• The Journal of Korean Association of Computer Education
• /
• v.14 no.6
• /
• pp.75-81
• /
• 2011

Cookie is simple text file, which contains records of web service which provided to user. some of data included in Cookie has user's private information. When attacker has Cookie which included user's private information, will causing financial losses. In this paper we designed security section which can improve vulnerable Cookie's security level. Through research and vulnerability analysis of Cookie file, we find out how to implement security area to offer efficient security area and design security area for cookie file. Also we checked security level to performance evaluation. Through this security level, we can keep user's private information secure using Cookie's improve security level which stored in user's personal computer.

• Journal of the Korea Society for Simulation
• /
• v.20 no.1
• /
• pp.29-37
• /
• 2011

Cookie file can be properly protected by designing security zone to enhance the safety of cookie file vulnerable to cyber attacks. In this paper, the model, in which cookie file is stored in the security area and the current visiting page is closely linked with cookie, is proposed to help users utilize in the same existing way, as well as enhance the security of user cookie files. Even if attacker tries to compromise web browser's cookie folder, the security of other cookies can be preserved. It is possible since the folder has the only cookie for the current web page where user is visiting.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2001.06a
• /
• pp.522-525
• /
• 2001

웹 프로토콜인 HTTP는 효율적으로 동작하기 위하여 이전 상태 정보를 저장하지 못하는 Stateless 특성을 가지고 있으므로, 이러한 문제를 해결하여 상태 유지 및 사용자 편의성을 제공하기 위해 만들어진 것이 쿠키(cookie)이다. 그러나 쿠키는 평문 형태로 전송되고 사용자 컴퓨터에 일반 텍스트 형태로 저장되므로 쉽게 노출되어 쿠키 파일의 복사, 수정이 가능하여 안전성에 심각한 위험이 존재한다. 본 논문에서는 이러한 쿠키의 보안 문제를 해결하기 위해 안전한 쿠키 설계 및 구현 방안을 제시하였다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1090-1096
• /
• 2002

The HTTP does not support continuity for browser-server interaction between successive visits or a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on X.509 public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.

• Proceedings of the KIEE Conference
• /
• 2001.11c
• /
• pp.453-455
• /
• 2001

웹 사용자들의 서비스 사용 분석에 환한 기존의 연구는, 웹서버가 기록하는 표준로그파일과 쿠키정보를 분석하는데 바탕을 두고 이루어져왔다. 이러한 방법으로는 웹사이트 방문자의 행동에 관한 상세한 정보를 파악할 수 없다. 본 연구에서는 네트웍 상에서 오고가는 패킷들을 캡처하고 HTTP에 관한 패킷들을 걸러내어 저장함으로써 웹서버로그파일이나 쿠키정보만으로는 파악할 수 없는 웹사용정보를 취한다. 또한 얻어낸 정보들에 대해 데이터마이닝 기법을 적용하여 웹 사용자의 행동을 분석하여 VRM(visitor relationship management)이 가능하게 한다. 이를 위해 패킷의 캡쳐 및 필터링 기법, 패킷정보로부터 웹사용정보의 구성방법 실시간으로 증가하는 정보들의 저장 및 처리기법, VRM을 위한 데이터마이닝 기법을 고안하였다.

• Digital Contents
• /
• no.4 s.95
• /
• pp.34-37
• /
• 2001

웹검색의 어둡고 먼 과거로 거슬러 올라가면 HotBot가 스크립티드 파워 검색 기능에 대한 특성의 검색엔진으로서 최고 권위를 휘두르고 있었다. 그 초기 형태들 중 하나의 경우 검색자가 HotBot 검색 형태에 대한 옵션 중 어떤것이 디스플레이되어야 하는지를 선택할 수 있었다. 쿠키 파일에 검색자 컴퓨터상의 이런 환경설정이 저장된다는 것은 검색자가 HotBot를 재방문할 때마다 그가 선호하는 검색 옵션이 나타난다는 것을 의미한다.

• Information Systems Review
• /
• v.4 no.1
• /
• pp.47-67
• /
• 2002

Since mid 90's, most of firms utilizing web as a communication vehicle with customers are keenly interested in web log file which contains a lot of trails customers left on the web, such as IP address, reference address, cookie file, duration time, etc. Therefore, an appropriate analysis of the web log file leads to understanding customer's behaviors on the web. Its analysis results can be used as an effective marketing information for locating potential target customers. In this study, we introduced a web mining technique using Clementine of SPSS, and analyzed a set of real web log data file on a certain Internet hub site. We also suggested a process of various strategies build-up based on the web mining results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.407-416
• /
• 2018

Instagram is a Social Network Service(SNS) that has recently become popular among people of all ages and it makes people to construct social relations and share hobbies, daily routines, and useful information. However, since the uploaded information can be accessed by arbitrary users and it is easily shared with others, frauds, stalking, misrepresentation, impersonation, an infringement of copyright and malware distribution are reported. For this reason, it is necessary to analyze Instagram from a view of digital forensics but the research involved is very insufficient. So in this paper, We performed reverse engineering and dynamic analysis of Instagram from a view of digital forensics in the Android environment. As a result, we checked three database files that contain user behavior analysis data such as chat content, chat targets, posted photos, and cookie information. And we found the path to save 4 files and the xml file to save various data. Also we propose ways to use the above results in digital forensics.

• Journal of KIISE:Software and Applications
• /
• v.30 no.9
• /
• pp.843-849
• /
• 2003

Web usage mining is the technique of data mining that analyzes web users' usage patterns by large web log. To use the web usage mining technique, we have to classify correctly users and users session in preprocessing, but can't classify them completely by only log files with standard web log format. To classify users and user session there are many problems like local cache, firewall, ISP, user privacy, cookey etc., but there isn't any definite method to solve the problems now. Especially local cache problem is the most difficult problem to classify user session which is used as input in web mining systems. In this paper we propose a heuristic method which solves local cache problem by using only click stream data of server side like referrer log, agent log and access log, classifies user sessions and completes session.