• The Journal of the Korea Contents Association
• /
• v.21 no.2
• /
• pp.499-506
• /
• 2021

Hackers' cyber attack techniques are becoming more sophisticated and diversified, with a form of attack that has never been seen before. In terms of information security vulnerability standard code (CVE), about 90,000 new codes were registered from 2015 to 2020. This indicates that security threats are increasing rapidly. When new security vulnerabilities occur, damage should be minimized by preparing countermeasures for them, but in many cases, companies are insufficient to cover the security management level and response system with a limited security IT budget. The reason is that it takes about a month for analysts to discover vulnerabilities through manual analysis, prepare countermeasures through security equipment, and patch security vulnerabilities. In the case of the public sector, the National Cyber Safety Center distributes and manages security operation policies in a batch. However, it is not easy to accept the security policy according to the characteristics of the manufacturer, and it takes about 3 weeks or more to verify the traffic for each section. In addition, when abnormal traffic inflow occurs, countermeasures such as detection and detection of infringement attacks through vulnerability analysis must be prepared, but there are limitations in response due to the absence of specialized security experts. In this paper, we proposed a method of using the security policy information sharing site "snort.org" to prepare effective countermeasures against new security vulnerability attacks.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.11
• /
• pp.94-103
• /
• 2017

As automatic hacking tools and techniques have been improved, the number of new vulnerabilities has increased. The CVE registered from 2010 to 2015 numbered about 80,000, and it is expected that more vulnerabilities will be reported. In most cases, patching a vulnerability depends on the developers' capability, and most patching techniques are based on manual analysis, which requires nine months, on average. The techniques are composed of finding the vulnerability, conducting the analysis based on the source code, and writing new code for the patch. Zero-day is critical because the time gap between the first discovery and taking action is too long, as mentioned. To solve the problem, techniques for automatically detecting and analyzing software (SW) vulnerabilities have been proposed recently. Cyber Grand Challenge (CGC) held in 2016 was the first competition to create automatic defensive systems capable of reasoning over flaws in binary and formulating patches without experts' direct analysis. Darktrace and Cylance are similar projects for managing SW automatically with artificial intelligence and machine learning. Though many foreign commercial institutions and academies run their projects for automatic binary analysis, the domestic level of technology is much lower. This paper is to study developing automatic detection of SW vulnerabilities and defenses against them. We analyzed and compared relative works and tools as additional elements, and optimal techniques for automatic analysis are suggested.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.4
• /
• pp.226-238
• /
• 2010

OpenSSL is an open-source library implementing SSL that is a secure communication protocol. However, the library has a severe vulnerability that its security information can be easily exposed to malicious software when the library is used in a form of shared library on Linux and UNIX operating systems. We propose a scheme to attack the vulnerability of the OpenSSL library. The scheme injects codes into a running client program to execute the following attacks on the vulnerability in a SSL handshake. First, when a client sends a server a list of cryptographic algorithms that the client is willing to support, our scheme replaces all algorithms in the list with a specific algorithm. Such a replacement causes the server to select the specific algorithm. Second, the scheme steals a key for data encryption and decryption when the key is generated. Then the key is sent to an outside attacker. After that, the outside attacker decrypts encrypted data that has been transmitted between the client and the server, using the specified algorithm and the key. To show that our scheme is realizable, we perform an experiment of collecting encrypted login data that an ftp client using the OpenSSL shared library sends its server and then decrypting the login data.

• The Journal of Korean Institute of Electromagnetic Engineering and Science
• /
• v.26 no.11
• /
• pp.999-1011
• /
• 2015

In modern electronic warfare, RADAR is under constant threat of ECM(Electronic Counter Measures) signals from nearby jammers. The conventional linear frequency modulated(Linear-FM) waveform is easy to be intercepted to estimate its signal parameters due to its periodical phase transition. Recently, APCN(Advanced Pulse Compression Noise) waveform using random amplitude and phase transition was proposed for LPI(Low probability of Intercept). But random phase code signals such as APCN waveform tend to be sensitive to Doppler frequency shift and result in performance degradation during moving target detection. In this paper, random phase and code rate transition based radar waveform(RPCR) is proposed for Doppler tolerance improvement. Time frequency analysis is carried out through ambiguity analysis to validate the improved Doppler tolerance of RPCR waveform. As a means to measure the vulnerability of the proposed RPCR waveform against LPI, WHT(Wigner-Hough Transform) is adopted to analyze and estimate signal parameters for ECCM(Electronic Counter Counter Measures) application.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.666-668
• /
• 2013

Recently, the kind and number of malicious code, which operates in Operation System of smart devices, are rapidly increasing along with the fast supplement of smart devices. Especially, smart devices based on Android OS have high potential of danger to expose to malicious code as it has an easy access to system authority. When using intent, the global message system provided from Android, inter approach between applications is available, and possible to access to created data by the device. Intent provides convenience to application development in the aspect of reusability of component however, it could be appointed as a risk element in security-wise. Therefore, if intent is used in malicious purpose, it is easy to lead the condition where is weak on security. That is, it is possible to control as accessing to resources which application is carrying to operate by receiving intents as making smart device uncontrollable or consuming system resources. Especially, in case of system authority is achieved, the risks such as smart device control or personal information exposure become bigger when misusing broadcast intent through malicious code. This paper proposes a corresponding method of security vulnerability of Android intent that monitors the appearance of intent with intent pattern inspection, detects and blocks unidentified pattern intent.

• Earthquakes and Structures
• /
• v.20 no.3
• /
• pp.279-293
• /
• 2021

Most of the existing seismic codes for RC buildings consider only a scenario earthquake for analysis, often characterized by the response spectrum at the specified location. However, any real earthquake event often involves occurrences of multiple earthquakes within a few hours or days, possessing similar or even higher energy than the first earthquake. This critically impairs the rehabilitation measures thereby resulting in the accumulation of structural damages for subsequent earthquakes after the first earthquake. Also, the existing seismic provisions account for the non-linear response of an RC building frame implicitly by specifying a constant response modification factor (R) in a linear elastic design. However, the 'R' specified does not address the changes in structural configurations of RC moment-resisting frames (RC MRFs) viz., building height, number of bays present, bay width, irregularities arising out of mass and stiffness changes, etc. resulting in changed dynamic characteristics of the structural system. Hence, there is an imperative need to assess the seismic performance under sequential earthquake ground motions, considering the adequacy of code-specified 'R' in the representation of dynamic characteristics of RC buildings. Therefore, the present research is focused on the evaluation of the non-linear response of medium-rise 3D RC MRFs with and without vertical irregularities under bi-directional sequential earthquake ground motions using non-linear dynamic analysis. It is evident from the results that collapse probability increases, and 'R' reduces significantly for various RC MRFs subjected to sequential earthquakes, pronouncing the vulnerability and inadequacy of estimation of design base shear by code-specified 'R' under sequential earthquakes.

• Journal of the Earthquake Engineering Society of Korea
• /
• v.17 no.5
• /
• pp.237-243
• /
• 2013

In the Korean Building Code (KBC), the Design Eccentricity involves the torsional amplification factor (TAF), and the inherent and accidental eccentricities. When a structure of less than 6-stories and assigned to seismic design category C or D is designed using equivalent static analysis method, both KBC-2006 and KBC-2009 use the TAF but apply different calculation methods for the of design eccentricity. The design eccentricity in KBC-2006 is calculated by multiplying the sum of inherent eccentricity and accidental eccentricity at each level by a TAF but that in KBC-2009 is calculated by multiplying only the accidental eccentricity by a TAF. In this paper, the damage indices of a building with planar structural irregularity designed by different design eccentricities are compared and the relationship between the earthquake damage and design eccentricity of the building is evaluated. On the basis of this study, the increment of design eccentricity results in the decrement of final eccentricity and global damage index of structure. It is observed that design eccentricity in KBC-2006 reduces the vulnerability of torsional irregular building compared to design eccentricity in KBC-2009.

• Earthquakes and Structures
• /
• v.12 no.3
• /
• pp.359-374
• /
• 2017

The seismic events in Northern Italy, May 2012, have revealed the seismic vulnerability of typical Italian precast industrial buildings. The aim of this paper is to present a seismic fragility model for Italian RC precast buildings, to be used in earthquake loss estimation and seismic risk assessment by comparing two building typologies and three different codes: D.M. 3-03-1975, D.M. 16-01-1996 and current Italian building code that has been released in 2008. Based on geometric characteristics and design procedure applied, ten different building classes were identified. A Monte Carlo simulation was performed for each building class in order to generate the building stock used for the development of fragility curves trough analytical method. The probabilistic distributions of geometry were mainly obtained from data collected from 650 field surveys, while the material properties were deduced from the code in place at the time of construction or from expert opinion. The structures were modelled in 2D frameworks; since the past seismic events have identified the beam-column connection as the weakest element of precast buildings, two different modelling solutions were adopted to develop fragility curves: a simple model with post processing required to detect connection collapse and an innovative modelling solution able to reproduce the real behaviour of the connection during the analysis. Fragility curves were derived using both nonlinear static and dynamic analysis.

• Journal of the Korean GEO-environmental Society
• /
• v.23 no.2
• /
• pp.13-23
• /
• 2022

The ground-structure interaction of the bridge foundation has been pointed out as a major factor influencing the behavior of the bridge during earthquakes. In this study, the effect of characteristics of ground and bridge foundation on the earthquake vulnerability is investigated. From the pseudo-static analysis, it is confirmed that non-linearity becomes lesser and horizontal load becomes greater when surcharge is considered. It is also found that as the ground worsens and the size of foundation decreases, horizontal load reduces. To derive reasonable structural model for bridge foundation, fragility curve is obtained considering four conditions (fixed condition, equivalent linear condition, non-linear without surchage condition, non-linear with surcharge condition) and compared. Seismic analysis is performed on single pier with Opensees. From the earthquake vulnerability analysis, it is found that shallow foundation can be assumed as fixed condition. In conservative approach, stiffness of spring can be obtained based on Korean highway bridge design code for pile foundation which can consider the ground condition.

• Convergence Security Journal
• /
• v.12 no.1
• /
• pp.17-25
• /
• 2012

SQL Injection techniques disclosed web hacking years passed, but these are classified the most dangerous attac ks. Recent web programming data for efficient storage and retrieval using a DBMS is essential. Mainly PHP, JSP, A SP, and scripting language used to interact with the DBMS. In this web environments application does not validate the client's invalid entry may cause abnormal SQL query. These unusual queries to bypass user authentication or da ta that is stored in the database can be exposed. SQL Injection vulnerability environment, an attacker can pass the web-based authentication using username and password and data stored in the database. Measures against SQL Inj ection on has been announced as a number of methods. But if you rely on any one method of many security hole ca n occur. The proposal of four levels leverage is composed with the source code, operational phases, database, server management side and the user input validation. This is a way to apply the measures in terms of why the accident preventive steps for creating a phased step-by-step response nodel, through the process of management measures, if applied, there is the possibility of SQL Injection attacks can be.