• ETRI Journal
• /
• v.39 no.3
• /
• pp.406-416
• /
• 2017

Malware propagated via the World Wide Web is one of the most dangerous tools in the realm of cyber-attacks. Its methodologies are effective, relatively easy to use, and are developing constantly in an unexpected manner. As a result, rapidly detecting malware propagation websites from a myriad of webpages is a difficult task. In this paper, we present LoGos, an automated high-interaction dynamic analyzer optimized for a browser-based Windows virtual machine environment. LoGos utilizes Internet Explorer injection and API hooks, and scrutinizes malicious behaviors such as new network connections, unused open ports, registry modifications, and file creation. Based on the obtained results, LoGos can determine the maliciousness level. This model forms a very lightweight system. Thus, it is approximately 10 to 18 times faster than systems proposed in previous work. In addition, it provides high detection rates that are equal to those of state-of-the-art tools. LoGos is a closed tool that can detect an extensive array of malicious webpages. We prove the efficiency and effectiveness of the tool by analyzing almost 0.36 M domains and 3.2 M webpages on a daily basis.

• The Journal of the Korea Contents Association
• /
• v.6 no.3
• /
• pp.63-74
• /
• 2006

Recently many ASP applications have been released which enable them to accept, save and manipulate files uploaded with a web browser. The files are uploaded via an HTML POST form using RFC 1867 In particular, the file transfer via the HTTP port is getting more important because of the current Internet security issues. In this paper, we implement a form-based ASP upload component and disclose explicitly most of the main codes. That is, the open source might be helpful to develop the new ASP applications including file upload function in the future. We also show the upload time and CPU usage time of the proposed upload component and compare with the well-known commercial ones, showing the performance metrics of the proposed component are comparable to those of commercial ones.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.766-783
• /
• 2012

Recently, many malicious users have attacked web browsers using JavaScript code that can execute dynamic actions within the browsers. By forcing the browser to execute malicious JavaScript code, the attackers can steal personal information stored in the system, allow malware program downloads in the client's system, and so on. In order to reduce damage, malicious web pages must be located prior to general users accessing the infected pages. In this paper, a novel framework (JsSandbox) that can monitor and analyze the behavior of malicious JavaScript code using internal function hooking (IFH) is proposed. IFH is defined as the hooking of all functions in the modules using the debug information and extracting the parameter values. The use of IFH enables the monitoring of functions that API hooking cannot. JsSandbox was implemented based on a debugger engine, and some features were applied to detect and analyze malicious JavaScript code: detection of obfuscation, deobfuscation of the obfuscated string, detection of URLs related to redirection, and detection of exploit codes. Then, the proposed framework was analyzed for specific features, and the results demonstrate that JsSandbox can be applied to the analysis of the behavior of malicious web pages.

• IE interfaces
• /
• v.10 no.3
• /
• pp.75-93
• /
• 1997

Unlike individual applications, it is extremely hard to obtain user requirements for group systems, since there exists very complicated dynamics in group. This may result in spreading a great amount of products with a broad range of contents. Thus, this study presents a comparative analysis of groupware products. As a result, these products have been categorized into three areas which include cooperation/document management systems, collaborative writing systems, and decision-making/meeting systems. While the systems reviewed here focus on the cooperation/document management systems, the other two areas will be dealt in details in part Ⅱ. The first area ends up with two large categories such as proprietary groupware products and intranet groupware products. However, it has been observed that there is a natural convergence between these two categories. Consequently, the comparative analysis has been performed in terms of functions provided on the two categories and a combined category. Each group of the functions has been divided into three parts which consist of basic functions, quasi-basic functions, and others. Such a decision has been made based on the frequency rate of the functions provided in the products. With a more strict rule, the basic functions comprise electronic mail, sanction, bulletin board, document management, scheduling, security, Web browser, and Internet connectivity. This study also provides a framework for integrated functional model of groupware systems. The basic functions are merged into the model. However, the model is so flexible that it can partially include the quasi-functions in addition to the basic functions. In the future, it is expected that a large number of products will stem from the modification of the functional model.

• Journal of Institute of Control, Robotics and Systems
• /
• v.12 no.1
• /
• pp.1-8
• /
• 2006

The home network system guarantees families a safe, economical, socially integrated and healthy life by using information appliances. And it provides a family with domestic safety, control of instruments, controllable energy and health monitoring by connecting to home appliances. This study designs the broadband PLC home controller using broadband PLC(Power Line Communication) technology which can save much cost at a network infrastructure by using the existing power line at home. The broadband PLC home controller consists of the broadband PLC module, the embedded main controller module and I/O module. The broadband PLC home controller can control various domestic appliances such as an auto door-lock, a boiler, an oven, etc., because it has various I/O specifications. In this study, selected home network middleware for the broadband PLC home controller is Jini surrogate using Jini technology designed by means of access to easily a home network system without a limitation of the devices. And a client application program is supported java servlet program to manage and monitor the broadband PLC home controller via web browser of a PC or a PDA, etc. Finally, for an application, we implemented and tested a home security system using one broadband PLC home controller.

• Spatial Information Research
• /
• v.23 no.6
• /
• pp.57-66
• /
• 2015

Recently, the utilization of geospatial open platforms has been constantly increased and the interest in 3D geospatial data such as terrain, building and shopping mall has been increased significantly. In particular, rather than simplified 3D geospatial data, interest in high-precision 3D geospatial data which similarly represents the real world objects has increased significantly. In order to satisfy the demand for such the high-precision 3D geospatial data, various kinds of 3D geospatial open platforms has been developed and has provided services on the web. However, most of the 3D geospatial open platforms have been used plug-in module in order to ensure a fast 3D rendering performance on the web, despite the many problems such as difficulty of the installation, no supporting of cross browser/operating system and security issues. In addition, recently, the existing 3D geospatial open platforms based on plug-in module are facing a serious problem, by declaring the NPAPI service interruption in Chrome and Firefox browsers. In this study, we presents the design and implementation of a new 3D geospatial open platform based on HTML5/WebGL technology without the use of plug-ins. Such the new 3D geospatial open platform based on HTML5/WebGL may support cross browsers such as IE, Chrome, Firefox, Safari and cross OS platforms such as Windows, Linux, Mac and mobile OS platforms.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.4
• /
• pp.83-89
• /
• 2024

After the end of the service of Internet Explorer, the use of ActiveX ended, and the Non-ActiveX policy spread. HTML5 is used as a standard protocol for web pages established based on the Non-ActiveX policy. HTML5, developed in the W3C(World Wide Web Consortium), provides a better web application experience through API, with various elements and properties added to the browser without plug-in. However, new security vulnerabilities have been discovered from newly added technologies, and these vulnerabilities have widened the scope of attacks. There is a lack of research to find possible security vulnerabilities in HTML5-applied websites. This paper proposes a model for detecting tags and attributes with web vulnerabilities by detecting and analyzing security vulnerabilities in web pages of public institutions where plug-ins have been removed within the last five years. If the proposed model is applied to the web page, it can analyze the compliance and vulnerabilities of the web page to date even after the plug-in is removed, providing reliable web services. And it is expected to help prevent financial and physical problems caused by hacking damage.

• Journal of the Korean Institute of Illuminating and Electrical Installation Engineers
• /
• v.28 no.9
• /
• pp.99-104
• /
• 2014

This paper presents a unified live-streaming method based on Hypertext Mark-up Language 5(HTML5) for an IP camera which is independent of browsers of clients and is implemented with open-source libraries. Currently, conventional security systems based on analog CCTV cameras are being modified to newer surveillance systems utilizing IP cameras. These cameras offer remote surveillance and monitoring regardless of the device being used at any time, from any location. However, this approach needs live-streaming protocols to be implemented in order to verify real-time video streams and surveillance is possible after installation of separate plug-ins or special software. Recently, live streaming is being conducted through HTML5 using two different standard protocols: HLS and DASH, that works with Apple and Android products respectively. This paper proposes a live-streaming approach that is linked on either of the two protocols which makes the system independent with the browser or OS. The client is possible to monitor real-time video streams without the need of any additional plug-ins. Moreover, by implementing open source libraries, development costs and time were economized. We verified usefulness of the proposed approach through mobile devices and extendability to other various applications of the system.

• Journal of the Korean Institute of Telematics and Electronics S
• /
• v.36S no.8
• /
• pp.1-7
• /
• 1999

The Internet is emerging as a powerful tool in the area of information and communication technology. The WWW has been especially contributed to increase the internet demand because of its browser which has "Graphic User Interface". Nowadays number of hosts that supply harmful information such as pornographic materials, and the infringement of human rights is rapidly increased. Access to such materials is very easy. Therefore security system which will protect young users from access to harmful host is needed. This paper presents implementation of user system has database about harmful hosts at the Internet and monitors that the user traffic over LAM get touch with the hosts. The system can not make the user access the harmful host because it can over LAN. The performance analysis on the developed system monitoring the traffic over LAN of Andong university is carried out. The performance analysis of monitoring results satisfies with preventing users from the connection to the internet harmful sites.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.2
• /
• pp.209-216
• /
• 2002

World Wide Web has potential possibility of infrastructure for parallel computing environment connecting massive computing resources, not just platform to provide and share information via browser. The approach of Web-based parallel computing has many advantages of the ease of accessibility, scalability, cost-effectiveness, and utilization of existing networks. Applet has the possibility of decomposing the independent/parallel task, moving over network, and executing in computers connected in Web, but it lacks in the flexibility due to strict security semantic model. Therefore, in this paper, Web-based parallel computing environment using mobile agent, Aglet (Agile applet) was designed and possible implementation technologies and architecture were analyzed. And simple simulation and analysis was done compared with applet-based approach.