• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1191-1204
• /
• 2012

As attackers try to paralyze information security systems, many researchers have investigated security testing to analyze vulnerabilities of information security products. Penetration testing, a critical step in the development of any secure product, is the practice of testing a computer systems to find vulnerabilities that an attacker could exploit. Security testing like penetration testing includes gathering information about the target before the test, identifying possible entry points, attempting to break in and reporting back the findings. Therefore, to obtain maximum generality, re-usability and efficiency is very useful for efficient security testing and vulnerability hunting activities. In this paper, we propose a threat analysis based software security testing technique for evaluating that the security functionality of target products provides the properties of self-protection and non-bypassability in order to respond to attacks to incapacitate or bypass the security features of the target products. We conduct a security threat analysis to identify vulnerabilities and establish a testing strategy according to software modules and security features/functions of the target products after threat analysis to improve re-usability and efficiency of software security testing. The proposed technique consists of threat analysis and classification, selection of right strategy for security testing, and security testing. We demonstrate our technique can systematically evaluate the strength of security systems by analyzing case studies and performing security tests.

• Informatization Policy
• /
• v.24 no.4
• /
• pp.68-78
• /
• 2017

Malicious codes are currently becoming more complex and diversified, causing various problems spanning from simple information exposure to financial or psychologically critical damages. Even though many researches have studied using reverse engineering to detect these malicious codes, malicious code developers also utilize bypassing techniques against the code analysis to cause obscurity in code understanding. Furthermore, rootkit techniques are evolving to utilize such bypassing techniques, making it even more difficult to detect infection. Therefore, in this paper, we design the analysis process as a more agile countermeasure to malicious codes that bypass analysis techniques. The proposed analysis process is expected to be able to detect these malicious codes more efficiently.

• Journal of Advanced Navigation Technology
• /
• v.16 no.3
• /
• pp.488-494
• /
• 2012

This paper classifies the self-defense techniques used by the malicious software based on their approaches, introduces the packing technique as one of the code protection methods and proposes a way to quickly analyze the packed malicious codes. Packing technique hides a malicious code and restore it at runtime. To analyze a packed code, it is initially required to find the entry point after restoration. To find the entry point, it has been used reversing the packing routine in which a jump instruction branches to the entry point. However, the reversing takes too much time because the packing routine is usually obfuscated. Instead of reversing the routine, this paper proposes an idea to search some features of the startup code in the standard library used to generate the malicious code. Through an implementation and a consequent empirical study, it is proved that the proposed approach is able to analyze malicious codes faster.

• Journal of Power Electronics
• /
• v.15 no.6
• /
• pp.1673-1681
• /
• 2015

A low dropout (LDO) regulator with a wide-bandwidth is proposed in this paper. The regulator features a Human Body Model (HBM) 8kV-class high robustness ElectroStatic Discharge (ESD) protection circuit, and two error amplifiers (one with low gain and wide bandwidth, and the other with high gain and narrow bandwidth). The dual error amplifiers are located within the feedback loop of the LDO regulator, and they selectively amplify the signal according to its ripples. The proposed LDO regulator is more efficient in its regulation process because of its selective amplification according to frequency and bandwidth. Furthermore, the proposed regulator has the same gain as a conventional LDO at 62 dB with a 130 kHz-wide bandwidth, which is approximately 3.5 times that of a conventional LDO. The proposed device presents a fast response with improved load and line regulation characteristics. In addition, to prevent an increase in the area of the circuit, a body-driven fabrication technique was used for the error amplifier and the pass transistor. The proposed LDO regulator has an input voltage range of 2.5 V to 4.5 V, and it provides a load current of 100 mA in an output voltage range of 1.2 V to 4.1 V. In addition, to prevent damage in the Integrated Circuit (IC) as a result of static electricity, the reliability of IC was improved by embedding a self-produced 8 kV-class (Chip level) ESD protection circuit of a P-substrate-Triggered Silicon Controlled Rectifier (PTSCR) type with high robustness characteristics.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.17 no.1
• /
• pp.17-24
• /
• 2003

In this paper, a high efficiency leakage transformer for neon tube is developed to improve its power factor, to reduce its core loss and weight by using a technique of shape optimization and grain direction of non-oriented silicon steel strip. A protection circuit is designed for all types of neon transformer loaded with one or more neon tubes. Whenever the neon tube fails to be started up or comes to the life end, or encounters faults with open-circuits at the output terminals of the neon transformer, the electronic type protection circuit will be initiated to avoid more critical hazards. These neon transformers need a electronic type protection circuit to prevent from current stresses on circuit components by neon tube fail. The input of the transformer is automatically cut on when the abnormal condition occurs, preventing waste of no-load power.

• Proceedings of the Korean Institute of Surface Engineering Conference
• /
• 2016.11a
• /
• pp.105-105
• /
• 2016

Recently, high power impulse magnetron sputtering (HIPIMS) has attracted considerable attentions due to its high potential for industrial applications. By pulsing the sputtering target with high power density and short duration pulses, a high plasma density and high ionization of the sputtered species can be obtained. HIPIMS has exhibited several merits such as increased coating density, good adhesion, microparticle-free and smooth surface, which make the HIPIMS technique desirable for synthesizing hard coatings. However, hard coatings present intrinsic defects (columnar structures, pinholes, pores, discontinuities) which can affect the corrosion behavior, especially when substrates are active alloys like steel or in a wear-corrosion process. Atomic layer deposition (ALD), a CVD derived method with a broad spectrum of applications, has shown great potential for corrosion protection of high-precision metallic parts or systems. In ALD deposition, the growth proceeds through cyclic repetition of self-limiting surface reactions, which leads to the thin films possess high quality, low defect density, uniformity, low-temperature processing and exquisite thickness control. These merits make ALD an ideal candidate for the fabrication of excellent oxide barrier layer which can block the pinhole and other defects left in the coating structure to improve the corrosion protection of hard coatings. In this work, CrN/Al2O3/CrN multilayered coatings were synthesized by a hybrid process of HIPIMS and ALD techniques, aiming to improve the CrN hard coating properties. The influence of the Al2O3 interlayer addition, the thickness and intercalation position of the Al2O3 layer in the coatings on the microstructure, surface roughness, mechanical properties and corrosion behaviors were investigated. The results indicated that the dense Al2O3 interlayer addition by ALD lead to a significant decrease of the average grain size and surface roughness and greatly improved the mechanical properties and corrosion resistance of the CrN coatings. The thickness increase of the Al2O3 layer and intercalation position change to near the coating surface resulted in improved mechanical properties and corrosion resistance. The mechanism can be explained by that the dense Al2O3 interlayer acted as an excellent barrier for dislocation motion and diffusion of the corrosive substance.

• Korean Journal of Social Welfare
• /
• v.45
• /
• pp.220-249
• /
• 2001

In order to understand the provision of social welfare in Korea, this study puts forward a method to measure and tracks the welfare mix, and applies the method to Korea. This is the goal of this study, which is in three parts. First, I critically review the concept of welfare pluralism and develop the welfare mix model, Second, I present a methodology and technique for measuring and systematically comparing the components of the welfare mix. Third, I examine the roles of five welfare providers including state, market, non-profit organization, enterprise and family in the welfare mix of Korea. This study argues that the welfare mix in Korea has some characteristics of 'residual state, expanded market, negligible voluntary sector, and protective family'. The state in Korea has played a relatively little role in the provision of social welfare, enforcing most Koreans being with a meagre social protection. Thus, most of the 'left' needs for social welfare has to be met in the private sector composed of market and enterprises. In addition, in a situation that self/mutual help through family or community is encouraged, the family has played an important role in the welfare mix. But the role of voluntary sector in the welfare mix has remained negligible. Consequently, the characteristics of the welfare mix in Korea can be best described by a welfare society rather than a welfare state.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2006.05a
• /
• pp.573-576
• /
• 2006

Recently, the standard work of the copyright of the Digital content is not completed. And the content providers are developing self's copyright protecting technique. here is some problem such as the confusion existed in the copyright protecting and management system. The reason is that the company using different technique when developing the Digital Contents. Now, there is a standard working leaded by the MPEG. It's called MPEG-21 Multimedia framework and the REL is parted of the Intellectual Property Management and Protection included the framework. And the REL's standard working is completed. The Intellectual Property Management and Protection system contain license server, tool server, metadate server and consume server. In this paper, In order to management and protect the Digital Content copyright, We applying the REL, One of the contents of the MPEG-21 framework to design and implementation the License Server manage the settlement and the consumption information and the Tool Server manage and transport the Tools used from Digital Contents formation to the Digital Contents consumption.

• Fire Science and Engineering
• /
• v.25 no.5
• /
• pp.21-31
• /
• 2011

This study aimed at evaluating and developing 119 emergency medical technicians' prehospital care for non-traumatic cardiac arrest. Total 322 EMT in Chungnam province and Daejeon city filled out the self-administered questionnaire. The data were analyzed by SPSS 18.0 for descriptive statistics. Among the 322 EMT, 309 (97%) and 169(53%) always or almost performed CPR and AED for nontraumatic cardiac arrest patient, respectively. Among the advanced EMT and nurse, IV were sometimes or not performed at 94.7% and medication including epinephrine which commonly used for survival of cardiac arrest were treated just at 9.3 % (14 person). The reason they did not perform each procedure for airway management, AED or IV was lack of manpower, limit of time or joggle of ambulance and legal restrictions. In conclusion, to increase survival rate of non-traumatic cardiac arrest in out-of-hospital, it is necessary to increase manpower, legal protection of EMS, establishment of standard operating procedure, practice for improvement technique and use of medication for ACLS.

• Korean Security Journal
• /
• no.9
• /
• pp.201-235
• /
• 2005

This study is designed to contribute for development of Private Security Business by fact-finding in instruction and training of private security guard serviced in this realm and domestic and foreign guard service and modeling effective and rational instruction and training program based on drawn problem. For this study, basically I collected and analyzed documents, theses, and papers of the inside and outside of the country. For practical use of data, I used materials of private security related institutes and police agency. And for private security educating training programs of the inside and outside of the country, I collected materials on internet, and with the help of police agency and interpol. For korean private security company's educating training programs, I made a study with the interview of private security company's businessmen. This study's conclusion is as follows. In a domestic private security enterprise, when set theory instruction minimize instruction and training program and must set up instruction and training program as practical affairs center enemy instruction, and theory instruction must be composed for instruction me that it is connected to practical affairs instruction too. The instruction course of private security guard instruction and training program composed with a security outline, a security plan, an information-gathering, civilian expenses, a security way, terror and terrorism, a related law, security trial, electronic security, a security analysis technique, company introduction, instruction and training program about a professional tube with theory instruction. Practical affairs instruction composed with the selection and a preventive security, close contact attendance security, vehicle security, security driving the security martial arts and self-protection liquor, first aid, security equipment, a gun and shooting, a security protocol, customer satisfaction, facilities security and expenses, a fire fighting instruction, teamwork training, explosive and a dangerous substance, physical strength, a documentation practical affairs, service, instruction and training program about foreigh language instruction.