of drones attack and vulnerability.

• Journal of Internet Computing and Services
• /
• v.11 no.6
• /
• pp.73-86
• /
• 2010

In proportion to the rapid increase in the number of Web users, web attack techniques are also getting more sophisticated. Therefore, we need not only to detect Web attack based on the log analysis but also to extract web attack events from audit information such as Web firewall, Web IDS and system logs for detecting abnormal Web behaviors. In this paper, web attack detection system was designed and implemented based on integrated web audit data for detecting diverse web attack by generating integrated log information generated from W3C form of IIS log and web firewall/IDS log. The proposed system analyzes multiple web sessions and determines its correlation between the sessions and web attack efficiently. Therefore, proposed system has advantages on extracting the latest web attack events efficiently by designing and implementing the multiple web session and log correlation analysis actively.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.27-34
• /
• 2017

Network security visualization technique using security alerts provide the administrator with intuitive network security situation by efficiently visualizing a large number of security alerts occurring from the security devices. However, most of these visualization techniques represent events using overlap the timelines of the alerts or Top-N analysis by their frequencies resulting in failing to provide information such as the attack trend, the relationship between attacks, the point of occurrence of attack, and the continuity of the attack. In this paper, we propose an effective visualization technique which intuitively explains the transition of the whole attack and the continuity of individual attacks by arranging the events spirally according to timeline and marking occurrence point and attack type. Furthermore, the relationship between attackers and victims is provided through a single screen view, so that it is possible to comprehensively monitor not only the entire attack situation but also attack type and attack point.