• Environmental Engineering Research
• /
• 제23권1호
• /
• pp.84-91
• /
• 2018

The present study deals with the management of groundwater resources of an important agriculture track of north-western part of Saudi Arabia. Due to strategic importance of the area efforts have been made to estimate aquifer proneness to attenuate contamination. This includes determining hydrodynamic behavior of the groundwater system. The important parameters of any vulnerability model are geological formations in the region, depth to water levels, soil, rainfall, topography, vadose zone, the drainage network and hydraulic conductivity, land use, hydrochemical data, water discharge, etc. All these parameters have greater control and helps determining response of groundwater system to a possible contaminant threat. A widely used DRASTIC model helps integrate these data layers to estimate vulnerability indices using GIS environment. DRASTIC parameters were assigned appropriate ratings depending upon existing data range and a constant weight factor. Further, land-use pattern map of study area was integrated with vulnerability map to produce pollution risk map. A comparison of DRASTIC model was done with GOD and AVI vulnerability models. Model validation was done with $NO_3$, $SO_4$ and Cl concentrations. These maps help to assess the zones of potential risk of contamination to the groundwater resources.

• Journal of Korea Society of Digital Industry and Information Management
• /
• 제11권3호
• /
• pp.53-62
• /
• 2015

Recently, number of tablet or Smartphone users increased significantly in domestic and around the world. But violation of personal information such as leakage, misuse and abuse are constantly occurring by using mobile devices which is very useful in our society. Therefore, in this paper it will talk about the problems in the network environment of the mobile environment such as tablet and Smartphone, Mobile Malware, hacking of the public key certificate, which could be potential threat to mobile environment. This thesis will research for people to use their mobile devices more reliable and safer in mobile environment from invasion and leakage of personal information. In order to use Smartphone safely, users have to use Wi-Fi and Bluetooth carefully in the public area. This paper will research how to use App safely and characteristic of risk of worm and Malware spreading. Because of security vulnerabilities of the public key certificate, it will suggest new type of security certification. In order to prevent from the information leakage and infect from Malware in mobile environment without knowing, this thesis will analyze the improved way to manage and use the mobile device.

• Journal of Internet Computing and Services
• /
• 제16권6호
• /
• pp.47-55
• /
• 2015

The conventional dynamic routing methods in Software Defined Networks (SDN) set the optimal routing path based on the minimum link cost, and thereby transmits the incoming or outgoing flows to the terminal. However, in this case, flows can bypass the middlebox that is responsible for security service and thus, thus the network can face a threat. That is, while determining the best route for each flow, it is necessary to consider a dynamic service chaining, which routes a flow via a security middlebox. Therefore, int this paper, we propose a new dynamic routing method that considers the dynamic flow routing method combined with the security service functions over the SDN.

• Journal of Information Technology Services
• /
• 제13권4호
• /
• pp.245-254
• /
• 2014

Payment system is defined as the various contracts and operating facilities for the transfer of monetary value to clear the relationship between credit and debt. Payment systems essentially require the efficient and reliable operations. Card-based payment systems are developed practically and creatively in accordance with the progress of ICT. Especially in mobile environment with intelligent mobile devices such as smart-phones and tablets, a variety of payment services are provided. Existing card-based payment services are configured by the payment transaction initiated by the merchants card acceptance and then swiping into the CAT (Card Authorization Terminal) to begin the transaction. The merchant initiated payment services are now applied to the Wireless CAT (W-CAT) for mobile environment. That kind of payment services cause many problems such the illegal card information leaks and the lingering threat of W-CAT theft. Also, the use of many W-CATs increased cost to the merchant. In this paper, we propose the card holder initiated card payment system using the intelligent mobile devices in mobile environment for solving problems of the existing merchant initiated card payment system and coping effectively with the activation of a wireless data network and changes of information technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• 제23권2호
• /
• pp.329-337
• /
• 2013

Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.

• Journal of Information Technology Services
• /
• 제12권3호
• /
• pp.151-163
• /
• 2013

It is no doubt that information technology is the key factor of national safety. Information technology is positively useful for national security such as crime prevention and detection, criminal investigation, disaster management, and national defense. However, it might be a threat to the security as we saw in the examples such as '3.4 DDoS attacks' and 'Nong-hyup Computer Network Failure.' Although the effect that information technology makes upon the national security is immense, the current legal system does not reflect these changes well. National security should be kept during 'prevention-response-recovery' process regardless it is in the online on offline. In addition, public administration for national security should be based on laws. However, the current legal system is lack of legislative basis on cyber and physical disaster, and the laws on the response to disaster might cause confusing. Therefore, this study examines the limitation of the current legal system on national security, and suggests directions for the development of the system based on the new establishment of the legal concept for 'national security'.

• Proceedings of the Korea Water Resources Association Conference
• /
• 한국수자원학회 2008년도 학술발표회 논문집
• /
• pp.1027-1031
• /
• 2008

본 연구는 한반도 영역을 대상으로 2001년 7, 8월과 2002년 6월로 홍수기를 대상으로 RDAPS 모형, AWS, 상층기상관측(upper-air sounding)의 자료를 이용하였다. 또한 수치예보자료를 범주적 예측확률로 변환하고 인공신경망기법(ANN)을 이용하여 강수발생확률의 예측정확성을 향상시키는데 있다. 신경망의 예측인자로 사용된 대기변수는 500/ 750/ 1000hpa에서의 지위고도, 500-1000hpa에서의 층후(thickness), 500hpa에서의 X와 Y의 바람성분, 750hpa에서의 X와 Y의 바람성분, 표면풍속, 500/ 750hpa/ 표면에서의 온도, 평균해면기압, 3시간 누적 강수, AWS관측소에서 관측된 RDAPS모형 실행전의 6시간과 12시간동안의 누적강수, 가강수량, 상대습도이며, 예측변수로는 강수발생확률로 선택하였다. 강우는 다양한 대기변수들의 비선형 조합으로 발생되기 때문에 예측인자와 예측변수 사이의 복잡한 비선형성을 고려하는데 유용한 인공신경망을 사용하였다. 신경망의 구조는 전방향 다층퍼셉트론으로 구성하였으며 역전파알고리즘을 학습방법으로 사용하였다. 강수예측성과의 질을 평가하기 위해서 $2{\times}2$ 분할표를 이용하여 Hit rate, Threat score, Probability of detection, Kuipers Skill Score를 사용하였으며, 신경망 학습후의 강수발생확률은 학습전의 강수발생확률에 비하여 한반도영역에서 평균적으로 Kuipers Skill Score가 0.2231에서 0.4293로 92.39% 상승하였다.

• Journal of the Institute of Electronics and Information Engineers
• /
• 제50권7호
• /
• pp.68-75
• /
• 2013

Recently, there has been introduced various types of pairing computations to implement ID based cryptosystem for mobile ad hoc network. According to spreading the applications of pairing computations, various fault attacks have been proposed. Among them, a counter fault attack has been considered the strongest threat. Thus this paper proposes a new countermeasure to prevent the counter fault attack on Miller's algorithm. The proposed method is able to reduce the possibility of fault propagation by a random index of intermediate values. Additionally, it is difficult to challenge fault attacks on the proposed method since a simple side channel leakage of 'if' branch is eliminated.

• Convergence Security Journal
• /
• 제17권3호
• /
• pp.15-20
• /
• 2017

Cloud computing is a service that to use IT resources (software, storage, server, network) through various equipment in an Internet-enabled environment. Due to convenience, efficiency, and cost reduction, the utilization rate has increased recently. However, Cloud providers have become targets for attack Also, Abuse of cloud service is considered as the top security threat. The existing digital forensic procedures are suitable for investigations on individual terminals. In this paper, we propose a new investigation model by analyzing the vulnerable points that occur when you investigate the cloud environment with the existing digital forensic investigation procedure. The proposed investigation model adds a way to obtain account information, and can apply public cloud and private cloud together. Cloud services are also easily accessible and are likely to destroy digital evidence. Therefore, the investigation model was reinforced by adding an account access blocking step.

• Convergence Security Journal
• /
• 제11권6호
• /
• pp.53-58
• /
• 2011

There is increasing use of common commercial operation system and standard PCs to control industrial production systems, and cyber security threat for industrial facilities have emerged as a serious problem. Now these network connected ICS(Industrial Control Systems) stand vulnerable to the same threats that the enterprise information systems have faced and they are exposed to malicious attacks. In particular Stuxnet is a computer worm targeting a specific industrial control system, such as a gas pipeline or power plant and in theory, being able to cause physical damage. In this paper we present an overview of the general configuration and cyber security threats of a SCADA and investigate the attack tree analysis to identify and assess security vulnerabilities in SCADA for the purpose of response to cyber attacks in advance.