• Title/Summary/Keyword: system vulnerability

Search Result 1,000, Processing Time 0.032 seconds

Collision risk assessment based on the vulnerability of marine accidents using fuzzy logic

  • Hu, Yancai;Park, Gyei-Kark
    • International Journal of Naval Architecture and Ocean Engineering
    • /
    • v.12 no.1
    • /
    • pp.541-551
    • /
    • 2020
  • Based on the trend, there have been numerous researches analysing the ship collision risk. However, in this scope, the navigational conditions and external environment are ignored or incompletely considered in training or/and real situation. It has been identified as a significant limitation in the navigational collision risk assessment. Therefore, a novel algorithm of the ship navigational collision risk solving system has been proposed based on basic collision risk and vulnerabilities of marine accidents. The vulnerability can increase the possibility of marine collision accidents. The factors of vulnerabilities including bad weather, tidal currents, accidents prone area, traffic congestion, operator fatigue and fishing boat operating area are involved in the fuzzy reasoning engines to evaluate the navigational conditions and environment. Fuzzy logic is employed to reason basic collision risk using Distance to Closest Point of Approach (DCPA) and Time of Closest Point of Approach (TCPA) and the degree of vulnerability in the specific coastal waterways. Analytical Hierarchy Process (AHP) method is used to obtain the integration of vulnerabilities. In this paper, vulnerability factors have been proposed to improve the collision risk assessment especially for non-SOLAS ships such as coastal operating ships and fishing vessels in practice. Simulation is implemented to validate the practicability of the designed navigational collision risk solving system.

Prioritizing the Importance of the Factors Related to the Vulnerability of Agricultural Water Resources and Infra-structures to Climate Change (농어촌용수 및 농업생산기반시설에 대한 기후변화 취약성 관련인자 중요도 평가)

  • Choi, Youngwan;Jang, Min-Won;Bae, Seung-Jong;Jung, Kyung-Hun;Hwang, Syewoon
    • Journal of Korean Society of Rural Planning
    • /
    • v.25 no.1
    • /
    • pp.75-87
    • /
    • 2019
  • As the impacts of climate change have been emerged all the way through society, the potential risks specifically on agricultural water and facilities are recently getting concerned. Evaluating vulnerability of agriculture to climate change on is a time-tested strategy. While a number of researches on the adaption and mitigation of climate change were performed in various aspects for sustainable agricultural production, the vulnerability of management system for agricultural water and infrastructure has not been investigated yet. This study is aimed to clarify the definition of vulnerability to climate change, find the major indicators able to presume the vulnerability, and finally determine the relative importance of the indicators based on the specialist questionnaire survey and its analyses. The lists of indicators for major parts of agricultural water management such as, water use, flood control, reservoir related issues, and pumping and drainage systems are initialized referring to the related precedent studies. The primary survey was conducted in the form of Delphi to complement the list and methods and the main survey was then conducted using AHP(Analytic Hierarchy Process) technique to quantitatively prioritize the indicators. The results derived in this study would be directly adopted in weighting importance of indicators to investigate the indicator-based vulnerability analysis to climate change in agricultural water and infrastructure management.

SIEM OWASP-ZAP and ANGRY-IP Vulnerability Analysis Module and Interlocking (SIEM과 OWASP-ZAP및ANGRY-IP취약점분석모듈과 연동구현)

  • Yoon, Jong Moon
    • Convergence Security Journal
    • /
    • v.19 no.2
    • /
    • pp.83-89
    • /
    • 2019
  • In accordance with information security compliance and security regulations, there is a need to develop regular and real-time concepts for cyber-infringement attacks against network system vulnerabilities in branch and periodic forms. Vulnerability Analysis Analysis It is judged that it will be a countermeasure against new hacking attack in case of concept validation by interworking with TOOL. Vulnerability check module is standardized in event attribute management and ease of operation. Opening in terms of global sharing of vulnerability data, owasp zap / Angry ip Etc. were investigated in the SIEM system with interlocking design implementation method. As a result, it was proved that the inspection events were monitored and transmitted to the SIEM console by the vulnerability module of web and network target. In consideration of this, ESM And SIEM system In this paper, we propose a new vulnerability analysis method based on the existing information security consultation and the results of applying this study. Refer to the integrated interrelationship analysis and reference Vulnerability target Goal Hacking It is judged to be a new active concept against invasion attack.

An Improved Detection System for the Network Vulnerability Scan Attacks (네트워크 취약점 검색공격에 대한 개선된 탐지시스템)

  • You, Il-Sun;Cho, Kyung-San
    • The KIPS Transactions:PartC
    • /
    • v.8C no.5
    • /
    • pp.543-550
    • /
    • 2001
  • In this paper, an improved detection system for the network vulnerability scan attacks is proposed. The proposed system improves the methodology for detecting the network vulnerability scan attacks and provides a global detection and response capability that can counter attacks occurring across an entire network enterprize. Through the simulation, we show that the proposed system can detect vulnerable port attacks, coordinated attacks, slow scans and slow coordinated attacks. We also show our system can achieve more global and hierarchical response to attacks through the correlation between server and agents than a stand-alone system can make.

  • PDF

Evaluation for conjunctive operation of multi-regional water supply system through risk analysis (위기대응 취약성 분석을 통한 광역상수도 연계운영 평가)

  • Hwang, Jinsoo;Choi, Taeho;Hong, Gonghyun;Lee, Doojin;Koo, Jayong
    • Journal of Korean Society of Water and Wastewater
    • /
    • v.33 no.4
    • /
    • pp.269-279
    • /
    • 2019
  • This study would present a risk analysis method to evaluate stable tap water supply in a multi-regional water supply system and propose a measure for the evaluation of the effect of the conjunctive operation of the multi-regional water supply system using this. Judging from the vulnerability for the crisis response of the entire N. multi-regional water supply system, as compared to the result of Scenario 1 in which no conjunctive pipes were operated, it was found that in Scenario 2, in which conjunctive pipes were partially operated, the vulnerability of crisis response decreased by about 30.6%, and as compared to Scenario 3, the vulnerability of crisis response decreased by 86.2%. In setting a plan for stable tap water supply in N multi-regional water supply system, using the estimated value and the method for the evaluation of the vulnerability of crisis response by pipe, by interval and by line, it is judged that this can be utilized as a basis for the judgment of the evaluation of the operation or the additional installation of conjunctive pipes.

Modeling Vulnerability Discovery Process in Major Cryptocurrencies

  • Joh, HyunChul;Lee, JooYoung
    • Journal of Multimedia Information System
    • /
    • v.9 no.3
    • /
    • pp.191-200
    • /
    • 2022
  • These days, businesses, in both online and offline, have started accepting cryptocurrencies as payment methods. Even in countries like El Salvador, cryptocurrencies are recognized as fiat currencies. Meanwhile, publicly known, but not patched software vulnerabilities are security threats to not only software users but also to our society in general. As the status of cryptocurrencies has gradually increased, the impact of security vulnerabilities related to cryptocurrencies on our society has increased as well. In this paper, we first analyze vulnerabilities from the two major cryptocurrency vendors of Bitcoin and Ethereum in a quantitative manner with the respect to the CVSS, to see how the vulnerabilities are roughly structured in those systems. Then we introduce a modified AML vulnerability discovery model for the vulnerability datasets from the two vendors, after showing the original AML dose not accurately represent the vulnerability discovery trends on the datasets. The analysis shows that the modified model performs better than the original AML model for the vulnerability datasets from the major cryptocurrencies.

The Vulnerability Analysis for Virtualization Environment Risk Model Management Systematization (가상화 환경 위험도 관리체계화를 위한 취약점 분석)

  • Park, Mi-Young;Seung, Hyen-Woo;Lim, Yang-Mi
    • Journal of Internet Computing and Services
    • /
    • v.14 no.3
    • /
    • pp.23-33
    • /
    • 2013
  • Recently in the field of IT, cloud computing technology has been deployed rapidly in the current society because of its flexibility, efficiency and cost savings features. However, cloud computing system has a big problem of vulnerability in security. In order to solve the vulnerability of cloud computing systems security in this study, impact types of virtual machine about the vulnerability were determined and the priorities were determined according to the risk evaluation of virtual machine's vulnerability. For analyzing the vulnerability, risk measurement standards about the vulnerability were defined based on CVSS2.0, which is an open frame work; and the risk measurement was systematized by scoring for relevant vulnerabilities. Vulnerability risk standards are considered to suggest fundamental characteristics of vulnerability and to provide the degree of risks and consequently to be applicable to technical guides to minimize the vulnerability. Additionally, suggested risk standard of vulnerability is meaningful as the study content itself and could be used in technology policy project which is to be conducted in the future.

Development of Flood Vulnerability Index Estimation System (이상홍수 취약성 평가 시스템의 개발)

  • Jang, Dae-Won;Kim, Byung-Sik;Kim, Bo-Kyung;Yang, Dong-Min;Seoh, Byung-Ha
    • Proceedings of the Korea Water Resources Association Conference
    • /
    • 2008.05a
    • /
    • pp.410-413
    • /
    • 2008
  • We constructed the regional flood risk and damage magnitude using hazard and vulnerabilities which are climatic, hydrological, socio-economic, countermeasure, disaster probability components for DB construction on the GIS system. Also we developed the Excess Flood Vulnerability index estimation System(EFVS). By the construction of the System, we can perform the scientific flood management for the flood prevention and optional extreme flood defenses according to regional characteristics. In order to evaluate the performance of system, we applied EFVS to Anseong-chen in Korea, and the system's stabilization is appropriate to flood damage analysis.

  • PDF

A Study on the Definition of Security Requirements of Vulnerability Management in Analysis Step (분석단계에서 취약점 관리의 보안 요건 정의에 관한 연구)

  • Shin, Seong-Yoon;Lee, Hyun-Chang
    • Journal of the Korea Society of Computer and Information
    • /
    • v.20 no.3
    • /
    • pp.75-80
    • /
    • 2015
  • Vulnerability management is in compliance with security policies, and then, this is to ensure the continuity and availability of the business. In this paper, the application vulnerability management and IT infrastructure of the system is that it must be identified. And a viable vulnerability management plan should be drawn from the development phase. There are many that are not defined vulnerability in the area of identification and authentication, encryption, access control in identification and classification of vulnerabilities. They define the area without missing much in technical, managerial, and operational point of view. Determining whether the response of the identified vulnerability, and to select a countermeasure for eliminating the vulnerability.

A Study On Advanced Model of Web Vulnerability Scoring Technique (웹 취약점 스코어링 기법의 advanced 모델 연구)

  • Byeon, Autumn;Lim, Jong In;Lee, Kyong-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.1217-1224
    • /
    • 2015
  • Web application security problems are addressed by the web vulnerability analysis which in turn supports companies to understand those problems and to establish their own solutions. Ministry of Science, ICT and Future Planning (MSIP) has released its guidelines for analysis and assessment of the web vulnerability. Although it is possible to distinguish vulnerability items in a manner suggested in the MSIP's guidelines, MSIP's factors and criteria proposed in the guidelines are neither sufficient nor efficient in analyzing specific vulnerability entries' risks. This study discusses analysis of the domestic and international Vulnerability Scoring system and proposes an appropriate evaluating method for web vulnerability analysis.