• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.21-26
• /
• 2024

The security model in the previous network environment has a vulnerability in which resource access control for trusted users is not properly achieved using the Perimeter model based on trust. The Zero Trust is an absolute principle to assume that the users and devices accessing internal data have nothing to trust. Applying the Zero Trust principle is very successful in reducing the attack surface of an organization, and by using the Zero Trust, it is possible to minimize damage when an attack occurs by limiting the intrusion to one small area through segmentation. ZTNA is a major technology that enables organizations to implement Zero Trust security, and similar to Software Defined Boundary (SDP), ZTNA hides most of its infrastructure and services, establishing one-to-one encrypted connections between devices and the resources they need. In this study, we review the functions and requirements that become the principles of the ZTNA architecture, and also study the security requirements and additional considerations according to the construction and operation of the ZTNA solution.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.201-207
• /
• 2024

Voice is a critical element of human communication, and the development of speech recognition models is one of the significant achievements in artificial intelligence, which has recently been applied in various aspects of human life. The application of speech recognition models in the military field is also inevitable. However, before artificial intelligence models can be applied in the military, it is necessary to research their vulnerabilities. In this study, we evaluates the military applicability of the multilingual speech recognition model "Whisper" by examining its vulnerabilities to battlefield noise, white noise, and adversarial attacks. In experiments involving battlefield noise, Whisper showed significant performance degradation with an average Character Error Rate (CER) of 72.4%, indicating difficulties in military applications. In experiments with white noise, Whisper was robust to low-intensity noise but showed performance degradation under high-intensity noise. Adversarial attack experiments revealed vulnerabilities at specific epsilon values. Therefore, the Whisper model requires improvements through fine-tuning, adversarial training, and other methods.

• Wind and Structures
• /
• v.23 no.5
• /
• pp.405-420
• /
• 2016

Section model wind tunnel test is currently the main technique to investigate the flutter performance of long-span bridges. Further study about applying the wind tunnel test results to the aerodynamic optimization is still needed. Systematical parameters and test principle of the bridge section model are determined by using three long-span steel truss suspension bridges. The flutter critical wind at different attack angles is obtained through section model flutter test. Under the most unfavorable working condition, tests to investigate the effects that upper central stabilized plate, lower central stabilized plate and horizontal stabilized plate have on the flutter performance of the main beam were conducted. According to the test results, the optimal aerodynamic measure was chosen to meet the requirements of the bridge wind resistance in consideration of safety, economy and aesthetics. At last the credibility of the results is confirmed by full bridge aerodynamic elastic model test. That the flutter reduced wind speed of long-span steel truss suspension bridges stays approximately between 4 to 5 is concluded as a reference for the investigation of the flutter performance of future similar steel truss girder suspension bridges.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.8
• /
• pp.5256-5262
• /
• 2014

Recently, Distributed Denial of Service (DDoS) attacks, such as spreading malicious code, cyber-terrorism, have occurred in government agencies, the press and the financial sector. DDoS attacks are the simplest Internet-based infringement attacks techniques that have fatal consequences. DDoS attacks have caused bandwidth consumption at the network layer. These attacks are difficult to detect defend against because the attack packets are not significantly different from normal traffic. Abnormal traffic is threatening the stability of the network. Therefore, the abnormal traffic by generating indications will need to be detected in advance. This study examined the abnormal traffic detection technique using a forecasting model-based trend model.

• Journal of the Korea Society for Simulation
• /
• v.12 no.4
• /
• pp.25-40
• /
• 2003

With the growing usage of the networks, the world-wide Internet has become the main means to exchange data and carry out transactions. It has also become the main means to attack hosts. To solve the security problems which occur in the network such as Internet, we import software products of network security elements like an IDS (Intrusion Detection System) and a firewall. In this paper, we have designed and constructed the general simulation environment of network security model composed of multiple IDSes and a firewall which coordinate by CNP (Contract Net Protocol) for the effective detection of the intrusion. The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. Command console in the CNP is a manager who controls the execution of agents or a contractee, who performs intrusion detection. In the network security model, each model of simulation environment is hierarchically designed by DEVS(Discrete Event system Specification) formalism. The purpose of this simulation is that the application of rete pattern-matching algorithm speeds up the inference cycle phases of the intrusion detection expert system and we evaluate the characteristics and performance of CNP architecture with rete pattern-matching algorithm.

• Journal of the Korean Data and Information Science Society
• /
• v.25 no.6
• /
• pp.1221-1229
• /
• 2014

In this paper we choose the best model among several bivariate Poisson models on Korean soccer data. The models considered allow for correlation between the number of goals of two competing teams. We use an R package called bivpois for bivariate Poisson regression models and the data of K-league for season 1983-2012. Finally we conclude that the best fitted model supported by the AIC and BIC is the bivariate Poisson model with constant covariance. The zero and diagonal inflated models did not improve the model fit. The model can be used to examine home-away effect, goodness of fit, attack and defense parameters.

• Proceedings of the KAIS Fall Conference
• /
• 2003.11a
• /
• pp.197-206
• /
• 2003

With the growing usage of the networks, the world-wide Internet has become the main means to exchange data and carry out transactions. It has also become the main means to attack hosts. To solve the security problems which occur in the network such as Internet, we import software products of network security elements like an IDS (Intrusion Detection System) and a firewall. In this paper, we have designed and constructed the General Simulation Environment of Network Security model composed of multiple IDSes and a firewall which coordinate by CNP (Contract Net Protocol) for the effective detection of the intrusion. The CNP, the methodology for efficient integration of computer systems on heterogeneous environment such as distributed systems, is essentially a collection of agents, which cooperate to resolve a problem. Command console in the CNP is a manager who controls tie execution of agents or a contractee, who performs intrusion detection. In the Network Security model, each model of simulation environment is hierarchically designed by DEVS (Discrete EVent system Specification) formalism. The purpose of this simulation is to evaluate the characteristics and performance of CNP architecture with rete pattern matching algorithm and the application of rete pattern matching algorithm for the speeding up the inference cycle phases of the intrusion detection expert system.

• Journal of the Korean Society of Visualization
• /
• v.18 no.3
• /
• pp.69-76
• /
• 2020

In the present study, we investigate the flow separation characteristics of a paraglider canopy model by tuft visualization. The experiment is conducted at Re = 3.3×105 in a wind tunnel large enough to contain the three-dimensional paraglider canopy model, where Re is Reynolds number based on the mean chord length and the free-stream velocity. The flow separation characteristics of the canopy model near the wing root are similar to those of a two-dimensional airfoil with a cross-section similar to the model. On the other hand, near the wingtip region, the flow separation is suppressed by the downwash induced by the wingtip vortex. As a result, as the angle of attack increases, the flow separation occurs from the wing root region of the canopy model and develops toward the wingtip.

• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.