• ETRI Journal
• /
• v.42 no.3
• /
• pp.433-445
• /
• 2020

A denial-of-service (DoS) attack is a serious attack that targets web applications. According to Imperva, DoS attacks in the application layer comprise 60% of all the DoS attacks. Nowadays, attacks have grown into application- and business-layer attacks, and vulnerability-analysis tools are unable to detect business-layer vulnerabilities (logic-related vulnerabilities). This paper presents the business-layer dynamic application security tester (BLDAST) as a dynamic, black-box vulnerability-analysis approach to identify the business-logic vulnerabilities of a web application against DoS attacks. BLDAST evaluates the resiliency of web applications by detecting vulnerable business processes. The evaluation of six widely used web applications shows that BLDAST can detect the vulnerabilities with 100% accuracy. BLDAST detected 30 vulnerabilities in the selected web applications; more than half of the detected vulnerabilities were new and unknown. Furthermore, the precision of BLDAST for detecting the business processes is shown to be 94%, while the generated user navigation graph is improved by 62.8% because of the detection of similar web pages.

• Journal of KIISE:Information Networking
• /
• v.30 no.3
• /
• pp.377-386
• /
• 2003

In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.265-268
• /
• 2010

Current Traceback is difficult due to the development of bypass technique Proxy and IP-driven to trace the real IP Source IP is the IP traceback after the actual verification is difficult. In this paper, an intelligent about SQL Query field, column, table elements such as analysis of the value and the matching key values and Data used here to analyze source user hit point values for the user to trace the Application Layer IP for the analysis of forensic evidence guided by In this study, including forensic DB security will contribute to the development of electronic trading.

• IEIE Transactions on Smart Processing and Computing
• /
• v.5 no.1
• /
• pp.55-62
• /
• 2016

In this paper, we propose a hybrid multi.system-on-chip (H-MSoC) architecture that provides a high-flexibility system in a rapid development time. The H-MSoC approach provides a flexible system-on-chip (SoC) architecture that is easy to configure for physical- and application-layer development. The physical- and application-layer aspects are dynamically designed and modified; hence, it is important to consider a design methodology that supports rapid SoC development. Physical layer development refers to intellectual property cores or other modular hardware (HW) development, while application layer development refers to user interface or application software (SW) development. H-MSoC is built from multi-SoC architectures in which each SoC is localized and specified based on its development focus, either physical or application (hybrid). Physical HW development SoC is referred to as physical-SoC (Phy-SoC) and application SW development SoC is referred to as application-SoC (App-SoC). Phy-SoC and App-SoC are connected to each other via Ethernet. Ethernet was chosen because of its flexibility, high speed, and easy configuration. For prototyping, we used a LEON3 SoC as the Phy-SoC and a ZYNQ-7000 SoC as the App-SoC. The proposed design was proven in real-time tests and achieved good performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.1
• /
• pp.138-140
• /
• 2020

As the IoT is applied to home and industrial networks, data generated by the IoT is being processed at the cloud edge. Intrusion detection function is very important because it can be operated by invading IoT devices through the cloud edge. Data delivered to the edge network in the cloud environment is traffic at the application layer. In order to determine the intrusion of the packet transmitted to the IoT, the intrusion should be detected at the application layer. This paper proposes the intrusion detection function at the application layer excluding normal traffic from IoT intrusion detection function. As the proposed method, we obtained the intrusion detection result by decision tree method and explained the detection result for each feature.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.5 no.3
• /
• pp.9-18
• /
• 2009

This paper proposes a Ubiquitous Henhouse Monitoring System (UHMS) that can not only monitor henhouse's conditions and raising environments, but also control the henhouse remotely by using sensor network technology. The system consists of three layers. The physical layer connects sensors with facilities. The middleware layer processes and manages data collected from the physical layer. And the application layer provides the user with the user requested services. The system provides a real-time monitoring service, a facility controlling service, an expert service, a consumer safety service, and a mobile message service via interacting with components of each layer. Finally, a henhouse model is defined and the relevant system components and the application GUIs are implemented.

• 한국전산유체공학회:학술대회논문집
• /
• 2001.10a
• /
• pp.37-43
• /
• 2001

The methods of atmospheric boundary layer generation in test section were reviewed. To utilize conventional aerodynamic wind tunnels as atmospheric wind tunnels, boundary layer growth should be accelerated. To achieve this, improvement of boundary layer generation devices is required and it might be done by CFD. In this respect, CFD application cases in boundary generation devices were reviewed and potential areas were considered. Some cases are tried by Fluent 5 code.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.277-280
• /
• 2010

Network based on the OSI 7 Layer communication protocol is implemented, and the Internet TCP / IP Layer Based on the vulnerability is discovered and attacked. In this paper, using the programs on the network Layer Scanning conducted by the Layer-by each subsequent vulnerability analysis. Layer by Scanning each vulnerability analysis program to analyze the differences will be studied. Scanning for the studies in the program reflects the characteristics of the Scanning Features of way, and security countermeasures by each Layer is presented. The results of this study was to analyze its vulnerability to hackers and security for defense policy as the data is utilized to enhance the security of the network will contribute.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.1B
• /
• pp.1-6
• /
• 2005

Communication network is in a transition toward the NGN (Next Generation Networks) to accommodate the explosive demand of new services. The NGN allows the third-party application provisioning by defining the networks as layers of Services, Distributed Processing Environment and Transport. Especially, the Service layer can further be divided into Application and Service Component layer. In order to realize the third-party application provisioning, the Parlay Group has adopted an open Parlay API as an interface between the Application and the Service Component layer. Using Parlay API, the third parties may develop and deploy the IT-based applications at the Application layer exploiting the service components located within network operators' domain. In this paper, we present the implementation details about the Third Party Call Control (TPCC) Service using the third-party service logic based on Parlay API and Parlay X API, when SIP is used as a signaling protocol in Transport layer. Also, we compare the performance evaluation of both implementations.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.1936-1939
• /
• 2004

This paper proposes streaming layer for personal robot's middleware. Under assumption that robot has open architecture, i.e. consists of modules created by different vendors and intercommunication between these modules is necessary, we have to consider that there are many different network interfaces. To make communication between modules possible it is necessary to develop new type of middleware. Such middleware has to support different platforms, i.e. OS, network interface, hardware, etc. In addition, it is necessary to implement effective interface between network and application in order to manage inter application communications and use network resources more effectively. Streaming layer is such interface that implements necessary functionality together with simplicity and portability. Streaming layer provides high level of abstraction and makes communication between distributed applications transparent as if are located in same module. With possibility of extension by user defined application interfaces it is suitable for distributed environments, i.e. module based architecture including small-embedded systems like as DSP board. To verify the proposed streaming layer structure it is implemented using C and tested.