• Title/Summary/Keyword: ${\mu}$-webpage

Search Result 2, Processing Time 0.018 seconds

Design and Implementation of μ-Webpage based on QR Code (QR 코드 기반 마이크로 웹페이지 설계 및 구현)

  • Ha, Sunju;Eun, Seongbae;So, SeonSub;Yun, Young-Sun;Jung, Jinman
    • KIISE Transactions on Computing Practices
    • /
    • v.21 no.3
    • /
    • pp.239-246
    • /
    • 2015

  • QR(Quick Response) Code has been developed to provide greater storage capacity and more functionality compared to 1D bar codes. With the emergence of increasingly mobile devices equipped with cameras such as smart-phones and tablets, QR codes have become very popular and more important in mobile businesses. Typically, most QR codes are used as a URL link for redirecting users to webpages. However, the URL based QR codes are required to be connected over the internet and to be run a server. This can incur unnecessary traffics in the Internet. Furthermore, it is not suitable for the country lagging behind others in its network infrastructure. In this paper, we propose a server-less ${\mu}$-webpage to provide mobile web services and be optimized for the capabilities and limitations of QR Code. We have implemented the ${\mu}$-webpage in Android, and the results showed that the proposed mechanism can provide web-services without requiring extra servers or incurring mobile traffic data compared to the URL-based QR Codes.

  • https://doi.org/10.5626/KTCP.2015.21.3.239 인용 KSCI

A Source Code Cross-site Scripting Vulnerability Detection Method

  • Mu Chen;Lu Chen;Zhipeng Shao;Zaojian Dai;Nige Li;Xingjie Huang;Qian Dang;Xinjian Zhao
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.6
    • /
    • pp.1689-1705
    • /
    • 2023

  • To deal with the potential XSS vulnerabilities in the source code of the power communication network, an XSS vulnerability detection method combining the static analysis method with the dynamic testing method is proposed. The static analysis method aims to analyze the structure and content of the source code. We construct a set of feature expressions to match malignant content and set a "variable conversion" method to analyze the data flow of the code that implements interactive functions. The static analysis method explores the vulnerabilities existing in the source code structure and code content. Dynamic testing aims to simulate network attacks to reflect whether there are vulnerabilities in web pages. We construct many attack vectors and implemented the test in the Selenium tool. Due to the combination of the two analysis methods, XSS vulnerability discovery research could be conducted from two aspects: "white-box testing" and "black-box testing". Tests show that this method can effectively detect XSS vulnerabilities in the source code of the power communication network.

  • https://doi.org/10.3837/tiis.2023.06.009 인용 PDF HTML