Browse > Article
http://dx.doi.org/10.15207/JKCS.2015.6.4.187

A Study on Secure Digital Convergence Curation System to WebShell  

Shin, Seung-Soo (Dept. of Information Security, Tongmyong University)
Kim, Jung-In (Dept. of Computer Engineering, Tongmyong University)
Lee, Jun-Yeon (Dept. of Media Engineering, Tongmyong University)
Publication Information
Journal of the Korea Convergence Society / v.6, no.4, 2015 , pp. 187-195 More about this Journal
Abstract
In the knowledge and information society which came into being with the advancements made in information and communication technology, there is an increasing perception of the importance of having knowledge and therefore being able to appropriately respond to the rapidly-changing society. Along with this, for the paradigm that stresses creativity and character, there must accompany advanced ways of conducting education which are capable of supporting changes in the educational objectives and contents. With respect to this, there is a need for sustained and long-term research into ways of utilizing SNS and ICT in the field of education. Accordingly, in this paper, a digital curation system was developed for educational contents that aim to develop one's creativity and character. Recently, web hacking is taking place actively. In this paper, a digital curation system that is secure against WebShell - one of the web hacking methods - is analyzed, as well as how to appropriately deal with this type of an attack.
Keywords
WebShell; Digital Curation; Web Security; Social Network Service; Creativity and Personality; ICT;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 In-hyu Jung, Soo-jin Jun, "Study in Image-Based Social Curation Interface Improvement to Build Self Identity", pp. 164-167, 2013.
2 Steven Rosenbaum, Curation: A Breakthrough from the Age of Info-Glut, Myungjin Publishing Co., Seoul, 2011.
3 Fischman W, Solomon B, Greenspan D, Gardner H, Making good: how young people cope with moral dilemmas at work. Cambridge: Harvard University Press. 2004.
4 Haesung Lee, Joonhee Kwon "The Survey about the Personalized Curation in the Age of Big Data", JAITC, pp. 124-126, 2013,
5 Department of Education, Creativity and personality education plan. Seoul: Department of Education. 2009
6 N. Kim, Elementary school teachers' conception and management conditions on creativity and character education. Master's Thesis, Ewha Womans University. 2012.
7 Open Web Application Security Project(OWASP), "OWASP Top 10 for 2013", 12 June, 2013.
8 Mirtalebi, A.; Khayyambashi, M.R., "Enhancing security of Web service against WSDL threats," Emergency Management and Management Sciences (ICEMMS), 2011 2nd IEEE International Conference on , vol., no., pp. 920-923, Aug. 2011
9 Darrell M. Kienzle and Matthew C. Elder. Recent worms: A survey and trends. In Proceedings of the 2003 ACM Workshop on Rapid Malcode, Washington, DC, pp. 40-49, October 2003.
10 David Moore, Vern Paxson, Stefan Savage, Colleen Shannon and Stuart Staniford, and Nicholas Weaver. Inside the slammer worm. IEEE Security and Privacy, 1(4), pp. 33-39, July 2003.
11 Prabhat K. Singh and Arun Lakhotia. Analysis and detection of computer viruses and worms: An annotated bibliography. ACM SIGPLAN Notices, 37(2) pp. 29-35, February 2002.
12 Shaikh, F.B.; Haider, S., "Security threats in cloud computing," Internet Technology and Secured Transactions (ICITST), 2011 International Conference, vol., no., pp.214-219, Dec. 11-14, 2011.
13 C. Kaufman, M. Spiciner, and R. Perlman, Network Security Private Communication in a PUBLIC World, 2nd Edition, Englewood Cliffs, NJ : Prentice Hall, 2002.
14 D.-Y. Kim, "Vulnerability Analysis for Industrial Control System Cyber Security," J. of the Korea Institute of Electronic Communication Sciences, vol.9, no.1, 2014, pp. 137-142.   DOI
15 D.-K. Kang, M.-Y. Hyun, and C.-S. Kim, "Cyber trap : Unknown Attack Detection System based on Virtual Honeynet," J. of the Korea Institute of Electronic Communication Sciences, vol.8, no.6, 2013, pp. 863-871.   DOI
16 Buehrer. G, Weide. B. W, Sivilotti. P A, "sing Parse Tree Validation to Prevent SQL Injection Attacks" In Proceedings of the 5th international Workshop on Software Engineering and Middleware, pp. 105-113, 2005.
17 Wei. K, Muthuprasanna. M, Kothari. S, "reventing SQL injection attacks in stored procedures" Software Engineering Conference 2006. Australian, pp. 18-21, 2006.