• Title/Summary/Keyword: Vulnerability

Search Result 2,744, Processing Time 0.035 seconds

A study on automation of AV(Atomic Vulnerability) ID assignment (단위 취약점 식별자 부여 자동화에 대한 연구)

  • Kim, Hyung-Jong
    • Journal of Internet Computing and Services
    • /
    • v.9 no.6
    • /
    • pp.49-62
    • /
    • 2008
  • AV (Atomic Vulnerability) is a conceptual definition representing a vulnerability in a systematic way, AVs are defined with respect to its type, location, and result. It is important information for meaning based vulnerability analysis method. Therefore the existing vulnerability can be expressed using multiple AVs, CVE (common vulnerability exposures) which is the most well-known vulnerability information describes the vulnerability exploiting mechanism using natural language. Therefore, for the AV-based analysis, it is necessary to search specific keyword from CVE's description and classify it using keyword and determination method. This paper introduces software design and implementation result, which can be used for atomic vulnerability analysis. The contribution of this work is in design and implementation of software which converts informal vulnerability description into formal AV based vulnerability definition.

  • PDF

Vulnerability Analysis using the Web Vulnerability Scanner (Web Vulnerability Scanner를 이용한 취약성 분석)

  • Jang, Hee-Seon
    • Convergence Security Journal
    • /
    • v.12 no.4
    • /
    • pp.71-76
    • /
    • 2012
  • As the use of Mashups, web3.0, JavaScript and AJAX(Asynchronous JavaScript XML) widely increases, the new security threats for web vulnerability also increases when the web application services are provided. In order to previously diagnose the vulnerability and prepare the threats, in this paper, the classification of security threats and requirements are presented, and the web vulnerability is analyzed for the domestic web sites using WVS(Web Vulnerability Scanner) automatic evaluation tool. From the results of vulnerability such as XSS(Cross Site Scripting) and SQL Injection, the total alerts are distributed from 0 to 31,177, mean of 411, and standard deviation of 2,563. The results also show that the web sites of 22.5% for total web sites has web vulnerability, and the previous defenses for the security threats are required.

A Study for Rule Integration in Vulnerability Assessment and Intrusion Detection using Meaning Based Vulnerability Identification Method (의미기반 취약점 식별자 부여 기법을 사용한 취약점 점검 및 공격 탐지 규칙 통합 방법 연구)

  • Kim, Hyung-Jong;Jung, Tae-In
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.3
    • /
    • pp.121-129
    • /
    • 2008
  • This paper presents vulnerability identification method based on meaning which is making use of the concept of atomic vulnerability. Also, we are making use of decomposition and specialization processes which were used in DEVS/SES to get identifiers. This vulnerability representation method is useful for managing and removing vulnerability in organized way. It is helpful to make a relation between vulnerability assessing and intrusion detection rules in lower level. The relation enables security manager to response more quickly and conveniently. Especially, this paper shows a mapping between Nessus plugins and Snort rules using meaning based vulnerability identification method and lists usages based on three goals that security officer keeps in mind about vulnerability. The contribution of this work is in suggestion of meaning based vulnerability identification method and showing the cases of its usage for the rule integration of vulnerability assessment and intrusion detection.

Evaluation of Agricultural Drought Disaster Vulnerability Using Analytic Hierarchy Process (AHP) and Entropy Weighting Method (계층화분석 및 엔트로피 가중치 산정 방법에 따른 농업가뭄재해 취약성 평가)

  • Mun, Young-Sik;Nam, Won-Ho;Yang, Mi-Hye;Shin, Ji-Hyeon;Jeon, Min-Gi;Kim, Taegon;Lee, Seung-Yong;Lee, Kwang-Ya
    • Journal of The Korean Society of Agricultural Engineers
    • /
    • v.63 no.3
    • /
    • pp.13-26
    • /
    • 2021
  • Recent drought events in the South Korea and the magnitude of drought losses indicate the continuing vulnerability of the agricultural drought. Various studies have been performed on drought hazard assessment at the regional scales, but until recently, drought management has been response oriented with little attention to mitigation and preparedness. A vulnerability assessment is introduced in order to preemptively respond to agricultural drought and to predict the occurrence of drought. This paper presents a method for spatial, Geographic Information Systems-based assessment of agricultural drought vulnerability in South Korea. It was hypothesized that the key 14 items that define agricultural drought vulnerability were meteorological, agricultural reservoir, social, and adaptability factors. Also, this study is to analyze agricultural drought vulnerability by comparing vulnerability assessment according to weighting method. The weight of the evaluation elements is expressed through the Analytic Hierarchy Process (AHP), which includes subjective elements such as surveys, and the Entropy method using attribute information of the evaluation items. The agricultural drought vulnerability map was created through development of a numerical weighting scheme to evaluate the drought potential of the classes within each factor. This vulnerability assessment is calculated the vulnerability index based on the weight, and analyze the vulnerable map from 2015 to 2019. The identification of agricultural drought vulnerability is an essential step in addressing the issue of drought vulnerability in the South Korea and can lead to mitigation-oriented drought management and supports government policymaking.

Extended Linear Vulnerability Discovery Process

  • Joh, HyunChul
    • Journal of Multimedia Information System
    • /
    • v.4 no.2
    • /
    • pp.57-64
    • /
    • 2017
  • Numerous software vulnerabilities have been found in the popular operating systems. And recently, robust linear behaviors in software vulnerability discovery process have been noticeably observed among the many popular systems having multi-versions released. Software users need to estimate how much their software systems are risk enough so that they need to take an action before it is too late. Security vulnerabilities are discovered throughout the life of a software system by both the developers, and normal end-users. So far there have been several vulnerability discovery models are proposed to describe the vulnerability discovery pattern for determining readiness for patch release, optimal resource allocations or evaluating the risk of vulnerability exploitation. Here, we apply a linear vulnerability discovery model into Windows operating systems to see the linear discovery trends currently observed often. The applicability of the observation form the paper show that linear discovery model fits very well with aggregate version rather than each version.

Seismic damage vulnerability of empirical composite material structure of adobe and timber

  • Si-Qi Li
    • Earthquakes and Structures
    • /
    • v.25 no.6
    • /
    • pp.429-442
    • /
    • 2023
  • To study the seismic vulnerability of the composite material structure of adobe and timber, we collected and statistically analysed empirical observation samples of 542,214,937 m2 and 467,177 buildings that were significantly impacted during the 179 earthquakes that occurred in mainland China from 1976 to 2010. In multi-intensity regions, combined with numerical analysis and a probability model, a non-linear continuous regression model of the vulnerability, considering the empirical seismic damage area (number of buildings) and the ratio of seismic damage, was established. Moreover, a probability matrix model of the empirical seismic damage mean value was provided. Considering the coupling effect of the annual and seismic fortification factors, an empirical seismic vulnerability curve model was constructed in the multiple-intensity regions. A probability matrix model of the mean vulnerability index (MVI) was proposed, and was validated through the above-mentioned reconnaissance sample data. A matrix model of the MVI of the regions (19 provinces in mainland China) based on the parameter (MVI) was established.

The Vulnerability Analysis for Virtualization Environment Risk Model Management Systematization (가상화 환경 위험도 관리체계화를 위한 취약점 분석)

  • Park, Mi-Young;Seung, Hyen-Woo;Lim, Yang-Mi
    • Journal of Internet Computing and Services
    • /
    • v.14 no.3
    • /
    • pp.23-33
    • /
    • 2013
  • Recently in the field of IT, cloud computing technology has been deployed rapidly in the current society because of its flexibility, efficiency and cost savings features. However, cloud computing system has a big problem of vulnerability in security. In order to solve the vulnerability of cloud computing systems security in this study, impact types of virtual machine about the vulnerability were determined and the priorities were determined according to the risk evaluation of virtual machine's vulnerability. For analyzing the vulnerability, risk measurement standards about the vulnerability were defined based on CVSS2.0, which is an open frame work; and the risk measurement was systematized by scoring for relevant vulnerabilities. Vulnerability risk standards are considered to suggest fundamental characteristics of vulnerability and to provide the degree of risks and consequently to be applicable to technical guides to minimize the vulnerability. Additionally, suggested risk standard of vulnerability is meaningful as the study content itself and could be used in technology policy project which is to be conducted in the future.

A quantitative assessment method of network information security vulnerability detection risk based on the meta feature system of network security data

  • Lin, Weiwei;Yang, Chaofan;Zhang, Zeqing;Xue, Xingsi;Haga, Reiko
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.12
    • /
    • pp.4531-4544
    • /
    • 2021
  • Because the traditional network information security vulnerability risk assessment method does not set the weight, it is easy for security personnel to fail to evaluate the value of information security vulnerability risk according to the calculation value of network centrality, resulting in poor evaluation effect. Therefore, based on the network security data element feature system, this study designed a quantitative assessment method of network information security vulnerability detection risk under single transmission state. In the case of single transmission state, the multi-dimensional analysis of network information security vulnerability is carried out by using the analysis model. On this basis, the weight is set, and the intrinsic attribute value of information security vulnerability is quantified by using the qualitative method. In order to comprehensively evaluate information security vulnerability, the efficacy coefficient method is used to transform information security vulnerability associated risk, and the information security vulnerability risk value is obtained, so as to realize the quantitative evaluation of network information security vulnerability detection under single transmission state. The calculated values of network centrality of the traditional method and the proposed method are tested respectively, and the evaluation of the two methods is evaluated according to the calculated results. The experimental results show that the proposed method can be used to calculate the network centrality value in the complex information security vulnerability space network, and the output evaluation result has a high signal-to-noise ratio, and the evaluation effect is obviously better than the traditional method.

Vulnerability Assessment and Analysis of Gangwon Provincial Forest Sector in Response to Climate Change (기후변화 대비 강원 지역 산림부문 현황 분석 및 취약성 평가)

  • Chae, Hee-Mun;Lee, Hyun-Ju;Um, Gi-Jeung
    • Journal of Forest and Environmental Science
    • /
    • v.28 no.2
    • /
    • pp.106-117
    • /
    • 2012
  • In an effort to analyze the impact of climate change, Gangwon provincial forest was divided into three sectors; forest ecology, forest disaster, and forest productivity and analysis of their current status from 2000 to 2009 and vulnerability assessment by climate change has been carried in this study. In case of vulnerability assessment, except for the forest ecology, forest disaster (forest fires and forest pests) and forest productivity sectors were analyzed in current status, the year of 2020, and 2050. It turned out that vulnerability of forest fires in the field of disaster would become worse and forest pests also would make more impact even though there is some variation in different areas. In case of the vulnerability of forest productivity there would be not a big difference in the future compared with current vulnerability. Systematic research on the sensitivity index used for vulnerability assessment is necessary since vulnerability assessment result greatly depends on the use of climate exposure index and adaptive capacity index.

Study of a Flood Vulnerability Assessment for Climate Change and Utilizing the Vulnerability-based Disaster Response in Jeju-do (기후변화에 따른 제주도의 홍수 취약성 평가 및 취약성 기반 소방 대응 활용 연구)

  • Lim, Chae-Hyun;Park, Yong-Yi
    • Fire Science and Engineering
    • /
    • v.30 no.6
    • /
    • pp.64-70
    • /
    • 2016
  • This study assessed the flood vulnerability of Jeju-do depending on climate change using VESTAP. The results showed that the flood vulnerability of Jeju-do in the future (2020s, 2030s and 2040s) will increase continuously compared to the present time (2010s). In particular, the flood vulnerability of Jeju-si is expected to be higher than Seogwipo-si prior to 2030s. Conversely, the flood vulnerability of Seogwipo-si is expected to be higher than Jeju-si after 2030. These analysis results confirmed the characteristics of flood vulnerability between Seogwipo-si and Jeju-si and the growth of flood vulnerability entirely within Jeju-do.