• Journal of the Korea Institute of Building Construction
• /
• v.16 no.5
• /
• pp.437-445
• /
• 2016

Since typhoon is a critical meteorological disaster, some advanced countries have developed typhoon damage prediction models. However, although South Korea is vulnerable to typhoons, there is still shortage of study in typhoon damage prediction model reflecting the vulnerability of domestic building and features of disaster. Moreover, many studies have been only focused on the characteristics and typhoon and regional characteristics without various influencing factors. Therefore, the objective of this study is to analyze typhoon damage by path and develop to prediction model for building damage ratio by using multiple regression analysis. This study classifies the building damages by typhoon paths to identify influencing factors then the correlation analysis is conducted between building damage ratio and their factors. In addition, a multiple regression analysis is applied to develop a typhoon damage prediction model. Four categories; typhoon information, geography, construction environment, and socio-economy, are used as the independent variables. The results of this study will be used as fundamental material for the typhoon damage prediction model development of South Korea.

• Journal of KIISE
• /
• v.42 no.4
• /
• pp.487-495
• /
• 2015

Since most of information is computerized nowadays, it is extremely important to promote the security of the computerized information. However, the software itself can threaten the safety of information through many abusive methods enabled by coding mistakes. Even though the Secure Coding Guide has been proposed to promote the safety of information by fundamentally blocking the hacking methods, it is still hard to apply the techniques on other programming languages because the proposed coding guide is mainly written for C and Java programmers. In this paper, we reclassified the coding rules of the Secure Coding Guide to extend its applicability to programming languages in general. The specific coding guide adopted in this paper is the C Secure Coding Guide, announced by the Ministry of Government Administration and Home Affairs of Korea. According to the classification, we applied the rules of programming in Sprout, which is a newly proposed Korean programming language. The number of vulnerability rules that should be checked was decreased in Sprout by 52% compared to C.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.11-17
• /
• 2012

The HC-128 stram cipher which selected for the final eSTREAM portfolio is suitable for mobile Ad-Hoc network environments because of the ability of high-speed encryption in restricted memory space. In this paper, we analyzed the vulnerability of side channel analysis attack on HC-128 stream cipher. At the first, we explain a flaw of previous theoretical analysis result which defined the complexity of side-channel attack of HC-128 stream cipher as 'low' and then re-evaluate the security against side-channel attack by estimating the concrete complexity for recovering the secret key. As a result, HC-128 stream cipher is relatively secure against side-channel attack since recovering the secret key have $2^{65}$ computation complexity which is higher than other stream cipher's one.

• Journal of Convergence Society for SMB
• /
• v.5 no.2
• /
• pp.1-6
• /
• 2015

Small and medium-sized companies lack countermeasures to secure the safety of a information system. In this circumstance, they have difficulties regarding the damage to their images and legal losses, when the information is leaked. This paper examines the information leakage of the system and hacking methods including APT attacks. Especially, APT attack, Advanced Persistent Threats, means that a hacker sneaks into a target and has a latency period of time and skims all the information related to the target, and acts in the backstage and neutralize the security services without leaving traces. Because he attacks the target covering up his traces not to reveal them, the victim remains unnoticed, which increases the damage. This study examines attack methods and the process of them and seeks a countermeasure.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.2
• /
• pp.51-56
• /
• 2017

With the rapid increase in the number of mobile terminals, demand for wireless technologies has sharply increased these days. While wireless communication provides advantages such as ease of deployment, mobility of terminals, continuity of session, and almost comparable transmission bandwidth to the wired communication, it has vulnerability to malicious radio attacks such as eavesdropping, denial of service, session hijacking, and jamming. Among a variety of methods of preventing wireless attacks, the MTD(Moving Target Defense) is the technique for improving the security capability of the defense system by constantly changing the ability of the system to be attacked. In this paper, in order to develop a resilient software defined radio communication testbed system, we present a novel MTD approach to change dynamically and randomly the radio parameters such as modulation scheme, operating frequency, packet size. The probability of successful attack on the developed MTD-based SDR communication system has been analysed in a mathematical way and verified through simulation.

• Journal of Digital Convergence
• /
• v.18 no.9
• /
• pp.57-62
• /
• 2020

Smart home based on Internet of things (IoT) is rapidly emerging as an exciting research and industry field. However, security and privacy have been critical issues due to the open feature of wireless communication channel. As a step towards this direction, Shuai et al. proposed an anonymous authentication scheme for smart home environment using Elliptic curve cryptosystem. They provided formal proof and heuristic analysis and argued that their scheme is secure against various attacks including de-synchronization attack, mobile device loss attack and so on, and provides user anonymity and untraceability. However, this paper shows that Shuai et al.'s scheme does not provide user anonymity nor untraceability, which are very important features for the contemporary IoT network environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.10
• /
• pp.349-360
• /
• 2015

In recent year, phishing attacks are flooding with services based on the web technology. Phishing is affecting online security significantly day by day with the vulnerability of web pages. To prevent phishing attacks, a lot of anti-phishing techniques has been made with their own advantages and dis-advantages respectively, but the phishing attack has not been eradicated completely yet. In this paper, we have studied phishing in detail and categorize a process of phishing attack in two parts - Landing-phase, Attack-phase. In addition, we propose an phishing detection methodology based on web sites heuristic. To extract web sites features, we focus on URL and source codes of web sites. To evaluate performance of the suggested method, set up an experiment and analyze its results. Our methodology indicates the detection accuracy of 98.9% with random forest algorithm. The evaluation of proof-of-concept reveals that web site features can be used for phishing detection.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.793-798
• /
• 2003

The P2P service is a technology that can share their information with each other who is able to be connected ith a relating program without passing by a server. Since all personal compiters that linked to the internet under the P2P service can opetate as server or a client, they can provide and share both their information and services through the direct connection. Currently, the P2P service is giving an equal privilege to all users for sharing their resources,.Under this situation, a lot of vulnerability against the various sttacks through the Unternet is possoble, more sophisticated security services are necessary. In this paper, We propose and access control schemae using SPKI(Simple Public Key Infrastructure). The scheme designates and access and acces control by providing the certificate to users who request a connection for resource sharing and limits the resource usage of information provider according to the access right that is given to their own rights.

• Journal of the Korean Society of Surveying, Geodesy, Photogrammetry and Cartography
• /
• v.37 no.5
• /
• pp.303-313
• /
• 2019

After a disaster happens in urban areas, many people need support for a quick evacuation. This work aims to develop a method for the calculation of the most feasible evacuation route inside buildings. In the methodology we simplify the geometry of the structural and non structural elements from the BIM (Building Information Modeling) to store them in a spatial database which follows standards to support vector data. Then, we apply the multicriteria analysis with the allocation of prioritization values and weight factors validated through the AHP (Analytic Hierarchy Process), in order to obtain the Importance Index S(n) of the elements. The criteria consider security conditions and distribution of the building's facilities. The S(n) is included as additional heuristic data for the calculation of the evacuation route through an algorithm developed as a variant of the $A^*$ pathfinding, The experimental results in the simulation of evacuation scenarios for vulnerable people in healthy physical conditions and for the elderly group, shown that the conditions about the wide of routes, restricted areas, vulnerable elements, floor roughness and location of facilities in the building applied in the multicriteria analysis has a high influence on the processing of the developed variant of $A^*$ algorithm. The criteria modify the evacuation route, because they considers as the most feasible route, the safest instead of the shortest, for the simulation of evacuation scenarios for people in healthy physical conditions. Likewise, they consider the route with the location of facilities for the movement of the elderly like the most feasible in the simulation of evacuation route for the transit of the elderly group. These results are important for the assessment of the decision makers to select between the shortest or safest route like the feasible for search and rescue activities.

• Korean Journal of Remote Sensing
• /
• v.37 no.4
• /
• pp.803-813
• /
• 2021

Coastal erosion has been a threat to coastal communities and emerged as an urgent problem. Among the coastal communities that are under perceived threat, Cotonou located in Benin, West Africa, is considered as one of the most dangerous area due to its high vulnerability. To address this problem, in 2013, the Benin authorities established seven groynes at east of Cotonou port, and two additional intermediate groynes have recently been integrated in April 2018. However, there is no quantitative analysis of groynes so far, so it is hard to know how effective they have been. To analyze effectiveness, we used optical satellite images from different time periods, especially 2004 and 2020, and then compared changes in length, width and area of shoreline in Cotonou. The study area is divided into two sectors based on the location of Cotonou port. The difference of two areas is that Sector 2 has groynes installed while Sector 1 hasn't. As result of this study, shoreline in Sector 1 showed accretion by recovering 1.20 km² of area. In contrast, 3.67 km² of Sector 2 disappeared due to coastal erosion, although it has groynes. This may imply that groynes helped to lessen the rate of average erosion, however, still could not perfectly stop the coastal erosion in the area. Therefore, for the next step, we assume it is recommended to study how to maximize effectiveness of groynes.