• Journal of Information Processing Systems
• /
• v.6 no.4
• /
• pp.563-574
• /
• 2010

The growing number of web applications in the global economy has made it critically important to develop secure and reliable software to support the economy's increasing dependence on web-based systems. We propose an intercepting filter approach to mitigate the risk of injection flaw exploitation- one of the most dangerous methods of attacking web applications. The proposed approach can be implemented in Java or .NET environments following the intercepting filter design pattern. This paper provides examples to illustrate the proposed approach.

• Convergence Security Journal
• /
• v.12 no.3
• /
• pp.99-106
• /
• 2012

Today, the typical web hacking attacks are cross-site scripting(XSS) attacks, injection vulnerabilities, malicious file execution and insecure direct object reference included. Web hacking security systems, access control solutions, access only to the web service and flow inside but do not control the packet. So you have been illegally modified to pass the packet even if the packet is considered as a unnormal packet. The defense system is to fail to appropriate controls. Therefore, in order to ensure a successful web services diagnostic system development is necessary. Web application diagnostic system is real and urgent need and alternative. The diagnostic system development process mu st be carried out step of established diagnostic systems, diagnostic scoping web system vulnerabilities, web application, analysis, security vulnerability assessment and selecting items. And diagnostic system as required by the web system environment using tools, programming languages, interfaces, parameters must be set.

• The Journal of the Korea Contents Association
• /
• v.10 no.8
• /
• pp.111-118
• /
• 2010

The OSGi platform is a Java-based component platform that is being widely used from environments for the application development to enterprise software. The OSGi platform provides dynamic and transparent installation for open environments. However, it open new attacks so that many researches try to solve OSGi vulnerability. Security flaws in OSGi platform are categorized two parts: the JVM and the OSGi platform itself. We focus on vulnerability by OSGi platform itself, particularly service injection. We identify the service injection attack and suggest secure mechanisms to prevent the attack. Those mechanisms are implemented, providing a few modification to the Knopflerfish OSGi implementation and are evaluated through comparing with existing mechanisms.

• Korean Chemical Engineering Research
• /
• v.48 no.4
• /
• pp.490-498
• /
• 2010

The optimum mold design and the optimum process condition were constructed upon executing process simulation of rubber injection molding with the commercial CAE program of MOLDFLOW(Ver. 5.2) in order to solve the process-problems of K company relating to air-traps and short-shots. The former occurs at the cavity edge of torque-rod-bush and the latter takes place for the injection molding of dynamic dampers. As a result the process problem relating to air traps was solved by optimizing edge-angle and the number of gates to prevent the flow congestion of flow-front and to make the flow-front movement unaffected by congestion. For dynamic dampers of K company the unmolded flaw caused by their unfilled cavity was corrected by installing the air-vent at the confronting locations of both upstream and downstream of flow-front where air traps frequently occur. Besides the unmolded flaws were rectified by altering the position of gate from the upper to the middle or by increasing the number of gates. Thus the process problems of K company relating to air-traps and short-shots of torque-rod-bush and dynamic dampers, respectively, were solved by proper altering of mold design with process simulation of rubber injection molding.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.309-320
• /
• 2019

Blockchain has been developed as a key technology for many cryptocurrency systems such as Bitcoin. These days, blockchain technology attracts many people to adopt it to various fields beyond cryptocurrency systems for their information sharing and processing. However, with the development and increasing adoption of the blockchain, security incidents frequently happen in the blockchain systems due to their implementation flaws. In order to solve this problem, in this paper, we analyze the software vulnerabilities of Bitcoin and Ethereum, which are the most widely used blockchain applications in real world. For that purpose, we conduct an in-depth analysis of source code of them to detect software vulnerabilities, and examine an OS command injection attack exploiting the detected ones.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.10
• /
• pp.499-508
• /
• 2016

Injection molding is a method for manufacturing many products, wherein a plasticized resin is injected into a mold at high pressure and hardened. According to the method, the product can be manufactured into various forms, and the mass production of up to tens of thousands of products is possible. The purpose of this study was to determine the process conditions for manufacturing a door latch for automobiles, through an analysis of the injection molding method. To calculate an appropriate injection flow for injection molding, a primary analysis for comparing the injection time, pressure, flow pattern, consolidation range, shear stress, shear rate, and weld line, as well as a secondary analysis for determining the conditions for stabilizing the molding temperature, holding pressure, and cooling process, were conducted. The characteristics of injection molding, and their influence on the product quality are discussed. No weld line and pores were observed on the products that had been manufactured based on the process conditions determined above. In addition, there were no flaws regarding the deformation compared to the prototype. Therefore, the manufacture of a product under the conditions determined in this study can reduce the defect rate compared to the existing production, and the process is also more competitive due to reduced production time.

• Journal of the Korean Society of Manufacturing Technology Engineers
• /
• v.21 no.6
• /
• pp.1013-1017
• /
• 2012

Advanced composite-sintered bushings are widely utilized in the areas of excavators and injection molding machines as a journal bearing. Since the bearings are mainly used under high loads, service life should be long and the stored oil of inner bushings has to be continually fed into the bearing. The composite-sintered bushings are consisted of the two different materials; outer steel materials and inner porous sintered materials respectively. High temperature diffusion bonding has been applied for holding the both materials of the bushing together. Therefore, it is very important that the bonding reliability has to be assured and evaluated in manufacturing process. Finite element method (FEM) is performed in order to evaluate the minimum allowable flaw sizes that are possibly generated in the composite-sintered bushings. Additionally, the composite-sintered bushings were undergone ultrasonic C-scan tests to find out the size of inherent flaws through artificially simulated UT signal analysis.