• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1131-1141
• /
• 2013

Most of the single server model of cloud computing services have problems that are hard to solve, such as a service availability, insider attack, and vendor lock-in, etc. To solve these problems, the research about multicloud has emerged. Multicloud model can supplement previous cloud model's weakness and provides new services to user. In this paper, we focus on a user authentication problem in multicloud model and propose a scheme to resolve it. We define a cloud broker-based multicloud model. And we propose an authentication protocol that is applicable at presented model. The proposed scheme can provide service transparency to user and prevent an impersonation attack by service provider.

• Wind and Structures
• /
• v.27 no.6
• /
• pp.381-397
• /
• 2018

Nonlinear behavior in fluid-structure interaction (FSI) of bridge decks becomes increasingly significant for modern bridges with increasing spans, larger flexibility and new aerodynamic deck configurations. Better understanding of the nonlinear aeroelasticity of bridge decks and further development of reduced-order nonlinear models for the aeroelastic forces become necessary. In this paper, the amplitude-dependent and neutral angle dependent nonlinearities of the motion-induced loads are further highlighted by series of computational fluid dynamics (CFD) simulations. An effort has been made to investigate a semi-analytical time-domain model of the nonlinear motion induced loads on the deck, which enables nonlinear time domain simulations of the aeroelastic responses of the bridge deck. First, the computational schemes used here are validated through theoretically well-known cases. Then, static aerodynamic coefficients of the Great Belt East Bridge (GBEB) cross section are evaluated at various angles of attack, leading to the so-called nonlinear backbone curves. Flutter derivatives of the bridge are identified by CFD simulations using forced harmonic motion of the cross-section with various frequencies. By varying the amplitude of the forced motion, it is observed that the identified flutter derivatives are amplitude-dependent, especially for $A^*_2$ and $H^*_2$ parameters. Another nonlinear feature is observed from the change of hysteresis loop (between angle of attack and lift/moment) when the neutral angles of the cross-section are changed. Based on the CFD results, a semi-analytical time-domain model for describing the nonlinear motion-induced loads is proposed and calibrated. This model is based on accounting for the delay effect with respect to the nonlinear backbone curve and is established in the state-space form. Reasonable agreement between the results from the semi-analytical model and CFD demonstrates the potential application of the proposed model for nonlinear aeroelastic analysis of bridge decks.

• Journal of the Korean Society of Fisheries and Ocean Technology
• /
• v.40 no.3
• /
• pp.206-213
• /
• 2004

As far as an opening device of fishing gears is concerned, applications of a kite are under development around the world. The typical examples are found in the opening device of the stow net on anchor and the buoyancy material of the trawl. While the stow net on anchor has proved its capability for the past 20 years, the trawl has not been wildly used since it has been first introduced for the commercial use only without sufficient studies and thus has revealed many drawbacks. Therefore, the fundamental hydrodynamics of the kite itself need to ne studied further. Models of plate and canvas kite were deployed in the circulating water tank for the mechanical test. For this situation lift and drag tests were performed considering a change in the shape of objects, which resulted in a different aspect ratio of rectangle and trapezoid. The results obtained from the above approaches are summarized as follows, where aspect ratio, attack angle, lift coefficient and maximum lift coefficient are denoted as A, B, $C_L$ and $C_{Lmax}$ respectively : 1. Given the triangular plate, $C_{Lmax}$ was produced as 1.26${\sim}$1.32 with A${\leq}$1 and 38$^{\circ}$B${\leq}$42$^{\circ}$. And when A${\geq}$1.5 and 20$^{\circ}$${\leq}$B${\leq}$50$^{\circ}$, $C_L$ was around 0.85. Given the inverted triangular plate, $C_{Lmax}$ was 1.46${\sim}$1.56 with A${\leq}$1 and 36$^{\circ}$B${\leq}$38$^{\circ}$. And When A${\geq}$1.5 and 22$^{\circ}$B${\leq}$26$^{\circ}$, $C_{Lmax}$ was 1.05${\sim}$1.21. Given the triangular kite, $C_{Lmax}$ was produced as 1.67${\sim}$1.77 with A${\leq}$1 and 46$^{\circ}$B${\leq}$48$^{\circ}$. And when A${\geq}$1.5 and 20$^{\circ}$B${\leq}$50$^{\circ}$, $C_L$ was around 1.10. Given the inverted triangular kite, $C_{Lmax}$ was 1.44${\sim}$1.68 with A${\leq}$1 and 28$^{\circ}$B${\leq}$32$^{\circ}$. And when A${\geq}$1.5 and 18$^{\circ}$B${\leq}$24$^{\circ}$, $C_{Lmax}$ was 1.03${\sim}$1.18. 2. For a model with A=1/2, an increase in B caused an increase in $C_L$ until $C_L$ has reached the maximum. Then there was a tendency of a very gradual decrease or no change in the value of $C_L$. For a model with A=2/3, the tendency of $C_L$ was similar to the case of a model with A=1/2. For a model with A=1, an increase in B caused an increase in $C_L$ until $C_L$ has reached the maximum. And the tendency of $C_L$ didn't change dramatically. For a model with A=1.5, the tendency of $C_L$ as a function of B was changed very small as 0.75${\sim}$1.22 with 20$^{\circ}$B${\leq}$50$^{\circ}$. For a model with A=2, the tendency of $C_L$ as a function of B was almost the same in the triangular model. There was no considerable change in the models with 20$^{\circ}$B${\leq}$50$^{\circ}$. 3. The inverted model's $C_L$ as a function of increase of B reached the maximum rapidly, then decreased gradually compared to the non-inverted models. Others were decreased dramatically. 4. The action point of dynamic pressure in accordance with the attack angle was close to the rear area of the model with small attack angle, and with large attack angle, the action point was close to the front part of the model. 5. There was camber vertex in the position in which the fluid pressure was generated, and the triangular canvas had large value of camber vertex when the aspect ratio was high, while the inverted triangular canvas was versa. 6. All canvas kite had larger camber ratio when the aspect ratio was high, and the triangular canvas had larger one when the attack angle was high, while the inverted triangluar canvas was versa.

• Journal of KIISE:Databases
• /
• v.34 no.6
• /
• pp.473-482
• /
• 2007

Network-based IDS(Intrusion Detection System) gathers network packet data and analyzes them into attack or normal. They raise alarm when possible intrusion happens. But they often output a large amount of low-level of incomplete alert information. Consequently, a large amount of incomplete alert information that can be unmanageable and also be mixed with false alerts can prevent intrusion response systems and security administrator from adequately understanding and analyzing the state of network security, and initiating appropriate response in a timely fashion. So it is important for the security administrator to reduce the redundancy of alerts, integrate and correlate security alerts, construct attack scenarios and present high-level aggregated information. False alarm rate is the ratio between the number of normal connections that are incorrectly misclassified as attacks and the total number of normal connections. In this paper we propose a false alarm classification model to reduce the false alarm rate using classification analysis of data mining techniques. The proposed model can classify the alarms from the intrusion detection systems into false alert or true attack. Our approach is useful to reduce false alerts and to improve the detection rate of network-based intrusion detection systems.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.10a
• /
• pp.261-264
• /
• 2008

IPv6 has been proposed and deployed to cater the shortage of IPv4 addresses. It is expected to foresee mobile phones, pocket PCs, home devices and any other kind of network capable devices to be connected to the Internet with the introduction and deployment of IPv6. This scenario will bring in more challenges to the existing network infrastructure especially in the network security area. Firewalls are the simplest and the most basic form of protection to ensure network security. Nowadays, firewalls' usage has been extended from not only to protect the whole network but also appear as software firewalls to protect each network devices. IPv6 and IPv4 are not interoperable as there are separate networking stacks for each protocol. Therefore, the existing states of the art in firewalling need to be reengineered. In our context here, we pay attention only to the IPv6 firewalls configuration anomalies without considering other factors. Pre-evaluation of security risk is important in any organization especially a large scale network deployment where an add on rules to the firewall may affect the up and running network. We proposed a new probabilistic based model to evaluate the security risks based on examining the existing firewall rules. Hence, the network administrators can pre-evaluate the possible risk incurred in their current network security implementation in the IPv6 network. The outcome from our proposed pre-evaluation model will be the possibilities in percentage that the IPv6 firewall is configured wrongly or insecurely where known attacks such as DoS attack, Probation attack, Renumbering attack and etc can be launched easily. Besides that, we suggest and recommend few important rules set that should be included in configuring IPv6 firewall rules.

• Journal of the Korean Solar Energy Society
• /
• v.35 no.4
• /
• pp.43-55
• /
• 2015

This paper presents the thermal hydraulic performance of a three dimensional rib-roughened solar air heater (SAH) duct with the one principal wall subjected to uniform heat flux. The SAH duct has aspect ratio of 12.0 and the Reynolds number ranges from 2000 to 12000. The roughness has relative rib height of 0.045, ratio of dimple depth to print diameter of 0.5 and rib pitch ratio of 8.0. The flow attack angle is varied from $35^{\circ}$ to $70^{\circ}$. Various turbulent flow models are used for the heat transfer and fluid flow analysis and their results are compared with the experimental results for smooth surfaces. The computational fluid dynamics (CFD) results based on the renormalization k-epsilon model are in better outcomes compared with the experimental data. This model is used to calculate heat transfer and fluid flow in SAH duct with the compound roughness of V-shaped ribs and dimples. The overall thermal performance based on equal pumping power is found to be the highest (2.18) for flow attack angle of $55^{\circ}$. The thermo-hydraulic performance for V-pattern shaped ribs combined with dimple ribs is higher than that for dimple rib shape and V-pattern rib shape air duct.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.871-879
• /
• 2020

Perceptual Ad-Blocking is a new advertising blocking technique that detects online advertising by using an artificial intelligence-based advertising image classification model. A recent study has shown that these Perceptual Ad-Blocking models are vulnerable to adversarial attacks using adversarial examples to add noise to images that cause them to be misclassified. In this paper, we prove that existing perceptual Ad-Blocking technique has a weakness for several adversarial example and that Defense-GAN and MagNet who performed well for MNIST dataset and CIFAR-10 dataset are good to advertising dataset. Through this, using Defense-GAN and MagNet techniques, it presents a robust new advertising image classification model for adversarial attacks. According to the results of experiments using various existing adversarial attack techniques, the techniques proposed in this paper were able to secure the accuracy and performance through the robust image classification techniques, and furthermore, they were able to defend a certain level against white-box attacks by attackers who knew the details of defense techniques.

• Journal of Internet Computing and Services
• /
• v.16 no.5
• /
• pp.1-9
• /
• 2015

As attacks in cyber space become advanced and complex, monotonous defense approach of one-one matching manner between attack and defense may be limited to defend them. More efficient defense method is required. This paper proposes multi layers security scheme that can support to defend assets against diverse cyber attacks in systematical and adaptive. We model multi layers security scheme based on Defense Zone including several defense layers and also discuss essential technical elements necessary to realize multi layers security scheme such as cyber threats analysis and automated assignment of defense techniques. Also effects of multi layers security scheme and its applicability are explained. In future, for embodiment of multi layers security scheme, researches about detailed architecture design for Defense Zone, automated method to select the best defense technique against attack and modeling normal state of asset for attack detection are needed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.779-791
• /
• 2021

Common web services have been continuously targeted by hackers due to an access control policy that must be allowed to an unspecified number of people. In order to cope with this situation, companies regularly check web vulnerabilities and take measures according to the risk of discovered vulnerabilities. The risk of these web vulnerabilities is calculated through preliminary statistics and self-evaluation of domestic and foreign related organizations. However, unlike static diagnosis such as security setting and source code, web vulnerability check is performed through dynamic diagnosis. Even with the same vulnerability item, various attack results can be derived, and the degree of risk may vary depending on the subject of diagnosis and the environment. In this respect, the predefined risk level may be different from that of the actual vulnerability. In this paper, to improve this point, we present a web vulnerability risk assessment model based on the attack result centering on the cyber kill chain.

• The Journal of the Korea Contents Association
• /
• v.21 no.1
• /
• pp.284-291
• /
• 2021

As the current security monitoring system is operated as a passive system only for response after an attacker's attack, it is common to respond to intrusion incidents after an attack occurs. In particular, when new assets are added and actual services are performed, there is a limit to vulnerability testing and pre-defense from the point of view of an actual hacker. In this paper, a new security monitoring model has been proposed that uses multiple hacking-related search engines to add proactive vulnerability response functions of protected assets. In other words, using multiple search engines with general purpose or special purpose, special vulnerabilities of the assets to be protected are checked in advance, and the vulnerabilities of the assets that have appeared as a result of the check are removed in advance. In addition, the function of pre-checking the objective attack vulnerabilities of the protected assets recognized from the point of view of the actual hacker, and the function of discovering and removing a wide range of system-related vulnerabilities located in the IP band in advance were additionally presented.