• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.799-808
• /
• 2003

Existing security solutions such as Firewell and IDS (Intrusion Detection System) have a trouble in getting accurate detection rate about new attack and can not block interior attack. That is, existing securuty solutions have various shortcomings. Shortcomings of these security solutions can be supplemented with mechanism which guarantees an availability of systems. The mechanism which guarantees the survivability of node is various, we approachintrusion telerance using real time response mechanism. The monitoring code monitors related resources of system for survivability of vulnerable systm continuously. When realted resources exceed threshold, monitoring and response code is deployed to run. These mechanism guarantees the availability of system. We propose control mathod about resource monitoring. The monitoring code operates with this method. The response code may be resident in active node for availability or execute a job when a request is occurred. We suggest the node survivability mechanism that integrates the intrusion tolerance mechanism that complements the problems of existing security solutions. The mechanism takes asvantage of the automated service distribution supported by Active Network infrastructure instead of passive solutions. The mechanism takes advantage of the automated service distribution supported by Active Network infrastructure instead of passive system reconfiguration and patch.

• Journal of the Korean Society of Costume
• /
• v.53 no.7
• /
• pp.9-27
• /
• 2003

The purpose of this research is for confirming that fashion study has to do with industry through the developing of fashion goods which is related to a trend as a cultural code. Recently fashion design trend is focused on 'retro', 'Retro' is the one of the important trends in this century not only fashion but also cultural industry, Therefore, in this research, the processing about development of decorative vest design as fashion goods was showed by using retro image. For this process, research steps were as follows : 1. Confirming the meaning of 'retro fashion'. 2. Studying about the flow of retro fashion from 1960s to 1990s. 3, Finding the characteristics of retro fashion design and the image through abroad and domestic collections from 2000 to 2003. 4. Designing and making vest using new concept from the leading images. Through this processed, it was find that retro fashion design had three images : vintage image, ethnic image and romantic image. Then three vests were made by a concept 'a piece of handicraft' using handcraft technique such as beading, patch-work, fringing, scratching, stitching, mixing which were used in retro fashion design characteristics.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.30 no.6_2
• /
• pp.643-651
• /
• 2012

Object recognition belongs to high-level processing that is one of the difficult and challenging tasks in computer vision. Digital photogrammetry based on the computer vision paradigm has begun to emerge in the middle of 1980s. However, the ultimate goal of digital photogrammetry - intelligent and autonomous processing of surface reconstruction - is not achieved yet. Object recognition requires a robust shape description about objects. However, most of the shape descriptors aim to apply 2D space for image data. Therefore, such descriptors have to be extended to deal with 3D data such as LiDAR(Light Detection and Ranging) data obtained from ALS(Airborne Laser Scanner) system. This paper introduces extension of chain code to 3D object space with hierarchical approach for segmenting point cloud data. The experiment demonstrates effectiveness and robustness of the proposed method for shape description and point cloud data segmentation. Geometric characteristics of various roof types are well described that will be eventually base for the object modeling. Segmentation accuracy of the simulated data was evaluated by measuring coordinates of the corners on the segmented patch boundaries. The overall RMSE(Root Mean Square Error) is equivalent to the average distance between points, i.e., GSD(Ground Sampling Distance).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.595-598
• /
• 2014

The cyber attacks of recent attacks that target zero-day exploit security vulnerabilities before the security patch is released (Zero Day) attack, the web site is without the Lord. These attacks, those that use the vulnerability of security that is built into the software itself is in most cases, cyber attacks that use the vulnerability of the security of the source code, in particular, has a characteristic response that are difficult to security equipment. Therefore, it is necessary to eliminate the security vulnerability from step to implement the software to prevent these attacks. In this paper, we try to design a Secure Coding Guide support tool to eliminate the threat of security from the stage of implementation.

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.7
• /
• pp.337-352
• /
• 2017

Clone-and-own reuse is an approach to creating new software variants by copying and modifying existing software products. A family of legacy software products developed by clone-and-own reuse often requires high maintenance cost and tends to be error-prone due to patch-ups without refactoring and structural degradation. To overcome these problems, many organizations that have used clone-and-own reuse now want to migrate their legacy products to software product line (SPL) for more systematic reuse and management of software asset. However, with most of existing methods, variation points are embedded directly into design and code rather than modeled and managed separately; variation points are not created ("engineered") systematically based on a variability model. This approach causes the following problems: it is difficult to understand the relationships between variation points, thus it is hard to maintain such code and the asset tends to become error-prone as it evolves. Also, when SPL evolves, design/code assets tend to be modified directly in an ad-hoc manner rather than engineered systematically with appropriate refactoring. To address these problems, we propose a feature-oriented method for extracting a SPL asset from a family of legacy applications. With the approach, we identify and model variation points and their relationships in a feature model separate from implementation, and then extract and manage a SPL asset from legacy applications based on the feature model. We have applied the method to a family of legacy Notepad++ products and demonstrated the feasibility of the method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.111-122
• /
• 2002

Malicious attackers generally attempt to intrude the target systems by taking advantage of existing system vulnerabilities and executing readily available code designed to exploit blown vulnerabilities. To the network security administrators, the rat and minimal step in providing adequate network security is to identify existing system vulnerabilities and patch them as soon as possible. Network-based vulnerability analysis scanners (NVAS), although widely used by network security engineers, have shortcomings in that they depend on limited information that is available and generally do not have access to hast-specific information. Host-based vulnerability analysis scanner (HVAS) can serve as an effective complement to NVAS. However, implementations of HVAS differ from one platform to another and from one version to another. Therefore, to security engineers who often have to maintain a large number of heterogeneous network of hosts, it is impractical to develop and manage a large number of HVAS. In this paper, we propose an agent-based architecture named ISMAEL and describe its prototype implementation. Manager process provides various agent processes with descriptiom on vulnerabilities to check, and an agent process automatically generates, compiles, and executes an Java code to determine if the target system is vulnerable or not. The result is sent back to the manager process, and data exchange occurs in % format. Such architecture provides maximal portability when managing a group of heterogeneous hosts and vulnerability database needs to be kept current because the manager process need not be modified, and much of agent process remains unchanged. We have applied the prototype implementation of ISMAEL and found it to be effective.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.1
• /
• pp.71-75
• /
• 2008

Many sensor operating systems have memory limitation constraint; therefore, stack memory areas of threads resides in a single memory space. Because most target platforms do not have hardware MMY (Memory Management Unit), it is difficult to protect each stack area. The method to solve this problem is to exchange original stack handling instructions in binary code for wrapper routines to protect stack area. In this exchanging phase, instruction corruption problem occurs due to difference of each instruction length between stack handling instructions and branch instructions. In this paper, we propose the algorithm to call a target routine without instruction corruption problem. This algorithm can reach a target routine by repeating branch instructions to have a short range. Our solution makes it easy to apply security patch and maintain upgrade of software of sensor node.

• Journal of the Korea Concrete Institute
• /
• v.19 no.1
• /
• pp.67-74
• /
• 2007

We perform an experimental study of concrete beam with pultruded fiber reinforced polymer(FRP) plank using as a permanent formwork and the tensile reinforcement. A satisfactory bond at the interface between the smooth surface of the pultruded plank and the concrete must be developed for the FRP plank and the concrete to act as a composite structural member. Two kinds of aggregate were bonded to the FRP plank using a commercially available epoxy. No additional flexural or shear reinforcement was provided in the beams. For comparison we test two types of control specimen. One control did not have any aggregate bonded to the FRP plank and the other control had infernal steel reinforcing bars instead of the FRP plank. The beams were loaded by central patch load to their ultimate capacity. The experimental results were compared to current ACI 318 (2005) and ACI 440 (2006) code predictions. This study demonstrates that the FRP plank has the potential to serve as formwork and reinforcing for concrete structures.

• Journal of Internet Computing and Services
• /
• v.20 no.4
• /
• pp.13-19
• /
• 2019

In order to register an application with Apple's App Store, it must pass a rigorous verification process through the Apple verification center. That's why spyware applications are difficult to get into the App Store. However, malicious code can also be executed through normal application vulnerabilities. To prevent such attacks, research is needed to detect and analyze early to patch potential vulnerabilities in applications. To prove a potential vulnerability, it is necessary to identify the root cause of the vulnerability and analyze the exploitability. A tool for analyzing iOS applications is the debugger named LLDB, which is built into Xcode, the development tool. There are various functions in the LLDB, and these functions are also available as APIs and are also available in Python. Therefore, in this paper, we propose a method to efficiently analyze potential vulnerabilities of iOS application by using LLDB API.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.541-547
• /
• 2019

Recent developments in hacking technology are continuing to increase the number of new security vulnerabilities. Approximately 80,000 new vulnerabilities have been registered in the Common Vulnerability Enumeration (CVE) database, which is a representative vulnerability database, from 2010 to 2015, and the trend is gradually increasing in recent years. While security vulnerabilities are growing at a rapid pace, responses to security vulnerabilities are slow to respond because they rely on manual analysis. To solve this problem, there is a need for a technology that can automatically detect and patch security vulnerabilities and respond to security vulnerabilities in advance. In this paper, we propose the technology to extract the features of the vulnerability-discovery target binary through complexity analysis, and select a vulnerability-discovery strategy suitable for the feature and automatically explore the vulnerability. The proposed technology was compared to the AFL, ANGR, and Driller tools, with about 6% improvement in code coverage, about 2.4 times increase in crash count, and about 11% improvement in crash incidence.