• Title/Summary/Keyword: 웹 보안

Search Result 911, Processing Time 0.032 seconds

Distributed Intrusion Detection System for Safe E-Business Model (안전한 E-Business 모델을 위한 분산 침입 탐지 시스템)

  • 이기준;정채영
    • Journal of Internet Computing and Services
    • /
    • v.2 no.4
    • /
    • pp.41-53
    • /
    • 2001
  • Multi-distributed web cluster model built for high availability E-Business model exposes internal system nodes on its structural characteristics and has a potential that normal job performance is impossible due to the intentional prevention and attack by an illegal third party. Therefore, the security system which protects the structured system nodes and can correspond to the outflow of information from illegal users and unfair service requirements effectively is needed. Therefore the suggested distributed invasion detection system is the technology which detects the illegal requirement or resource access of system node distributed on open network through organic control between SC-Agents based on the shared memory of SC-Server. Distributed invasion detection system performs the examination of job requirement packet using Detection Agent primarily for detecting illegal invasion, observes the job process through monitoring agent when job is progressed and then judges the invasion through close cooperative works with other system nodes when there is access or demand of resource not permitted.

  • PDF

IoT service and Research for Field of medicine application (IoT 서비스와 의료분야 적용에 관한 연구)

  • Na, Chan-kook;Park, Yune-soo;Kim, Wooseond;Lee, Bok-gi
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2016.05a
    • /
    • pp.453-456
    • /
    • 2016
  • Recently, IoT technologies attract much attenction in medical area. Previous medical IoT had focused mainly on chronological diseases or fitness for particular users. Contrarily, medical use of the IoT technologies is now extended for medical institutes and hospitals to care intensively in-house patients, which requires typically more strict and reliable data delivery and security, authentication and authorization. This study defines scenario of the medical IoT for the intensive care and proposes an architecture of the medical IoT services. We implement a testbed using commerical sensors and Arduino board together with a Web-based platform. Experiment results on the testbed show that our approach can be feasible for the medical system in terms of latency and accuracy in medical data delivery.

  • PDF

Custom Cryptographic Protocol Implementation Method Based on OpenSSL (OpenSSL 기반 사용자 지정 암호 프로토콜 구현 방안)

  • Lam, JunHuy;Lee, Sang-Gon;Lee, Hoon-Jae;Andrianto, Vincentius Christian
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.3
    • /
    • pp.459-466
    • /
    • 2017
  • One of the most widely-used open source project; OpenSSL is a cryptography library that is used to secure most web sites, servers and clients. One can secure the communication with the Secure Socket Layer (SSL) or its successor, Transport Layer Security (TLS) protocols by using the OpenSSL library. Since cryptography protocols will be updated and enhanced in order to keep the system protected, the library was written in such a way that simplifies the integration of new cryptographic methods, especially for the symmetric cryptography protocols. However, it gets a lot more complicated in adding an asymmetric cryptography protocol and no guide can be found for the integration of the asymmetric cryptography protocol. In this paper, we explained the architecture of the OpenSSL library and provide a simple tutorial to modify the OpenSSL library in order to accommodate custom protocols of both symmetric and asymmetric cryptography.

Dynamic Analysis Framework for Cryptojacking Site Detection (크립토재킹 사이트 탐지를 위한 동적 분석 프레임워크)

  • Ko, DongHyun;Jung, InHyuk;Choi, Seok-Hwan;Choi, Yoon-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.4
    • /
    • pp.963-974
    • /
    • 2018
  • With the growing interest in cryptocurrency such as bitcoin, the blockchain technology has attracted much attention in various applications as a distributed security platform with excellent security. However, Cryptojacking, an attack that hijack other computer resources such as CPUs, has occured due to vulnerability to the Cryptomining process. In particular, browser-based Cryptojacking is considered serious because attacks can occur only by visiting a Web site without installing it on a visitor's PC. The current Cryptojacking detection system is mostly signature-based. Signature-based detection methods have problems in that they can not detect a new Cryptomining code or a modification of existing Cryptomining code. In this paper, we propose a Cryptojacking detection solution using a dynamic analysis-based that uses a headless browser to detect unknown Cryptojacking attacks. The proposed dynamic analysis-based Cryptojacking detection system can detect new Cryptojacking site that cannot be detected in existing signature-based Cryptojacking detection system and can detect it even if it is called or obfuscated by bypassing Cryptomining code.

Design of the Certificate-based Authorization Policy Module in a PKI Environment (PKI 환경에서 인증서 기반 권한 정책 모듈 설계)

  • Shin, Myeong-Sook;Song, Gi-Beom;Lee, Jeong-Gi;Lee, Cheol-Seung;Lee, Joon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • v.9 no.1
    • /
    • pp.898-901
    • /
    • 2005
  • In this paper, we design an authorization policy module which provides the safty and reliable authorization of the user to provide the resolution for authorization in distributed environments. PKI have been utilized much by an information security-based structure for Internet electronic commerce, it is developing X.509-based in various application field such as a network security. Especially, it provides good resolution for the authentication of the user in the situation not to meet each other, but it is not enough to provide the resolution of the authorization in distributed computing environments. In this paper, We provide AAS model, which can be used distributed resources by distributed users, and design AAS model which is an authorization policy module in the Linux-based Apache Web server.

  • PDF

Phishing Detection Methodology Using Web Sites Heuristic (웹사이트 특징을 이용한 휴리스틱 피싱 탐지 방안 연구)

  • Lee, Jin Lee;Park, Doo Ho;Lee, Chang Hoon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.4 no.10
    • /
    • pp.349-360
    • /
    • 2015
  • In recent year, phishing attacks are flooding with services based on the web technology. Phishing is affecting online security significantly day by day with the vulnerability of web pages. To prevent phishing attacks, a lot of anti-phishing techniques has been made with their own advantages and dis-advantages respectively, but the phishing attack has not been eradicated completely yet. In this paper, we have studied phishing in detail and categorize a process of phishing attack in two parts - Landing-phase, Attack-phase. In addition, we propose an phishing detection methodology based on web sites heuristic. To extract web sites features, we focus on URL and source codes of web sites. To evaluate performance of the suggested method, set up an experiment and analyze its results. Our methodology indicates the detection accuracy of 98.9% with random forest algorithm. The evaluation of proof-of-concept reveals that web site features can be used for phishing detection.

Construction of IoT Environment for XMPP Protocol Based Medical Devices Using Powershell (Powershell을 이용한 안전한 XMPP 프로토콜 기반의 의료기기 IoT환경 구축 제안)

  • Park, Yeon-Jin;Lee, Kuen-Ho
    • Journal of Internet of Things and Convergence
    • /
    • v.2 no.2
    • /
    • pp.15-20
    • /
    • 2016
  • MicroSoft Windows 10 IoT version, released in August 2015, successfully drew consumer interest by introducing the familiar Windows into the IoT market, and enabled an easier system construction of IoT web servers. Meanwhile, overdiagnosis has recently emerged as a controversy in medical society. Establishment of communication between IoT servers and medical devices will send treatment results to users and activate communication between hospitals, greatly reducing this problem. The IoT server, with its limited resources, utilizes lightweight protocols that do not generate traffic and are easy to use. This paper proposes IoT networks which will enable medical devices to easily provide ubiquitous environments to their users, through utilization of the lightweight Simple Service Discovery Protocol (SSDP) and the secure Extensible Messaging and Presence Protocol (XMPP).

Design and Implementation of On-line Instruction Manual System (온라인 매뉴얼 시스템의 설계 및 구현)

  • Kim, Byungho;Eun, Seongbae
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.3
    • /
    • pp.411-417
    • /
    • 2018
  • This paper proposes and implements an on-line instruction manual system which can generate the instruction manual page for the target device at the smartphone on the spot. The instruction manual app. on smartphone scans a QR code or reads NFC tag attached in the instruction manual management module embedded in the target device, and receives instruction manual data from the instruction manual management module through the Bluetooth communications and finally shows the refined instruction manual pages on the smartphone display using a Web-based templates. For the evaluation we embedded the instruction manual management module for an industrial generator with its instruction manual data. Assuming a circumstance of blackout we show that the proposed system can reduce the repair work within two steps compared to three steps in the existing one without the proposed system.

cDNA Microarray data Analysis and Management System: cMAMS (cDNA 마이크로어레이 데이터의 분석과 관리 시스템: cMAMS)

  • 김상배;김효미;이은정;김영진;박정선;박윤주;정호열;고인송
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2004.04b
    • /
    • pp.247-249
    • /
    • 2004
  • 마이크로어레이 기술은 근래에 개발된 신기술로써 동시에 수천-수만 개의 유전자 발현을 측정할 수 있어 다양한 생물학적 연구에 이용되고 있다. 여러 단계의 실험 과정과 이를 통해 얻은 다량의 데이터를 처리하기 위해서는 이를 효율적으로 관리. 저장, 분석할 수 있는 통할 정보 관리 시스템을 필요로 한다. 현재 외국에서는 몇몇 관리시스템이 개발되어 있고. 국내에서도 WEMA 등이 있지만 아직 데이터 관리부분에 기능이 치우쳐 있다. 따라서 우리는 복잡한 자료구조를 가지는 마이크로어레이의 실험 정보와 각 단계별 처리 정보 등을 사용자의 관점에서 효과적이고 체계적으로 관리할 수 있고, 데이터 정규화 및 다양한 통계적 분석 기능을 갖춰 불필요한 시간과 비용을 줄임으로써 마이크로어레이 연구에 도움을 주고자 통합 분석관리 시스템 cMAMS (cDNA Microarray Analysis and Management System)를 개발하였다. 웹 기반으로 구현된 cMAMS는 데이터를 저장, 관리하는 부분과 데이터를 분석하는 부분, 그리고 모든 관련 점보가 저장되는 데이터베이스 부분으로 구성되어 있다 데이터관리부분에서는 WEMA의 계층적 데이터구조론 도입해 관리의 효율성을 높이고 시스템의 이용자를 시스템운영자, 프로젝트관리자, 일반사용자로 구분하여 데이터 접근을 제한함으로써 보안성을 높였다. 통계처리 언어 R로 구현된 데이터분석 부분은 7 단계의 다양한 분석(전처리 정규화, 가시화, 군집분석. 판별분석, 특이적 발현 유전자 선뿐, 마이크로어레이 간의 상판분석)이 가능하도록 구현하였고, 분석결과는 데이터베이스에 저장되어 추후에 검토 및 연구자간의 공유가 가능하도록 하였다. 데이터베이스는 실험정보가 저장된 데이터베이스, 분석결과가 저장된 데이터베이스, 그리고 유전자 정보 탐색을 위한 데이터베이스로 분류해 데이터를 효율적으로 관리할 수 있게 하였다. 본 시스템은 LiNUX를 운영체계로 하고 데이터베이스는 MYSQL로 하여 JSP, Perl. 통계처리 언어인 R로 구현되었다.

  • PDF

User Authentication Mechanism for using a Secure IPTV Service in Mobile Device (이동 장비에서 안전한 IPTV 서비스를 사용하기 위한 사용자 인증 메커니즘)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol;Lee, Sang-Ho
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.34 no.4B
    • /
    • pp.377-386
    • /
    • 2009
  • IPTV technology for providing multimedia content with high-speed is the network which combines existing network, multimedia and internet technology etc. But internet, broadcasting and web technologies which is now being used is not optimized to IPTV because the security problem between user who gets content service through mobile units and content server is not guaranteed. This paper proposes user certification mechanism between mobile device and content server to receive the service which the user for the content chooses by mobile device safely. The proposed mechanism uses the random number which user creates and certification token for preventing illegal user who uses other's service that already paid. Also the proposed protocol encrypts the delicate data like user's information or profile using shared-key between java card attached on user's mobile device and grant sewer and then prevents reply attack which happens often in wireless section and man-in-the-middle attack by MAC.