• International Journal of Computer Science & Network Security
• /
• v.24 no.3
• /
• pp.23-28
• /
• 2024

The multi-tenancy and high scalability of the cloud have inspired businesses and organizations across various sectors to adopt and deploy cloud computing. Cloud computing provides cost-effective, reliable, and convenient access to pooled resources, including storage, servers, and networking. Cloud service models, SaaS, PaaS, and IaaS, enable organizations, developers, and end users to access resources, develop and deploy applications, and provide access to pooled computing infrastructure. Despite the benefits, cloud service models are vulnerable to multiple security and privacy attacks and threats. The SaaS layer is on top of the PaaS, and the IaaS is the bottom layer of the model. The software is hosted by a platform offered as a service through an infrastructure provided by a cloud computing provider. The Hypertext Transfer Protocol (HTTP) delivers cloud-based apps through a web browser. The stateless nature of HTTP facilitates session hijacking and related attacks. The Open Web Applications Security Project identifies web apps' most critical security risks as SQL injections, cross-site scripting, sensitive data leakage, lack of functional access control, and broken authentication. The systematic literature review reveals that data security, application-level security, and authentication are the primary security threats in the SaaS model. The recommended solutions to enhance security in SaaS include Elliptic-curve cryptography and Identity-based encryption. Integration and security challenges in PaaS and IaaS can be effectively addressed using well-defined APIs, implementing Service Level Agreements (SLAs), and standard syntax for cloud provisioning.

• Journal of Korean Tunnelling and Underground Space Association
• /
• v.5 no.1
• /
• pp.71-88
• /
• 2003

The DRASTIC system is widely used for assessing regional groundwater pollution susceptibility by using hydrogeological factors such as depth to water, net recharge, aquifer media, soil media, topography, vadose zone media, hydraulic conductivity. This study is providing Modified Drastic Model to which lineament density, land use, influence of groundwater drawdown caused by tunnel excavation are added as additional factors using geographic information system, and then to evaluate groundwater contamination potential of ${\bigcirc}{\bigcirc}$ area. For statistical analysis, vector coverage per each factor is converted to grid layer and after each correlation coefficient between factors, covariance, variance, eigenvalue and eigenvector by principal component analysis of 3 direction, are calculated, correlation between factors is analyzed. Also after correlation coefficients between general DRASTIC layer and rated lineament density layer, between general DRASTIC layer and rated land use layer, between general DRASTIC layer and rated tunnel excavation influence layer are calculated, final modified DRASTIC model is constructed by using them with each weighting. When modified DRASTIC model was compared with general DRASTIC model, contamination potential in modified DRASTIC model is fairly detailed and consequently, vulnerable area which has high contamination potential could be presented concretly.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.12
• /
• pp.3976-3990
• /
• 2022

Currently, cross-attention is widely used in Siamese trackers to replace traditional correlation operations for feature fusion between template and search region. The former can establish a similar relationship between the target and the search region better than the latter for robust visual object tracking. But existing trackers using cross-attention only focus on rich semantic information of high-level features, while ignoring the appearance information contained in low-level features, which makes trackers vulnerable to interference from similar objects. In this paper, we propose a Multi-level Cross-attention Siamese network(MCSiam) to aggregate the semantic information and appearance information at the same time. Specifically, a multi-level cross-attention module is designed to fuse the multi-layer features extracted from the backbone, which integrate different levels of the template and search region features, so that the rich appearance information and semantic information can be used to carry out the tracking task simultaneously. In addition, before cross-attention, a target-aware module is introduced to enhance the target feature and alleviate interference, which makes the multi-level cross-attention module more efficient to fuse the information of the target and the search region. We test the MCSiam on four tracking benchmarks and the result show that the proposed tracker achieves comparable performance to the state-of-the-art trackers.

• Journal of the Korean Association of Geographic Information Studies
• /
• v.15 no.3
• /
• pp.119-136
• /
• 2012

The goal of this study is to apply the IPCC(Intergovernmental Panel on Climate Change) concept of vulnerability to climate change and verify the use of a combination of vulnerability index and fuzzy logic to flood vulnerability analysis and mapping in Seoul using GIS. In order to achieve this goal, this study identified indicators influencing floods based on literature review. We include indicators of exposure to climate(daily max rainfall, days of 80mm over), sensitivity(slope, geological, average DEM, impermeability layer, topography and drainage), and adaptive capacity(retarding basin and green-infra). Also, this research used fuzzy model for aggregating indicators, and utilized frequency ratio to decide fuzzy membership values. Results show that the number of days of precipitation above 80mm, the distance from river and impervious surface have comparatively strong influence on flood damage. Furthermore, when precipitation is over 269mm, areas with scare flood mitigation capacities, industrial land use, elevation of 16~20m, within 50m distance from rivers are quite vulnerable to floods. Yeongdeungpo-gu, Yongsan-gu, Mapo-gu include comparatively large vulnerable areas. This study improved previous flood vulnerability assessment methodology by adopting fuzzy model. Also, vulnerability map provides meaningful information for decision makers regarding priority areas for implementing flood mitigation policies.

• Journal of the Korean Geotechnical Society
• /
• v.34 no.5
• /
• pp.19-35
• /
• 2018

The necessity of predicting the spatial information of the site-specific seismic response, which is essential information for the comprehensive earthquake disaster countermeasures, is increasing for the mid-west urban areas where the earthquake-induced damages can be increased due to frequent occurrence of mid-scale earthquake such as 2016 Gyeongju Earthquake and 2017 Pohang Earthquake. Especially, researches on strategic securing of site survey datasets and understanding the site-specific site response characteristics were conducted for Gyeonggi-do, South Korea. In this study, a GIS-based framework for site-specific assessment of site response and induced vulnerable area in Gyeonggi-do, South Korea was proposed. Geo-Data based on GIS platform was constructed for regional estimation of geotechnical characteristics by collecting borehole and land coverage datasets. And the geo-spatial grid information was developed for deriving spatial distribution of geotechnical layer and site response parameters based on the optimization of the geostatistical interpolation method. Accordingly, base information for Improving earthquake preparedness measures was derived as seismic zonation map with administrative sub-units considering the quantitative site effect of Gyeonggi-do.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.145-153
• /
• 2018

SSL (Secure Socket Layer) and TLS (Transport Layer Security) are widely used protocols for secure and encrypted communication over a computer network. However, there have been reported several security vulnerabilities of SSL/TLS over the years. The vulnerabilities can let an adversary carry out critical attacks on SSL/TLS enabled servers. In this paper, we have developed a system which can periodically scan SSL/TLS vulnerabilities on internal network servers and quickly detects, reports and visualizes the vulnerabilities. We have evaluated the system on working servers of Naver services and analyzed detected vulnerabilities. 816 vulnerabilities are found on 213 internal server domains (4.2 vulnerabilities on average) and most vulnerable servers are not opened to public. However, 46 server domains have old vulnerabilites which were found 2016. We could patch and response to SSL/TLS vulnerabilites of servers by leveraging the proposed system.

• Journal of KIISE
• /
• v.45 no.1
• /
• pp.76-85
• /
• 2018

Governments and public agencies try to use the cloud to carry out their work and provide public services. However, a public cloud is vulnerable to security side because it has a structure to support services using public networks (i.e, the internet). Thus, this paper finds the general security vulnerabilities of a network and compares and analyzes the characteristics of transport protocols (UDP, TCP, SCTP, and MPTCP) on the basis of their security vulnerabilities. This paper uses a reliability and security factor for the comparative analysis, evaluates the security exposure, and chooses a suitable protocol considering the security of the transport protocols in the cloud circumstance.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.8 no.5
• /
• pp.181-186
• /
• 2008

Wireless data transmission is vulnerable to attackers and hackers. Recently, the fast development of wireless communication systems seamlessly increase the demand for security in this area. Moreover, error correction is especially important because various kinds of interferences among wireless devices. In order to solve two above problems, we propose to apply MCC (M-sequence Convolutional Code) in the system which is able to protect information and correct errors. The proposed system can obtain higher secure property by randomly changing the output connections by the proposed M-sequence. Performance of the system is analyzed according to BER (Bit Error Rate) and secure levels. The simulation results revealed that we can get the coding gain of 0.1 dB over conventional convolution coding technique. The proposed algorithm is installed in physical layer and easily implemented. Another advantage of our proposed (M-sequence and convolutional code) is that it can be applied to CDMA (Code Division Multiple Access) communication system.

• Journal of Information Display
• /
• v.7 no.3
• /
• pp.13-18
• /
• 2006

Currently, the flexible organic light emitting devices (OLEDs) are investigated. They are very vulnerable to moisture, and thus have been found to show some problems. Thus, an effective barrier layer is needed to protect from moisture in air. We deposited thin films with magnesium oxide (MgO) and silicon oxide $(SiO_{2})$ compounds mixed at various mixture ratios on flexible polyether sulfone (PES) substrates by an electron-beam evaporator to investigate their applizability for transparent barrier applications. In this study, we found that as the MgO fraction increased, thin films comprised of MgO and $(SiO_{2})$ compounds became more amorphous and their surface morphologies become smoother and denser. In addition, zirconium oxide $(ZrO_{2})$ was added to the above-mentioned compound mixtures. $ZrO_{2}$ made thin mixture films more amorphous and made the surface morphology denser and more uniform. The water vapor transmission rates (WVTRs) of the whole films decreased rapidly. The best WVTR was obtained by depositing thin films of Mg-Si-Zr-O compound among the whole thin films. As the thin mixture films became more amorphous, and the surface morphology become denser and more uniform, the WVTRs decreased. Therefore, the thin mixture films became more suitable for flexible OLED applications as transparent passivation layers against moisture in air.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.7
• /
• pp.1325-1334
• /
• 2016

The video incident detection System is a probe for rapid detecting the walker, falling, stopped, backwards, smoke situation in tunnel. Recently, the importance is increases from the downtown double deck tunnel in great depth underground space[1], but the legal basis is weak and the vulnerable situation experimental data. So, In this paper, we introduce a long-term log data analysis information in the tunnenl video incident detection system installed and experimental results in order to verify the feasibility of apply to video incident detection system for the double deck tunnel. It is proposed a few things about derives the problem of existing video incident detection system, improvements and reflect attributes for double deck tunnel. The contents described in this paper will contribute to refine the prototype of video incident detection system will apply to future double deck multi-layer tunnels.