• Journal of Space Technology and Applications
• /
• 제1권2호
• /
• pp.199-216
• /
• 2021

In 2020, the solar and space environment division at the Korea Space Science Society surveyed the status of data archives in solar physics, magnetosphere, and ionosphere/upper atmosphere in Korea to promote broader utilization of the data and research collaboration. The survey includes ground- and satellite-based instruments and developing models by research institutes and universities in Korea. Based on the survey results, this study reports the status of the ground-based instruments, data products in the ionosphere and upper atmosphere, and documentation of them. The ground-based instruments operated by the Korea Polar Research Institute and Korea Astronomy and Space Science Institute include ionosonde, Fabry-Perot interferometer in Arctic Dasan stations, Antarctic King Sejong/Jang Bogo stations, and an all-sky camera, VHF radar in Korea. We also provide information on total electron content and scintillation observations derived from the Global Navigation Satellite System (GNSS) station networks in Korea. All data are available via the webpage, FTP, or by request. Information on ionospheric data and models is available at http://ksss.or.kr. We hope that this report will increase data accessibility and encourage the research community to engage in the establishment of a new Space Science Data Ecosystem, which supports archiving, searching, analyzing, and sharing the data with diverse communities, including educators, industries, and the public as wells as the research scientist.

• Journal of Information Processing Systems
• /
• 제11권2호
• /
• pp.229-238
• /
• 2015

Web shells are programs that are written for a specific purpose in Web scripting languages, such as PHP, ASP, ASP.NET, JSP, PERL-CGI, etc. Web shells provide a means to communicate with the server's operating system via the interpreter of the web scripting languages. Hence, web shells can execute OS specific commands over HTTP. Usually, web attacks by malicious users are made by uploading one of these web shells to compromise the target web servers. Though there have been several approaches to detect such malicious web shells, no standard dataset has been built to compare various web shell detection techniques. In this paper, we present a collection of web shell files, WebSHArk 1.0, as a standard dataset for current and future studies in malicious web shell detection. To provide baseline results for future studies and for the improvement of current tools, we also present some benchmark results by scanning the WebSHArk dataset directory with three web shell scanning tools that are publicly available on the Internet. The WebSHArk 1.0 dataset is only available upon request via email to one of the authors, due to security and legal issues.

• Journal of The Korean Society of Agricultural Engineers
• /
• 제56권6호
• /
• pp.93-102
• /
• 2014

Generally data loading is a laborous job to develop models. Meteorological data is basic input data for hydrological models, it is provided through websites of Korea Meteorological Administration (KMA). The website of KMA provides daily meteorological observation data with tabular format classified by years, items, stations. It is cumbersome to manipulate tabular format for model inputs such as time series and multi-item or multi-station data. The provider oriented services which broadcast restricted formed information have caused inconvenient processes. Tim O'Reilly introduces "Web 2.0" which focuses on providing a service based on data. The top ranked IT companies such as google, yahoo, daum, and naver provide customer oriented services with Open API (Application Programming Interface). A RESTful web service, typical implementation for Open API, consists URI request and HTTP response which are simple and light weight protocol than SOAP (Simple Object Access Protocol). The aim of this study is to develop a web-based service that helps loading data for human use instead of machine use. In this study, the developed RESTful web service provides Open API for manipulating meteorological data. The proposed Open API can easily access from spreadsheet programs, web browsers, and various programming environments.

• International Journal of Computer Science & Network Security
• /
• 제23권2호
• /
• pp.199-202
• /
• 2023

Carriage return (CR) and line feed (LF), also known as CRLF injection is a type of vulnerability that allows a hacker to enter special characters into a web application, altering its operation or confusing the administrator. Log poisoning and HTTP response splitting are two prominent harmful uses of this technique. Additionally, CRLF injection can be used by an attacker to exploit other vulnerabilities, such as cross-site scripting (XSS). Email injection, also known as email header injection, is another way that can be used to modify the behavior of emails. The Open Web Application Security Project (OWASP) is an organization that studies vulnerabilities and ranks them based on their level of risk. According to OWASP, CRLF vulnerabilities are among the top 10 vulnerabilities and are a type of injection attack. Automated testing can help to quickly identify CRLF vulnerabilities, and is particularly useful for companies to test their applications before releasing them. However, CRLF vulnerabilities can also lead to the discovery of other high-risk vulnerabilities, and it fosters a better approach to mitigate CRLF vulnerabilities in the early stage and help secure applications against known vulnerabilities. Although there has been a significant amount of research on other types of injection attacks, such as Structure Query Language Injection (SQL Injection). There has been less research on CRLF vulnerabilities and how to detect them with automated testing. There is room for further research to be done on this subject matter in order to develop creative solutions to problems. It will also help to reduce false positive alerts by checking the header response of each request. Security automation is an important issue for companies trying to protect themselves against security threats. Automated alerts from security systems can provide a quicker and more accurate understanding of potential vulnerabilities and can help to reduce false positive alerts. Despite the extensive research on various types of vulnerabilities in web applications, CRLF vulnerabilities have only recently been included in the research. Utilizing automated testing as a recurring task can assist companies in receiving consistent updates about their systems and enhance their security.