• The Journal of the Korea Contents Association
• /
• v.22 no.9
• /
• pp.64-75
• /
• 2022

The method of accessing multiple control systems in the OT control network centered on operation technology uses the operator authentication technology of each control system. An example is ID/PW operator authentication technology. In this case, since the OT control network is composed of multiple control systems, operator authentication technology must be applied to each control system. Therefore, the operator must bear the inconvenience of having to manage authentication information for each control system he manages. To solve these problems, SSO technology is used in business-oriented IT networks. However, if this is introduced into the OT control network as it is, the characteristics of the limited size of the OT control network and rapid operator authentication are not reflected, so it cannot be seen as a realistic alternative. In this paper, a public key-based authentication mechanism was newly proposed as an operator authentication technology to solve this problem. In other words, an integrated public key certificate that applies equally to all control systems in the OT control network was issued and used to access all control systems, thereby simplifying the authentication information management and making access to the control system more efficient and secure.

• Journal of the Society of Disaster Information
• /
• v.18 no.3
• /
• pp.581-588
• /
• 2022

Purpose: This study is about offering ways of improving existing technical standards in order to propose how to deal with coal deep-seated fire and to increase effectiveness of wetting agent. Method: This study conducts infiltration experiment using eight tons of coal, three types of wetting agents and fire water. And this study analyzes domestic and international technical standards, overseas experimental cases. Result: It is found that two findings are identified; one is fire water cannot infiltrate into the coal due to high level of surface tension, and the other is three types of wetting agent can infiltrate into the coal to the depth of 5~25cm. Also, domestic wetting agent technical standards include measuring surface tension only and testing wood on extinguishing capacity test. On the other hand, this study found that deep-seated fire experiment using cotton, B-class fire test using heptane are used from abroad. Besides it is analyze that capillary rise test, sink test, contact angle measurement are conducted to increase effectiveness of wetting agent at the U.S. Bureau of Mines. Conclusion: Based on standards and cases of U.S. NFPA and Bureau of Mines, this study suggests that domestic technical standards should include adding a new test standard which measures infiltration directly.

• Journal of Internet Computing and Services
• /
• v.23 no.6
• /
• pp.1-13
• /
• 2022

As the information and communication environment develops, the environment of military facilities is also development remarkably. In proportion to this, cyber threats are also increasing, and in particular, APT attacks, which are difficult to prevent with existing signature-based cyber defense systems, are frequently targeting military and national infrastructure. It is important to identify attack groups for appropriate response, but it is very difficult to identify them due to the nature of cyber attacks conducted in secret using methods such as anti-forensics. In the past, after an attack was detected, a security expert had to perform high-level analysis for a long time based on the large amount of evidence collected to get a clue about the attack group. To solve this problem, in this paper, we proposed an automation technique that can classify an attack group within a short time after detection. In case of APT attacks, compared to general cyber attacks, the number of attacks is small, there is not much known data, and it is designed to bypass signature-based cyber defense techniques. As an attack model, we used MITRE ATT&CK® which modeled many parts of cyber attacks. We design an impact score considering the versatility of the attack techniques and proposed a group similarity score based on this. Experimental results show that the proposed method classified the attack group with a 72.62% probability based on Top-5 accuracy.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.15 no.4
• /
• pp.257-270
• /
• 2022

In this paper, we design a smart factory risk improvement system and risk improvement method using AI edge devices. The smart factory risk improvement system collects, analyzes, prevents, and promptly responds to the worker's work performance process in the smart factory using AI edge devices, and can reduce the risk that may occur during work with improving the defect rate when workers perfom jobs. In particular, based on worker image information, worker biometric information, equipment operation information, and quality information of manufactured products, it is possible to set an abnormal risk condition, and it is possible to improve the risk so that the work is efficient and for the accurate performance. In addition, all data collected from cameras and IoT sensors inside the smart factory are processed by the AI edge device instead of all data being sent to the cloud, and only necessary data can be transmitted to the cloud, so the processing speed is fast and it has the advantage that security problems are low. Additionally, the use of AI edge devices has the advantage of reducing of data communication costs and the costs of data transmission bandwidth acquisition due to decrease of the amount of data transmission to the cloud.

• Journal of Convergence for Information Technology
• /
• v.12 no.5
• /
• pp.1-14
• /
• 2022

This study tried to suggest crisis management compliance to prevent personal information infringement accidents that may occur in the process because the data including personal information is being processed in the artificial intelligence (AI) service process. To this end, first, the AI service provision process is divided into 3 processes such as service planning/data design and collection process, data pre-processing and purification process, and algorithm development and utilization process. And 3 processes are subdivided into 9 stages following to personal information processing stages to infringe personal information. All processes were investigated with literature and experts' Delphi. Second, the investigated personal information infringement factors were selected through FGI, Delphi, etc. for experts. Third, a survey was conducted with experts on the severity and possibility of each personal information infringement factor, and the validity and adequacy of the 94 responses were verified. Fourth, to present appropriate risk management compliance for personal information infringement factors in AI services, a method for calculating the risk level of personal information infringement is prepared by utilizing the asset value of personal information, personal information infringement factors, and the possibility of infringement accidents. Through this, the countermeasures for personal information infringement incidents were suggested according to the scored risk level.

• Journal of Internet Computing and Services
• /
• v.22 no.6
• /
• pp.115-127
• /
• 2021

With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.

• Journal of the Society of Disaster Information
• /
• v.19 no.1
• /
• pp.1-9
• /
• 2023

In order to carry out construction work, it is urgent to introduce a proper wage system so that the cost burden of projects that have been won due to bleeding competition among original government buildings based on low-priced bids can be transferred to subcontractors. Purpose: Construction with illegal multi-level industrial structure needs to improve the wage reduction environment leading to order (100%) → original contractor (80%) → subcontractor (65%) → load contractor (65%) and aims to ensure wages for end workers. Method: Investigate the current status of labor cost appropriate payment plan in the construction industry, and investigate the case of the appropriate wage system (P.W) in the United States. In addition, the effect and direction of the appropriate wage system are presented. Result: Individual minimum wage security was also mentioned in the Constitution, and many researchers suggested that only the introduction of an appropriate wage system could solve the problem of reducing worker labor and ensure quality and safety. Conclusion: The proper wage system in the construction industry will block illegal multi-level and illegal foreign work, improve the labor environment in the construction market, create an influx of young workers, and have a significant impact on the construction industry's competitive structure, safety, and quality.

• Journal of Service Research and Studies
• /
• v.10 no.4
• /
• pp.71-88
• /
• 2020

CB(Convertible bond) is mezzanine security that have the characteristics of bonds and stocks. From the perspective of investors, the purpose of the research is to empirically investigate the degree of investment efficiency of CB and to suggest efficient investment plans. The research method investigated the maturity interest rate, conversion price, and conversion date for CB, and then linked it with daily stock price fluctuations after the conversion date to determine the degree of investment efficiency and stock conversion effect of CB. As a result of the study, it was analyzed that the ratio of the conversion price exceeded days was only about 1/4 of the conversion date, so the investment efficiency was low. The conversion day yield was -6.3% on average and the maturity day yield was -5.2% on average, showing a minus return on average, which was calculated differently from investor expectations. It was analyzed that the number of stocks with a minus conversion day is 2.4 times greater than the number of plus stocks and 3.7 times more than the number of plus stocks with a minus maturity return, so the expected return on stock conversion of CB is low. The research contribution was derived from the problem that the expected rate of return of CB is not high, and it is that the investor's point of view when purchasing CB was established.

• Journal of the Society of Disaster Information
• /
• v.19 no.3
• /
• pp.656-664
• /
• 2023

Purpose: The Ministry of Employment and Labor manages disasters based on the standard manual for risk management of large-scale human accidents in workplaces when large-scale disasters such as fires and collapses occur in workplaces. We are going to check the standard manual currently in operation and suggest improvement plans for the insufficient items. Method: Accordingly, the standard manual was checked together with internal and external experts in the disaster management manual and disaster management staff at headquarters and local government offices, and items to be improved were identified with priority. Result: In case of a collapse accident, it is necessary for the Ministry of Public Administration and Security to accurately present the selection criteria in order to eliminate the controversy over the selection of the disaster management department. In addition, it seems necessary to supplement the details of the disaster safety communication network operation and evacuation guidelines. Conclusion: In the future, in order to improve the disaster management system that meets the public's eye level, it is expected to prepare a standard manual for risk management of large-scale human accidents in workplaces that guarantees the lives and safety of workers through the collection of opinions from experts in the relevant field, disaster management personnel, and the general public.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.8
• /
• pp.103-109
• /
• 2023

In this paper, we propose a smart wall switch based on IEEE 802.11b/g/n standard 2.4GHz band communication. As the 4th industrial era evolves, smart home solution development is actively underway, and application cases for smart wall switches are increasing. Most of the Chinese products that preoccupy the market through price competitiveness use Bluetooth and Zigbee communication switches. However, while ZigBee communication is low power, communication speed is slower than Bluetooth and network configuration through a separate hub is additionally required. The Bluetooth method has problems in that the communication range and speed are lower than Wi-Fi communication, the communication standby time is relatively long, and security is weak. In this study, an IEEE 802.11b/g/n smart wall switch applied with Wi-Fi communication technology was developed. In addition, through the two-wire structure, it is designed so that no additional cost is incurred through the construction of a separate neutral line in the building. The result of the study is more than 30% cheaper than the existing wall switch, so it is judged that it will be able to preoccupy the market not only in terms of technological competitiveness but also price competitiveness.