• Journal of the Korea Society for Simulation
• /
• v.13 no.3
• /
• pp.11-20
• /
• 2004

The major objective of this paper is to perform modeling of cyber attack and defense using vulnerability metrics. To do this, we have attempted command level modeling for realizing an approach of functional level proposed by Nong Ye, and we have defined vulnerability metrics that are able to apply to DEVS(Discrete Event System Specification) and performed modeling of cyber attack and defense using this. Our approach is to show the difference from others in that (i) it is able to analyze behaviors of systems being emerged by interaction between functional elements of network components, (ii) it is able to analyze vulnerability in quantitative manner, and (iii) it is able to establish defense suitably by using the analyzed vulnerability. We examine an example of vulnerability analysis on the cyber attack and defense through case study.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.701-713
• /
• 2021

Race Condition is a vulnerability in which two or more processes input or manipulate a common resource at the same time, resulting in unintended results. This vulnerability can lead to problems such as denial of service, elevation of privilege. When a vulnerability occurs in software, the relevant information is documented, but often the cause of the vulnerability or the source code is not disclosed. In this case, analysis at the binary level is necessary to detect the vulnerability. This paper aims to detect the Time-Of-Check Time-Of-Use (TOCTOU) Race Condition vulnerability of UNIX kernel-based File System at the binary level. So far, various detection techniques of static/dynamic analysis techniques have been studied for the vulnerability. Existing vulnerability detection tools using static analysis detect through source code analysis, and there are currently few studies conducted at the binary level. In this paper, we propose a method for detecting TOCTOU Race Condition in File System based on Control Flow Graph and Call Graph through Binary Analysis Platform (BAP), a binary static analysis tool.

• Journal of Soil and Groundwater Environment
• /
• v.18 no.5
• /
• pp.26-38
• /
• 2013

In this study, priority for groundwater contamination management was assessed based on regional vulnerability in Goyang-si area, Gyonggi-do, Korea using analytic hierarchy process (AHP) and geographic information system (GIS). We proposed a concept for regional vulnerability to groundwater contamination with using socio-environmental vulnerability factors, which can be classified into three properties including regional hydrogeological property, contamination property, and groundwater use property. This concept is applied to Goyang-si area. For AHP analysis, an expertise-targeted survey was conducted. Based on the survey, a total of 10 factors (criteria) and corresponding weights for regional vulnerability assessment were determined. The result shows that regional contamination property is the most weighted factor among the three property groups (hydrogeological property: contamination property: groundwater use property = 0.3: 0.4: 0.3). Then, database layers for those factors were constructed, and regional vulnerability to groundwater contamination was assessed by weighted superposition using GIS. Results show that estimated regional vulnerability score is ranged from 22.7 to 94.5. Central and western areas of Goyang-si which have groundwater tables at shallow depths and are mainly occupied by industrial and residential areas are estimated to be relatively highly vulnerable to groundwater contamination. Based on assessed regional vulnerability, we classified areas into 4 categories. Category 1 areas, which are ranked at the top 25% of vulnerability score, take about 2.8% area in Goyang-si and give a high priority for groundwater contamination management. The results can provide useful information when the groundwater management authority decide which areas should be inspected with a high priority for efficient contamination management.

• Convergence Security Journal
• /
• v.22 no.1
• /
• pp.11-17
• /
• 2022

Cyber attacks on national infrastructure, including large-scale power outages in Ukraine, have continued in recent years. As a result, ICS-CERT vulnerabilities have doubled compared to last year, and vulnerabilities to industrial control systems are increasing day by day. Most control system operators develop vulnerability countermeasures based on the vulnerability information sources provided by ICS-CERT in the United States. However, it is not applicable to the security of domestic control systems because it does not provide weaknesses in Korean manufacturers' products. Therefore, this study presents a vulnerability analysis framework that integrates CVE, CWE, CAPE, and CPE information related to the vulnerability based on ICS-CERT information (1843 cases). It also identifies assets of nuclear facilities by using CPE information and analyzes vulnerabilities using CVE and ICS-CERT. In the past, only 8% of ICS-CERT's vulnerability information was searched for information on any domestic nuclear facility during vulnerability analysis, but more than 70% of the vulnerability information could be searched using the proposed methodology.

• Proceedings of the Korea Society for Simulation Conference
• /
• 2004.05a
• /
• pp.13-19
• /
• 2004

본 논문은 SIMVA(Simulation Vulnerability Analyzer)를 이용한 시뮬레이션 기반의 네트워크 취약성 분석을 주목적으로 한다 SIMVA는 네트워크 상태를 감시하고, 이를 토대로 취약성을 분석하기 위하여 개발된 S/W로서, SES/MB (System Entity Structure / Model Base) 프레임워크 및 DEVS(Discrete Event System Specification) 이론을 적용하여 네트워크 보안 모델링을 수행할 수 있으며, 취약성 메트릭스를 통하여 정량적으로 취약성을 분석할 수 있다. 본 연구에서는 SIMVA를 이용하여 최근 네트워크 보안 문제에 심각한 영향을 미치는 슬래머 웜 공격 시나리오에 대한 취약성 분석을 수행함으로써 SIMVA의 검증 및 적용 가능성을 제시한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.8
• /
• pp.1973-1980
• /
• 2015

The combat system has a different purpose depending on its mission. All functions of combat system are important, but, the components that related main functions for the purpose, are important than other components. Also, the hit probability of component is proportional to area of the component. Therefore, when we analyze vulnerability of combat system, to consider the importance and hit probability of component. Thus to improve reliability of combat system, we apply the analyzed result to design combat system. In this paper, we develop a vulnerability analysis program based on criticality which calculated from importance and hit probability of components by related researches. To do this, we propose a methodology to apply criticality of components, and define classification rates for calculating criticality based on FMECA. Additionally, we propose a technique of vulnerability analysis using criticality of components, and apply the proposed technique to develop and test the vulnerability analysis program for automation of analysis.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.9
• /
• pp.1011-1018
• /
• 2014

Because of the proliferation of web services through web site, web hacking attempts are increasing using vulnerabilities of the web application. In order to improve the security of web applications, we have to find vulnerabilities in web applications and then have to remove. This paper addresses a vulnerability in a web application on existing problems and analyze and propose solutions to the vulnerability. This paper have checked the stability of existing web security solutions and evaluated its suitability through analysis of vulnerability. Also, we have implemented the vulnerability analysis tools for web Proxy system and proposed methods to optimize for resolution of web vulnerabilities.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.51-60
• /
• 2007

It is important to assess vulnerability of network and information system to countermeasure against a variety of attack in effective and efficient way. But vulnerability and risk assessment methodology for network and information systems could not be directly applied to sensor networks because sensor networks have different properties compared to traditional network and information system. This paper proposes a vulnerability assessment framework for cluster based sensor networks. The vulnerability assessment for sensor networks is presented. Finally, the case study in cluster based sensor networks is described to show possibility of the framework.

• Korean Journal of Computational Design and Engineering
• /
• v.20 no.3
• /
• pp.238-245
• /
• 2015

Vulnerability assessment is a process to calculate the damage degree of a combat vehicle when the combat vehicle is attacked by an enemy. When the vehicle is hit, it is necessary to analyze the shot line to calculate which components are damaged and judge whether the armor of the vehicle is penetrated by enemy's warhead. To analyze the shot line efficiently, this paper presents the target modeling and the shot line analysis system to assess vulnerability of the ground combat vehicle. This system is easily able to do several functions: 1) the program reads STL files converted from CAD model which is designed by commercial CAD software. 2) It calculates the intersection between triangle of STL mesh and the shot line, and check if the components of the model are penetrated. 3) This program can visualize the results using OpenGL. The vulnerability assessment using the shot line analysis can be used to model the armor of the combat vehicle and arrange the inner components effectively in the early stage of development of the combat vehicle.

• Proceedings of the Korean Geotechical Society Conference
• /
• 2005.03a
• /
• pp.713-718
• /
• 2005

A methodology is developed to evaluate the vulnerability of bridge piers to scour and to help establish effective disaster measures, taking into account the locality and scour characteristics in Korea. Based on the bearing capacity of bridge foundation-ground integrating system changed by scour, this methodology is able to prioritize bridge foundations reflecting on the geotechnical factors as well as hydraulic ones. The bridge foundation vulnerability to scour is categorized into 7 groups considering the concise information of the bridge foundation-ground integrating system. A case study of implementing this method which includes the analysis of the scour depth and evaluation, and categorizing the scour vulnerability of bridge foundation is presented.