• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4191-4203
• /
• 2015

WebView is a vital component in smartphone platforms like Android, Windows and iOS that enables smartphone applications (apps) to embed a simple yet powerful web browser inside them. WebView not only provides the same functionalities as web browser, it, more importantly, enables a rich interaction between apps and webpages loaded inside the WebView. However, the design and the features of WebView lays path to tamper the sandbox protection mechanism implemented by browsers. As a consequence, malicious attacks can be launched either against the apps or by the apps through the exploitation of WebView APIs. This paper presents a critical attack called Supplementary Event-Listener Injection (SEI) attack which adds auxiliary event listeners, for executing malicious activities, on the HTML elements in the webpage loaded by the WebView via JavaScript Injection. This paper also proposes an automated static analysis system for analyzing WebView embedded apps to classify the kind of vulnerability possessed by them and a solution for the mitigation of the attack.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.8
• /
• pp.77-85
• /
• 2019

In this paper, we propose a "Safe Web Using Scrapable Headless Browse" Because in a network separation environment for security, It does not allow the Internet. The reason is to physically block malicious code. Many accidents occurred, including the 3.20 hacking incident, personal information leakage at credit card companies, and the leakage of personal information at "Interpark"(Internet shopping mall). As a result, the separation of the network separate the Internet network from the internal network, that was made mandatory for public institutions, and the policy-introduction institution for network separation was expanded to the government, local governments and the financial sector. In terms of information security, network separation is an effective defense system. Because building a network that is not attacked from the outside, internal information can be kept safe. therefore, "the separation of the network" is inefficient. because it is important to use the Internet's information to search for it and to use it as data directly inside. Using a capture method using a Headless Web browser can solve these conflicting problems. We would like to suggest a way to protect both safety and efficiency.

• Journal of KIBIM
• /
• v.8 no.4
• /
• pp.60-71
• /
• 2018

The port BIM technology has many problems such as lack of relevant system, high cost of BIM infrastructure construction, and process difference of existing domestic inter-industry. Since the port facilities as national key industries are managed and operated by public organizations, it is necessary to integrate IT resources and have a system that needs collective construction and joint utilization management. In this paper, we proposed the convergence of cloud computing technology and BIM as a way to reduce the infrastructure cost required for port BIM operation and to provide various BIM services for domestic process. To do this, we collected system requirements based on demand surveys of port staff and designed a BIM browser that provides IFC-based BIM server and customized services to reduce infrastructure cost in cloud computing environment. In terms of infrastructure, we designed cloud-based IaaS to support cost reduction, which is an essential component, and designed SaaS to support customized services in terms of services. We will perform performance verification with focus on whether port BIM servers and browsers have reached a level where they can manage four BIM models with different types and capacities.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.11
• /
• pp.779-788
• /
• 2013

With a wide dissemination of smartphones, the number of native applications developed and sold freely by anyone is growing now. The application market activated by Apple's App Store is spreading more rapidly with Google's Google Play. But due to platform-dependent of native application's attribute, developers are programming at each platform. As a result, development cost is increasing compared to earnings. To solve a dependency problem, people focused on web application developed by web-based language. However, stores at each browser are requiring a web application to follow manifest format. And this causes browser-dependent problem. Those problems can be solved by installing a certain browser, but this can make an application useless on the other browser of a store. Dependency problem can narrow not only user's application variation, but also concentration on some specific store. OWS(Open Web Store) is a standard store that supports various web environments. It overcomes browser or platform dependency problems by interworking applications between stores. Also customers are able to choose a large number of applications. In this paper, related to OWS, I would like to suggest manifest standards and store's reference architecture. An interworking scenario is going to be proposed as well.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.656-659
• /
• 2015

Recently, due to the standard of a new browser developed by the Google and Mozilla "Service Worker", future users is expected to be able to make use of favorite Web sites offline. Google's is, Web sites have developed a standard of a new browser so as to always respond to user requests. Service Worker, websites that provide space capable of offline work to the user's browser to store various document information, to provide the necessary resources. Then, in order to greatly reduce the data exchange operations between the browser and the server, the speed of the Web page increases. Not only cooks as native app that can use the Web application offline, in that us to also further enhance the characteristics of an existing Web application that is running without installing destructive high technology. Service worker specifications, use experience of Web application is very can be improved, is an innovative technology indicates the version of the web evolve as the future of the platform. Service Worker is not included in HTML5 standard final, is currently being continued standardization. Future Service Worker technology I expect what kind of thing unfolds when applied to the Web browser.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.278-281
• /
• 2018

The early Web technology was to show text information through a browser. However, as web technology advances, it is possible to show large amounts of multimedia data through browsers. Web technologies are being applied in a variety of fields such as sensor network, hardware control, and data collection and analysis for big data and AI services. As a result, the standard has been prepared for the Internet of Things, which typically controls a sensor via HTTP communication and provides information to users, by installing a web browser on the interface of the Internet of Things. In addition, the recent development of web-assembly enabled 3D objects, virtual/enhancing real-world content that could not be run in web browsers through a native language of C-class. Factors that evaluate the performance of existing Web applications include performance, network resources, and security. However, since there are many areas in which web applications are applied, it is time to revisit and review these factors. In this thesis, we will conduct an analysis of the factors that assess the performance of a web application. We intend to establish an indicator of the development of web-based applications by reviewing the analysis of each element, its main points, and its needs to be supplemented.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.5
• /
• pp.493-506
• /
• 2018

This paper proposes the OOPP(Optimized Online Portfolio Platform) design for the job seekers to search for the job competency necessary for employment and to write and manage portfolio online efficiently. The OOPP consists of three modules. First, JDCM(Job Data Collection Module) stores the help-wanted advertisements of job information sites in a spreadsheet. Second, CSM(Competency Statistical Model) classifies core competencies for each job by text-mining the collected help-wanted ads. Third, OBBM(Optimize Browser Behavior Module) makes users to look up data rapidly by improving the processing speed of a browser. In addition, The OBBM consists of the PSES(Parallel Search Engine Sub-Module) optimizing the computation of a Search Engine and the OILS(Optimized Image Loading Sub-Module) optimizing the loading of image text, etc. The performance analysis of the CSM shows that there is little difference in accuracy between the CSM and the actual advertisement because its data accuracy is 99.4~100%. If Browser optimization is done by using the OBBM, working time is reduced by about 68.37%. Therefore, the OOPP makes users look up the analyzed result in the web page rapidly by analyzing the help-wanted ads. of job information sites accurately.

• Computational Structural Engineering
• /
• v.23 no.2
• /
• pp.18-20
• /
• 2010

• Proceedings of the Korean Society of Plant Biotechnology Conference
• /
• 2003.10a
• /
• pp.35-36
• /
• 2003

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.89-92
• /
• 2006

웹 서비스에서 UDDI는 서비스 제공자(service provider)가 제공할 수 있는 서비스 리스트인 WSDL을 UDDI에 등록, 검색할 수 있도록 기능을 제공한다. 하지만 Java등의 프로그래밍 언어를 이용하여 웹 서비스를 개발하는 개발자는 UDDI에서 제공하는 WSDL 문서만으로는 충분한 도움말을 받지 못한다. 이에 TSPWRB(TSP Web Service Repository Browser)를 개발하여 WSDL의 자바 인터페이스를 검색하고 도움 기능을 제공하며, 외부 UDDI 검색 기능을 제공하여 웹 서비스 개발을 보다 쉽게 개발할 수 있도록 하였다.