• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.19-26
• /
• 2006

Recently, web server hacking is trending toward web application hacking which uses comparatively vulnerable web applications based on open sources. And, it is possible to hack databases using web interfaces because web servers are usually connected databases. Web application attacks use vulnerabilities not in web server itself, but in web application structure, logical error and code error. It is difficult to defend web applications from various attacks by only using pattern matching detection method and code modification. In this paper, we propose a method to secure the web applications based on profiling which can detect and filter out abnormal web application requests.

• The KIPS Transactions:PartA
• /
• v.8A no.4
• /
• pp.447-454
• /
• 2001

Various caching and prefetching algorithms have been investigated to identify and effective method for improving the performance of I/O devices. A prefetching algorithm decreases the processing time of a system by reducing the number of disk accesses when an I/O is needed. This paper proposes an AMBA prefetching method that is an extended version of the OBA prefetching method. The AMBA prefetching method will prefetching blocks continuously as long as disk bandwidth is enough. In this method, though there were excessive data request rate, we would expect efficient prefetching. And in the AMBA prefetching method, to prevent the cache pollution, it limits the number of data blocks to be prefetched within the cache area. It can be implemented in a user-level File System based on a Linux Operating System. In particular, the proposed prefetching policy improves the system performance by about 30∼40% for large files that are accessed sequentially.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.9
• /
• pp.279-292
• /
• 2014

Energy aware server cluster aims to reduce power consumption at maximum while keeping QoS(quality of service) as much as energy non-aware server cluster. In the existing methods of energy aware server cluster, they calculate the minimum number of active servers needed to handle current user requests and control server power mode in a fixed time interval to make only the needed servers ON. When loads change rapidly, QoS of the existing methods become degraded because they cannot increase the number of active servers so quickly. To solve this QoS problem, we classify load change situations into five types of rapid growth, growth, normal, decline, and rapid decline, and apply five different thresholds respectively in calculating the number of active servers. Also, we use a flexible scheme to adjust the above classification criterion for multi threshold, considering not only load change but also the remaining capacity of servers to handle user requests. We performed experiments with a cluster of 15 servers. A special benchmarking tool called SPECweb was used to generate load patterns with rapid change. Experimental results showed that QoS of the proposed method is improved up to the level of energy non-aware server cluster and power consumption is reduced up to about 50 percent, depending on the load pattern.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.

• Journal of KIISE:Information Networking
• /
• v.29 no.6
• /
• pp.595-612
• /
• 2002

One of the most important issues in guaranteeing the high degree of QoS on mobile computing is how to reduce hand-off drops caused by lack of available bandwidth in a new cell. Each cell can request bandwidth reservation to its adjacent cells for hand-off calls. This reserved bandwidth can be used only for hand-offs, not for new calls. It is also important to determine how much of bandwidth should be reserved for hand-off calls because reserving too much would increase the probability of a new call being blocked. Therefore, it is essential to develop a new mechanism to provide QoS guarantee on a mobile computing environment by reserving an appropriate amount of bandwidth and call admission control. In this paper. bandwidth reservation and call admission control mechanisms are proposed to guarantee a consistent QoS for multimedia traffics on a mobile computing environment. For an appropriate bandwidth reservation, we propose an adaptive bandwidth reservation mechanism based on an MPP and a 2-tier cell structure. The former is used to predict a next move of the client while the latter to apply our mechanism only to the client with a high hand-off probability. We also propose a call admission control that performs call admission test only on PNC(Predicted Next Cell) of a client and its current cell. In order to minimize a waste of bandwidth caused by an erroneous prediction of client's location, we utilize a common pool and QoS adaptation scheme. In order evaluate the performance of our call admission control mechanism, we measure the metrics such as the blocking probability of new calls, dropping probability of hand-off calls, and bandwidth utilization. The simulation results show that the performance of our mechanism is superior to that of the existing mechanisms such as NR-CAT2, FR-CAT2, and AR-CAT2.