• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권10호
• /
• pp.3750-3770
• /
• 2021

This study investigates open-source dynamic XSS filters used as security devices in web applications to account for the effectiveness of filters in protecting against XSS attacks. The experiment involves twelve representative filters, which are examined individually by placing them into the final output function of a custom-built single-input-form web application. To assess the effectiveness of the filters in their tasks of sanitizing XSS payloads and in preserving benign payloads, a black-box testing method is applied using an automated XSS testing framework. The result in working with malicious and benign payloads shows an important trade-off in the filters' tasks. Because the filters that only check for dangerous or safe elements, they seem to neglect to validate their values. As some safe values are mistreated as dangerous elements, their benign payload function is lost in the way. For the filters to be more effective, it is suggested that they should be able to validate the respective values of malicious and benign payloads; thus, minimizing the trade-off. This particular assessment of XSS filters provides important insight regarding the filters that can be used to mitigate threats, including the possible configurations to improve them in handling both malicious and benign payloads.

• 대한전기학회:학술대회논문집
• /
• 대한전기학회 2001년도 추계학술대회 논문집 전력기술부문
• /
• pp.73-76
• /
• 2001

This paper presents a new systematic contingency selection, screening and ranking method for on-line transient security assessment. Transient stability of a particular generator is influenced most by fault near it. Fault at the transmission lines adjacent to the generators are selected as contingency. Two screening methods are developed using the sensitivity of modal synchronizing torque coefficient and computing an approximate critical clearing time(CCT) without time simulation. The first method, which considers only synchronizing power, may mislead in some cases since it does not consider the acceleration power. The approximate CCT method, which consider both the acceleration and deceleration power, worked well. Finally the Single Machine Equivalent(SIME) method is implemented using IPLAN of PSS/E for detailed stability analysis.

• International Journal of Computer Science & Network Security
• /
• 제22권12호
• /
• pp.1-12
• /
• 2022

Besides unexpected growth perceived by IoT's, the variety and volume of threats have increased tremendously, making it a necessity to introduce intrusion detections systems for prevention and detection of such threats. But Intrusion Detection and Prevention System (IDPS) inside the IoT network yet introduces some unique challenges due to their unique characteristics, such as privacy inference, performance, and detection rate and their frequency in the dynamic networks. Our research is focused on the privacy inferences of existing intrusion prevention and detection system approaches. We also tackle the problem of providing unified a solution to implement the open-source IDPS in the IoT architecture for assessing the performance of IDS by calculating; usage consumption and detection rate. The proposed scheme is considered to help implement the human health monitoring system in IoT networks

• 한국군사과학기술학회지
• /
• 제17권1호
• /
• pp.41-49
• /
• 2014

In this paper, we consider a method to access the number of aircraft requirement which is a strategic variable in national security. This problem becomes more important considering the F-X and KF-X project in ROKAF. Traditionally, ATO(Air Tasking Order) and fighting power index have been used to evaluate the number of aircrafts required in ROKAF. However, those methods considers static aspect of aircraft requirement. This paper deals with a model to accommodate dynamic feature of aircraft requirement using absorbing Markov chain. In conclusion, we suggest a dynamic model to evaluate the number of aircrafts required with key decision variables such as destroying rate, failure rate and repair rate.

• 정보보호학회논문지
• /
• 제31권4호
• /
• pp.779-791
• /
• 2021

보통의 웹 서비스는 불특정 다수에게 허용을 해야하는 접근 통제 정책으로 인하여, 지속적으로 해커들의 공격 대상이 되어 왔다. 이러한 상황에 대응하고자 기업들은 주기적으로 웹 취약점 점검을 실시하고, 발견된 취약점의 위험도에 따라 조치를 취하고 있다. 이러한 웹 취약점 위험도는 국내외 유관기관의 사전 통계 및 자체적인 평가를 통해 산정되어 있다. 하지만 웹 취약점 점검은 보안설정 및 소스코드 등의 정적 진단과는 달리 동적 진단으로 이루어진다. 동일한 취약점 항목일지라도 다양한 공격 결과를 도출할 수 있으며, 진단 대상 및 환경에 따라 위험도가 달라질 수 있다. 이러한 점에서 사전 정의된 위험도는 실제 존재하는 취약점의 위험도와는 상이할 수 있다. 본 논문에서는 이러한 점을 개선하고자 사이버 킬체인 중심으로 공격 결과 기반의 웹 취약점 위험도 평가 모델을 제시한다.

• 조명전기설비학회논문지
• /
• 제17권3호
• /
• pp.127-137
• /
• 2003

논문에서는 대규모 계통의 미소신호안전도 평가 및 해석을 위해 고유치 감도/perturbation 이론에 근거한 상정사고 지표를 제안하였으며 이를 실제 계통에 적용한 결과를 기술하였다. 선로정수와 제어기점수에 대한 미소신호 안정도 상정사고 지표를 제시하였고 이로부터 심각한 저주파진동 문제를 발생할 수 있는 파라메타들을 선택하였다. 또한 각 발전기의 발전량 증감에 대한 고유치 변화로부터 미소신호안정도 상정사고를 일으킬 수 있는 발전기들을 선택하였다. 이 논문에서는 모든 결과들을 2000년 KEPCO 실계통의 시간영역해석과 비교 검증하여 제안한 미소신호안정도 상정사고 해석법이 정확함을 확인하였다.

• Smart Structures and Systems
• /
• 제30권6호
• /
• pp.557-569
• /
• 2022

Vibration-based structural health monitoring (SHM) is crucial for the dynamic maintenance of civil building structures to protect property security and the lives of the public. Analyzing these vibrations with modern artificial intelligence and deep learning (DL) methods is a new trend. This paper proposed an unsupervised deep learning method based on a convolutional autoencoder (CAE), which can overcome the limitations of conventional supervised deep learning. With the convolutional core applied to the DL network, the method can extract features self-adaptively and efficiently. The effectiveness of the method in detecting damage is then tested using a benchmark model. Thereafter, this method is used to detect damage and instant disaster events in a rubber bearing-isolated gymnasium structure. The results indicate that the method enables the CAE network to learn the intact vibrations, so as to distinguish between different damage states of the benchmark model, and the outcome meets the high-dimensional data distribution characteristics visualized by the t-SNE method. Besides, the CAE-based network trained with daily vibrations of the isolating layer in the gymnasium can precisely recover newly collected vibration and detect the occurrence of the ground motion. The proposed method is effective at identifying nonlinear variations in the dynamic responses and has the potential to be used for structural condition assessment and safety warning.

• Nuclear Engineering and Technology
• /
• 제54권3호
• /
• pp.948-958
• /
• 2022

Since reliability and security of man-machine system increasingly depend on reliability of human, human reliability analysis (HRA) has attracted a lot of attention in many fields especially in nuclear engineering. Dependence assessment among human tasks is a important part in HRA which contributes to an appropriate evaluation result. Most of methods in HRA are based on experts' opinions which are subjective and uncertain. Also, the dependence influencing factors are usually considered to be constant, which is unrealistic. In this paper, a new model based on Dempster-Shafer evidence theory (DSET) and fuzzy number is proposed to handle the dependence between two tasks in HRA under uncertain and dynamic situations. First, the dependence influencing factors are identified and the judgments on the factors are represented as basic belief assignments (BBAs). Second, the BBAs of the factors that varying with time are reconstructed based on the correction BBA derived from time value. Then, BBAs of all factors are combined to gain the fused BBA. Finally, conditional human error probability (CHEP) is derived based on the fused BBA. The proposed method can deal with uncertainties in the judgments and dynamics of the dependence influencing factors. A case study is illustrated to show the effectiveness and the flexibility of the proposed method.

• 대한전기학회논문지:전력기술부문A
• /
• 제50권5호
• /
• pp.225-233
• /
• 2001

SIME(SIngle Machine Equivalent) method has been recognized as a useful tool to determine transient stability of power systems. In this paper, SIME method is used to develop the KEPCO transient stability assessment (TSA) tool. A new screening algorithm that can be implemented in SIME method is proposed. The salient feature of the proposed screening algorithm is as follows. First, critical generators are identified by a new index in the early stage of the time domain simulation. Thus, computational time required to find OMIB(One Machine Infinite Bus) can be reduced significantly. Second, clustering critical machines can be performed even in very stable cases. It enables to be avoid extra calculation of time trajectory that is needed in SIME for classifying the stable cases. Finally, using power-angle trajectory and subdividing contingency classification have improved the screening capability. This algorithm is applied to the fast TSA of the KEPCO system.

• Journal of Electrical Engineering and Technology
• /
• 제7권6호
• /
• pp.845-851
• /
• 2012

Power system loads have a significant impact on a system. Although it is difficult to precisely describe loads in a mathematical model, accurately modeling them is important for a system analysis. The traditional load modeling method is based on the load components of a bus. Recently, the load modeling method based on measurements from a system has been introduced and developed by researchers. The two major components of a load modeling problem are determining the mathematical model for the target system and estimating the parameters of the determined model. We use the composite load model, which has both static and dynamic load characteristics. The ZIP model and the induction motor model are used for the static and dynamic load models, respectively. In this work, we propose the measurement-based parameter estimation method for the composite load model. The test system and related measurements are obtained using transient security assessment tool(TSAT) simulation program and PSS/E. The parameter estimation is then verified using these measurements. Cases are tested and verified using the sample system and its related measurements.