• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.527-545
• /
• 2022

In order to effectively detect APT attacks performed by well-organized adversaries, we implemented a system to detect attacks by reconstructing attack chains of APT attacks. Our attack chain-based APT attack detection system consists of 'events collection and indexing' part which collects various events generated from hosts and network monitoring tools, 'unit attack detection' part which detects unit-level attacks defined in MITRE ATT&CK^® techniques, and 'attack chain reconstruction' part which reconstructs attack chains by performing causality analysis based on provenance graphs. To evaluate our system, we implemented a test-bed and conducted several simulated attack scenarios provided by MITRE ATT&CK Evaluation program. As a result of the experiment, we were able to confirm that our system effectively reconstructed the attack chains for the simulated attack scenarios. Using the system implemented in this study, rather than to understand attacks as fragmentary parts, it will be possible to understand and respond to attacks from the perspective of progress of attacks.

• The Korean Journal of Archival Studies
• /
• no.75
• /
• pp.5-39
• /
• 2023

More than 20 years after introducing the public records management system in Korea, the criteria and methodologies for archival appraisal and selection are still unclear. Modern archival appraisal theories have developed in two orientations, such as provenance and pertinence. This study aims to investigate the methodological implications of each theoretical orientation of archival appraisal and to suggest some directions for improving the appraisal practices and policies. Firstly, archival appraisal theories are analyzed according two orientations. Secondly, four methodologies are derived from combining the macro/micro dimension and theoretical orientations. Thirdly, the methodological orientations of the criteria for selecting permanent records presented in the Public Records Management Act are analyzed. Finally, based on these analyses, appraisal policies and practices for selecting the records with permanent value are proposed to be improved.

• Journal of the Korean earth science society
• /
• v.41 no.6
• /
• pp.588-598
• /
• 2020

The seafloor geology of Ieodo, a submerged volcanic island, has been poorly understood, although this place has gained considerable attention for ocean and climate studies. The main purpose of the study is to understand and elucidate types, distribution patterns and provenance of the surficial sediments in and around the Ieodo area. For this purpose, 25 seafloor sediments were collected using a box-corer, these having been analyzed for grain sizes. XRD (X-ray Diffraction) analysis of fine-grained sediments was conducted for characterizing clay minerals. The peak of Ieodo exists in the northern region, while in the southern area, shore platforms occur. The extensive platform in the south results from severe erosion by strong waves. However, the northern peak still survived from differential weathering. Grain size analyses indicated that gravels and gravelly sands with skeletons and shells were distributed predominantly on the volcanic apron and shore platform. Muddy sediments were found along the Ieodo and the adjacent deeper seafloor. Based on the analysis of clay mineral composition, illites were the most abundant in fine muds, followed by chlorites and kaolinites. The ratio plots of clay minerals for the provenance discrimination suggested that the Ieodo muds were likely to be derived from the Yangtze River (Changjiang River). As a consequence, gravels and gravelly sands with bioclastics may be supplied from the Ieodo volcanic apron by erosion processes. Wave activities might play a major role in transportation and sedimentation. In contrast, fine muds were assumed to be derived from the inflow of the Yangtze River, particularly in summer. Deposition in the Ieodo area is, therefore, probably controlled by the inflow from the Changjiang Dilute Water and summer typhoons from the south.

• Analytical Science and Technology
• /
• v.24 no.4
• /
• pp.256-265
• /
• 2011

Ambers have been used as a gemstone and a religious object since the ancient times and found in several archaeological sites in Korea. To prepare an enhanced conservation measures, we surveyed the chemical and spectroscopic properties of the ambers according to the provenance. Total 14 amber samples were collected from 6 different provenances including Baltic, Chiapas, Colombian, Dominican, Fushun and Madagascar amber. Infrared (IR) spectroscopic analysis was conducted for the non-destructive examination of the amber samples. They were also analyzed with pyrolysis/GC/MS (py/GC/MS) at the pyrolysis temperature of $300^{\circ}C$ with the on-line derivatization to trimethylsilyl ester. Baltic shoulder corresponding to the absorption at $1250cm^{-1}{\sim}1150cm^{-1}$ appeared in the IR spectrum of Baltic amber. IR spectra of the other ambers also showed somewhat distinctive characteristic peaks. In py/GC/MS analysis peaks assignable to succinic acid, dehydroabietic acid and pimaric acid were detected, which are known to be the components of the amber. In the meanwhile, the presence of compounds appearing in certain amber will be applied to differentiate the provenances of amber relics if their fragments are available for the analysis. These results are expected to help the confirmation of archaeological amber relics and archaeometric interpretation of provenances and manufacturing techniques.

• 보존과학연구
• /
• s.22
• /
• pp.53-79
• /
• 2001

The scientific analysis and provenance study of potteries excavated from kiln site at Gyeongsang Nam-do were carried out using XRD, ICP-AES and NAA. We can summary the following Result :1. As a result of XRD analysis, it showed that soft potteries consisted of quartz, feldspar and clay minerals while hard potteries consisted of high temperature crystals such as mullite, tridymite, cristobalite.In case of firing temperature which are determined by XRD, potteries consisted of quartz, feldspar and clay mineral had very low firing temperature. While potteries having only cristobalite ranged above $1200^{\circ}C$.2. As a result of correlation analysis using trace element, the selected characteristic elements which was able to distinguish from each kiln site was Sm, Cs, Sc, Eu, Hf.3. Discriminant analytical showed that each kiln site were classified into 4-gruops;Kimhaeci Daesungdong, Hamangun Myosari, Changyounggun Yochori and one group mixed KimhaeciGuosandong, Kimhaeci Samgyeri. This suggests that there are no correlations between the raw materials used in each kiln sites except Kimhaeci Guosandong, Kimhaeci Samgyeri.

• 보존과학연구
• /
• s.23
• /
• pp.5-39
• /
• 2002

The scientific analysis and provenance study of potteries excavated from kiln sites at Jeonla Nam. Buk-do were carried out using XRD,ICP-AES and NAA. We can summarize the following consequence. First, as a result of XRD analysis, it showed that soft potteries consist of quartz, feldspar and clay minerals while hard potteries consist of high temperature crystals such as mullite, tridymite, cristobalite. In case of firing temperature which are determined by crystals using XRD, potteries are composed of quartz, feldspar and clay minerals had very low firing temperature. While potteries having only cristobalite ranged above$1200^{\circ}C$. Second, as a result of correlation analysis using trace element, the selected characteristic elements which was able to distinguish from each kiln site was Ce, Lu, Cs, Sc, Eu. Third, discriminant analytical results showed that kiln site of the Jeonla Namdo were classified into five groups and that of the Jeolna Buk-do into three groups. This suggests that there are no correlations between the raw materials used in each kiln sites.

• Journal of Conservation Science
• /
• v.30 no.4
• /
• pp.345-351
• /
• 2014

Chemical and Pb isotope analysis were performed in order to determine the origin of bronze artefacts excavated from the Inyongsaji site in South Korea. The result of ICP-MS shows that they are tin bronzes in which lead was not intentionally added during production. Pb isotope data analyzed by TIMS are plotted in the southern region of Korea and China of the distribution map drawn by Mabuchi(1985). On the other hand, the identical isotope data are plotted in the Taebaek basin and the Olcheon metamorphic belt correspondent to zone2 and zone3 respectively. It is believed that the isotope data on the tin bronzes which have very low lead content can be used to trace the origin of copper ore rather than those of either lead or tin ore. Pb istope analysis allows diverse interpretation as it can be applied to any object containing trace amounts of lead. In addition, accumulation of isotope data as well as further studies will improve reliability of the provenance studies.

• Journal of the Mineralogical Society of Korea
• /
• v.31 no.2
• /
• pp.123-135
• /
• 2018

This study tried to find the clue to Seokrok province by comparing Seokrok used in painting culture properties with Seokrok ore from domestic occurrence and imported Seokrok ore. To this end, chemical and mineralogical characteristics of painting cultural properties were identified with portable X-ray Florescence (p-XRF), micro X-ray diffraction (micro XRD) and SEM/EDS Analysis. To obtain Pb isotopic ratio, the Pb contained in Seokrok has been analyzed with Thermal Ionization Mass Spectrometer. Atacamite (or botallackite) and small quantity of brochantite were identified from Seokrok in Dancheong, and malachite was also identified from Buddhist painting besides those two ingredients. Without distinction of type, most Seokrok used in painting cultural properties is atacamite composed of Cu and Cl. From Pb isotope analysis, it was found that Seokrok in painting cultural properties was closer to that of north Korea, north China and Japan than south Korea as in regional division for East North Asia suggested by Mabuchi. The Pb isotopic ratio of domestic green mineral belongs to the distribution of Seokrok inside the painting cultural properties but imported malachite showed considerably difference. Considering the fact that atacamite, the main mineral of Seokrok in painting cultural properties is rarely produced from southern mine of the Korean Peninsula and the result of Pb isotope analysis.

• Journal of Conservation Science
• /
• v.25 no.3
• /
• pp.335-345
• /
• 2009

This paper presents investigations on 60 glass beads excavated from floorless tombs of Eunpyeong Newtown site to figure out composition and lead isotope ratio by SEM-EDS and TIMS, which show the difference between their compositions and Pb provenance of lead glass. The results of the composition analysis are that excavated glass are mainly divided into Potash glass($K_2O$-CaO-$SiO_2$) and Potash-lead glass($K_2O$-PbO-$SiO_2$) and the samples excavated from III-3 floorless tombs No.1005 are presumed not glass but Quartz. The transparent 9 lead glasses excavated from II-3 floorless tomb No.101 and III-3 floorless tomb No.908 seem to be manufactured by the same raw material at same site because the concentration of their compositions are well accorded with each other and deviations of them are very limited. As a result of principal component analysis(PCA), glass beads excavated are largely assort to two groups, Potash glass and Potash lead glass as well. That is, glass beads excavated from Eunpyeoung Newtown sites are quite different two types of main composition. In addition, the results of Pb provenance analysis used in lead glass confirm that most lead glass are significantly correlated with galena of northern China.

• Economic and Environmental Geology
• /
• v.57 no.3
• /
• pp.343-352
• /
• 2024

Composition analysis and lead isotope ratio analysis were conducted to determine the coloring machanism on lead glaze used in Gyeongbokgung Palace and the provenance of the lead used as a flux. 31 blue tiles were classified into green, blue, and yellow. The chemical analysis of lead glazes on the blue tiles revealed that Pb, Si, and Cu were the main components, and trace amounts of Fe, Ca, Mg, and Al were detected. The Cu content was high in blue lead glaze, while Cu was not detected in yellow or brown lead glaze which instead had high Fe content. Therefore, it was found that lead was used as a flux and copper oxide as a coloring agent in the production of lead glaze. In addition, the lead isotope ratios of the lead glaze used in the blue tiles of Gyeongbokgung palace were plotted in zone 3 on the distribution map of lead isotope ratios on the Korean Peninsula, which includes Chungcheong-do and Jeolla-do. It is presumed that the flux for the lead glaze was sourced from galena found in these regions. The lead isotope ratios of the green glaze from the Three Kingdoms and Unified Silla period were mostly located outside the Korean Peninsula, showing that the provenance of lead had changed. In particular, the lead isotope ratios of the green glaze from the Three Kingdoms and Unified Silla period suggest exchange with neighboring countries. Also the lead isotope ratios of the green glazes from the same temple are different, so it is believed that they were made at different times or in different workshops.