• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.5
• /
• pp.1801-1816
• /
• 2014

Because HTTP-related ports are allowed through firewalls, they are an obvious point for launching cyber attacks. In particular, malware uses HTTP protocols to communicate with their master servers. We call this an HTTP-based command and control (C&C) server. Most previous studies concentrated on the behavioral pattern of C&Cs. However, these approaches need a well-defined white list to reduce the false positive rate because there are many benign applications, such as automatic update checks and web refreshes, that have a periodic access pattern. In this paper, we focus on finding new discriminative features of HTTP-based C&Cs by analyzing HTTP activity sets. First, a C&C shows a few connections at a time (low density). Second, the content of a request or a response is changed frequently among consecutive C&Cs (high content variability). Based on these two features, we propose a novel C&C analysis mechanism that detects the HTTP-based C&C. The HAS-Analyzer can classify the HTTP-based C&C with an accuracy of more than 96% and a false positive rate of 1.3% without using any white list.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.703-710
• /
• 2004

WebDAV is a protocol to support collaboration among one or more groups in geographically distant locations through the internet. WebDAV extends the web communication protocol HTTP/1.1 to provide a standard infrastructure for .supporting asynchronous collaboration for various contents across the internet. A WebDAV client uses HTTP requests to perform a renewal and update action to the resources in WebDAY servers. So, it is desirable that the client supports the ability of authoring and version management with a good concurrency control and property management. In this paper, to enhance usability, we developed a .NET-based WebDAV client with a user interface similar to the Windows Explorer. The developed WebDAV client supports easy launching of the authoring application and appropriate lock control for the server resources. In addition, through the functionality of process monitoring, it supports automatic update of the server resources when the modification of the resources are completed by the user. The WebDAY client is a .NET-based application written in the C＃ language, running on any platform supporting a .NET framework.

• Journal of Korea Multimedia Society
• /
• v.14 no.7
• /
• pp.905-916
• /
• 2011

Recently, the W3C has developed the HTML 5 standard to provide various multimedia services as well as a web based streaming. HTML5 based web browsers with the built-in video codecs can be used directly for streaming services, though previous web browsers should contain playback plug-in for streaming services. In addition, an adaptive streaming technology using HTTP/TCP has been standardized, since an Internet firewall does not support RTP/UDP streaming protocol but HTTP/TCP streaming protocol. In this paper, we propose the service migration mechanism among various devices in the HTML5-based adaptive HTTP streaming environments. The proposed algorithm and architecture were modeled for migrating media flows, media flow control, and session control and implemented using JavaScript. Finally, we showed that the proposed mechanism was effective to migrate HTTP streaming service among various devices by performing several experiments.

• Journal of KIISE
• /
• v.42 no.8
• /
• pp.1039-1048
• /
• 2015

Recently, the web-based adaptive streaming service, DASH (Dynamic Adaptive Streaming over HTTP), is receiving more attention. However, existing network-based and buffer-based video quality control schemes in DASH environments make oscillation of segment throughput, causing degradation of the quality of experience (QoE) with frequent quality changes and playback interruptions because these schemes do not consider the content characteristics. In this paper, we propose a C-DASH (Content Characteristics based Dynamic Adaptive Streaming over HTTP) scheme in order to improve the QoE in DASH environments. The C-DASH scheme performs seamless and smooth quality control based on the segment throughput, buffer status, and segment size of the content. Based on simulation results, it is confirmed that the C-DASH scheme can improve the QoE, when compared with the existing quality control schemes.

• The KIPS Transactions:PartC
• /
• v.9C no.6
• /
• pp.865-874
• /
• 2002

HTTP (HyperText Transfer Protocol) is a transfer protocol used by the World Wide Web distributed hypermedia system to retrieve the objects. Because HTTP is a connection oriented protocol, it uses TCP (Transmission control Protocol) as a transport layer. But it is known that HTTP interacts with TCP badly. it is discussed about factors affecting the performance or HTTP over TCP, the transaction time obtained by the per-transaction TCP connections for HTTP access and the TCP slow-start overheads, and the transaction time for T-TCP (Transaction TCP) which is one or methods improving the performance or HTTP over TCP. Average waiting time and average turnaround time are important parameters to satisfy QoS (Quality of Service) of end users. Formulas for calculating two parameters are derived. Such formulas can be used for the environment in which each TCP or T-TCP transaction time is same or different. Some experiments and computational experiences indicate that the proposed formulas are well acted, can be applied to the environment which the extension of bandwidth is necessary, and time characteristics of T-TCP are superior to that of TCP. Also, the load distribution method of web server based on the combination of bandwidths is discussed to reduce average waiting time and average turnaround time.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.781-786
• /
• 2004

In these days, such services are popularized as E-commerce, E- government, multimedia services, and home networking applications. Most web traffics generated contemporarily basically use the Hyper Text Transfer Protocol(HTTP). Unfortunately, the HTTP is improper for these applications that comprise significant components of the web traffics. In this paper, we introduce a real-time contents compression architecture that maximizes the web service performance as well as reduces the response time. This architecture is built into the linux kernel-based web accelerating module. It guarantees not only the freshness of compressed contents but also the minimum time delay using an server-state adaptive algorithm, which can determine whether the server sends the compressed message considering the consumption of sewer resources when heavy requests reach the web server. Also, We minimize the CPU overhead of the web server by exclusively implementing the compression kernel-thread. The testing results validates that this architecture saves the bandwidth of the web server and that elapsed time improvement is dramatic.

• Journal of the Korea Computer Industry Society
• /
• v.6 no.2
• /
• pp.305-316
• /
• 2005

A heterogeneous webserver such as an HTTP server should be able to currently deal with numerous users. To the end, it is inevitable to formally analyze web traffics as well as a webserver itself. In particular, as most systems adopt HTTP 1.1 protocol instead of HTTP 1.0 protocol, it is more difficult to represent the system as a simple analytic mode. In addition, since most of previous models missed the detailed processes of the server, it is unsuitable for the current server based on HTTP 1.1 to tune itself with its own system parameters. On the basis of HTTP 1.1 Protocol supporting persistent connections, we thus present an analytical end-to-end tandem queueing model considering specific hardware configurations inside the webserver, which ultimately covers from accepting the customer requests to completing the services.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.545-554
• /
• 2004

WebDAV is a protocol to support collaboration among the workers in geographically distant locations through the Internet. WebDAV extends the web communication protocol HTTP/1.1 to provide a standard infrastructure for supporting asynchronous collaboration for various contents across the Internet. To provide the WebDAV functionality in legacy applications such as web-based collaborative systems or document management systems, those systems need to be implemented additionally to handle the WebDAV methods and headers information. In this paper, we developed an Apache-based WebDAV server, named DAVinci(WebDAV Is New Collaborative web-authoring Innovation)which supports the WebDAV specification. DAVinci was implemented as a form of service provider on a mod_dav Apache module. Mod_day, which is an Apache module, is an open source module to provide WebDAV capabilities in an Apache web server. We used a file system for storing resources and the PostgreSQL database for their properties. In addition, the system provides a consistency manager to guarantee that both resources and properties are maintained without inconsistency between resources and their properties.

• Proceedings of the CALSEC Conference
• /
• 2004.02a
• /
• pp.191-196
• /
• 2004

Web Service ·A software application identified by a URI, whose interface and bindings are capable of being defined, described, and discovered as XML artifacts A Web service supports direct interactions with other software agents using XML-based messages exchanges via Internet-based protocols(W3C) ·Utilize the WWW infrastructure ·Example ： http：//etech.kaist.ac.kr：8080/search.html(omitted)

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.27 no.11C
• /
• pp.1090-1096
• /
• 2002

The HTTP does not support continuity for browser-server interaction between successive visits or a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on X.509 public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.