• KIISE Transactions on Computing Practices
• /
• v.22 no.7
• /
• pp.310-314
• /
• 2016

Currently, several research studies are looking to improve the quality of DASH (Dynamic Adaptive Streaming over HTTP) based live streaming services. However, conventional DASH based streaming schemes cannot provide seamless playback while maintaining the low buffering and it adversely affects the QoE (Quality of Experience). To address this problem, we propose the QoE driven segment scheduling scheme. The proposed scheme adaptively schedules the segment request message according to the time and variation of segment fetching. Simulation results indicate that the proposed scheme improves the QoE of live streaming service by maintaining the low buffering delay and reducing the buffer underflow events.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.365-371
• /
• 2021

With the rapid growth in Internet users, web applications are becoming the main target of hackers. Most previous WAFs (Web Application Firewalls) target every single HTTP request packet rather than the overall behavior of the attacker, and are known to be difficult to detect new types of attacks. In this paper, we propose a web attack detection system based on user behavior using machine learning to detect attacks of unknown patterns. In order to define user behavior, we focus on features excluding areas where an attacker can camouflage as a normal user. The experimental results shows that by using the path and query information to define users' behaviors, best results for an accuracy of 99% with Decision forest.

• Journal of Internet Computing and Services
• /
• v.17 no.5
• /
• pp.89-95
• /
• 2016

In a software testing domain, test case prioritization techniques improve the performance of regression testing, and arrange test cases in such a way that maximum available faults be detected in a shorter time. User-sessions and cookies are unique features of web applications that are useful in regression testing because they have precious information about the application state before and after making changes to software code. This approach is in fact a user-session based technique. The user session will collect from the database on the server side, and test cases are released by the small change configuration of a user session data. The main challenges are the effectiveness of Average Percentage Fault Detection rate (APFD) and time constraint in the existing techniques, so in this paper developed an intelligent framework which has three new techniques use to manage and put test cases in group by applying useful criteria for test case prioritization in web application regression testing. In dynamic weighting approach the hybrid criteria which set the initial weight to each criterion determines optimal weight of combination criteria by evolutionary algorithms. The weight of each criterion is based on the effectiveness of finding faults in the application. In this research the priority is given to test cases that are performed based on most common http requests in pages, the length of http request chains, and the dependency of http requests. To verify the new technique some fault has been seeded in subject application, then applying the prioritization criteria on test cases for comparing the effectiveness of APFD rate with existing techniques.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.6
• /
• pp.37-48
• /
• 2010

In general, an HTTP server sends information in response to requests from clients. Since it does not support active information delivery to clients, it can not efficiently provide the rapidly changing information to clients. Overcoming this shortcoming of the HTTP protocol, the technology known as server push enables the HTTP server to actively provide information to clients without explicit requests from clients. Adobe BlazeDS is a web server supporting the server push technology, helping users to develop web-based push applications. Unfortunately, since the BlaseDS server have no functions of filtering the information to be pushed according to various types of users, there are difficulties in developing push applications handling various situations in a efficient way. In this paper, to support effective development of push applications on BlazeDS we present the methods of adding a message filtering facility to BlazeDS and utilizing it. According to the filtering request of clients, the message filtering facility modifies information to be pushed, sending the modified information to the clients. The extended BlazeDS server with the message filtering facility provides environments to easily develop push services customized for various clients with their own situations.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.10
• /
• pp.1109-1114
• /
• 2015

In this paper, design and implementation of RIA(: Rich Internet Application) technology, a CMS based on either of the Adobe Flex framework. Flex existing HTML + CSS + Javascript, etc. it can be easily added to a variety of visual components on a markup language consisting allow you to implement a more dynamic website. The HTTP request is processed using the Spring Framework of MVC based. Spring Framework provides a number of services for the development of a dynamic website to open source framework for the Java platform. It is being used as a standard-based technology for e-government framework used to develop recommendations and Republic of Korea during the Web service public institutions. Extensive production becomes increasingly thin web can be more efficiently managed, and will provide convenience to the user.

• Proceedings of the Korea Contents Association Conference
• /
• 2007.11a
• /
• pp.121-125
• /
• 2007

This paper proposes automatic generation method of proxy client code to automation of web service selection process through a monitoring agent. The technique of this paper help service consumer to provide source code of proxy client as it bring an attribute value of specific element of WSDL document using template rule. Namely, a XSLT script file provide code frame of dynamic invocation interface model. The automatic code generation technique need to solving starvation status of selection architecture. It is required to creating request HTTP message for every service on the result of search. The created proxy client program code generate dummy message about services. The proposed client code generation method show us a possibility of application in the automatic generation programming domain.

• The Journal of the Korea Contents Association
• /
• v.8 no.1
• /
• pp.228-235
• /
• 2008

This paper proposes automatic generation method of proxy client code to automation of web service selection process through a monitoring agent. The technique of this paper help service consumer to provide source code of proxy client as it bring an attribute value of specific element of WSDL document using template rule. Namely, a XSLT script file provide code frame of dynamic invocation interface model. The automatic code generation technique need to solving starvation status of selection architecture. It is required to creating request HTTP message for every service on the result of search. The created proxy client program code generate dummy message about services. The proposed client code generation method show us a possibility of application in the automatic generation programming domain.

• Journal of Digital Convergence
• /
• v.13 no.2
• /
• pp.177-183
• /
• 2015

Cross Site Scripting enables hackers to steal other user's information (such as cookie, session etc.) or to do abnormal functions automatically using vulnerability of web application. This attack patterns of Cross Site Scripting(XSS) can be divided into two types. One is Reflect XSS which can be executed in one request for HTTP and its reply, and the other is Stored XSS which attacks those many victim users whoever access to the page which accepted the payload transmitted. To correspond to these XSS attacks, some measures have been suggested. They are data validation for user input, output validation during HTML encoding procedures, and removal of possible risk injection point to prevent from trying to insert malicious code into web application. In this paper, the methods and procedures for these two types are explained and a penetration testing is done. With these suggestions, the attack by XSS could be understood and prepared by its countermeasures.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.571-574
• /
• 2005

XCAP(XML Configuration Access Protocol) which has been proposed in IETF is based on both XML and HTTP protocol. XCAP server maintains user's configuration information for specific application which is described by XML. This protocol can be applied to many application servers for adapting user's preferences. There can be many way to interwork with other application servers. In this paper, we will talk about the experience of designing and implementation of XCAP server and the way of interwork with application servers.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.10
• /
• pp.351-356
• /
• 2014

Recently, automobile black boxes have evolved to support functionality to transfer videos stored in them into mobile phones via wireless network, from which the videos can be utilized for various purposes. This paper presents a method for automation of traffic violation reports using the automobile black boxes. When a traffic violation is captured by a black box, the proposed method helps a user to transfer the video capturing it into a mobile phone through a simple UI operation. With the video, an HTTP request to report the violation is automatically generated from the mobile phone, and then is transferred to a cyber-report center. We present a prototype system that implements the proposed method, and discuss several issues necessary to apply the method to real-world applications.