• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.73-79
• /
• 2008

Nowadays, all over the world's banks use internet banking through various authentication methods. Although there are strong authentication methods using OTP (One Time Password), there still has vulnerability from sophisticated attacks such as MITM (Man In The Middle). This letter proposes signing-based authentication protocol that copes with attacks, such as MITB (Man In The Browser), and provides non-repudiation function. The protocol shows generic method to prevent the sophisticated attacks through connecting advantages from OTP and PKI (Public Key Infrastructure) certificate, and that can be deployed to various extended form in internet banking.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.635-643
• /
• 2014

Most of the web-based services are provided by a web browser. A web browser receives a text-based web page from the server and translates the received data for the user to view. There are a myriad of add-ons to web browsers that extend browser features. The browser's add-ons may access web pages and make changes to the data. This makes web-services via web browsers are vulnerable to security threats. A web browser stores web page data in memory in the DOM structure. One method that prevents modifications to web page data applies hash values to certain parts in the DOM structure. However, a certain characteristic of web-pages renders this method ineffective at times. Specifically, the user-input data is not pre-determined, and the hash value cannot be calculated prior to user input. Thus the modification to the data cannot be prevented. This paper proposes a method that both detects and inhibits any attempt to change to user-input data. The proposed method stores user-input from the keyboard and makes a comparison with the data transmitted from the web browser to detect any anomalies.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.744-746
• /
• 2015

EDMS(Enterprise Document Management System) is generally as an office business management solutions in the form of an application running in a Web browser environment, has been utilized as an Electronic Document Management System. This system, users access the browser has led to inconvenience not easy. For for ease of use this, how to implement a system that can be used to operate the EDMS on the screen of the Windows Explorer, in this study, are presented.

• Proceedings of the IEEK Conference
• /
• 2000.06c
• /
• pp.129-132
• /
• 2000

It is difficult to find web contents for visual disabilities in spite of rapid growing internet users, infrastructures and advance of computer technology. For the case of usenet newsgroup concerning disabilities, hit rate is even less than E-mail because of lack of accessibility, educational support and economical expense for internet. This paper is addressed to voice usenet newsgroup service by using telephone or web browser for visual disabilities without additional S/W support such as 775, usenet program and installation program, suggests a design method and an implementation example for it. Main features of it are easiness of man machine interface, popularity of access device such as telephone or web browser and independency of particular news server by using NNTP. This system supports general MIME format, is implemented for usenet server of Korean Social Worker's Community and will be implemented for Gomduri InfoNet BBS of Korean Society for Rehabilitation of Persons with Disabilities.

• Review of KIISC
• /
• v.20 no.6
• /
• pp.17-27
• /
• 2010

전자금융거래는 사용자의 컴퓨터에 악성 프로그램이 설치될 수 있다는 환경에서도 신뢰성 있는 서비스가 요구된다. 하지만 국내의 전자금융거래는 아직까지 MITB(Man-In-The-Browser)공격에 취약한 상태이다. 이 논문에서는 MITB 공격의 동작원리와 그 대응방법에 대해 논의하며, 이를 바탕으로 QR코드를 활용한 승인방법을 제안한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.6
• /
• pp.492-500
• /
• 2013

The One-Time Password(OTP) Generator is used as a multi-factor authentication method to ensure secure transaction during e-Financial transaction in the bank and securities company. The OTP based e-Financial Transaction Verification Protocol ensures secure e-financial transaction through confirming the user's identity using OTP authentication information and counters not only Man-in-the-Browser(MITB) attacks but also memory hacking attacks. However, it is possible to generate correct OTPs due to potential of stealing sensitive information of the OTP generator through intelligent phishing, pharming, social engineering attacks. Therefore, it needs another scheme to prevent from above threats, and this paper proposes advanced scheme using Physical Unclonable Functions(PUFs) to solve these problems. First, it is impossible to generate the same OTP values because of the hysically unclonable features of PUFs. In addition, it is impossible to clone OTP generator with hardware techniques. Consequently, the proposed protocol provides stronger and more robust authentication protocol than existing one by adding PUFs in the OTP generator.

• Transactions of the Korean Society of Automotive Engineers
• /
• v.14 no.4
• /
• pp.107-114
• /
• 2006

Material selection is one of the important activities in design and manufacturing. A selected material at the conceptual design stage affects functionality of the designed part as well as manufacturability and cost of the final product. Unfortunately there are not many accessible material databases that can be used for design. In this research, a web-based material database was constructed. In order to assist designers to compare different materials, two-dimensional and three-dimensional graphs were provided via the web browser Using these graphical tools, multi-dimensional comparison was available in more intuitive manner. As a case study, this system was applied for material selection of an automotive engine pulley.

• Journal of KIISE:Computing Practices and Letters
• /
• v.11 no.2
• /
• pp.101-111
• /
• 2005

The present web informations are mainly described in terms of HTML, which users obtain through input devices such as mouse, keyboard, etc. Thus the existing GUI environment have not supported human's most natural information acquisition means, that is, voice. To solve the problem, several vendors are developing voice user interface. However these products are deficient in man -machine interactivity and their accommodation of existing web environment. This paper presents a VUI(Voice User Interface) supporting web browser by utilizing more and more maturing speech recognition technology and VoiceXML, a markup language derived from XML. It provides users with both interfaces, VUI as well as GUI. In addition, XML Island technology is applied to the bowser in a way that VoiceXML fragments are nested in HTML documents to accommodate the existing web environment. Also for better interactivity, dialogue scenarios for menu, bulletin, and search engine are suggested.

• Proceedings of the KIEE Conference
• /
• 2002.11c
• /
• pp.183-187
• /
• 2002

This paper proposes a remote control system that combines computer network and an autonomous mobile robot. We control remotely an autonomous mobile robot with vision via the internet to guide it under unknown environments in the real time. The main feature of this system is that local operators need a World Wide Web browser and a computer connected to the internet communication network and so they can command the robot in a remote location through our Home Page. This system offers an image compression method using motion H.263 concept which reduces large time delay that occurs in network during image transmission.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.1 s.39
• /
• pp.55-61
• /
• 2006

Multimedia title needs player that depends upon operate system. This raises problems of data compatibility and resource consumption by overlapping development of player. To solve problems, we propose a method which produce multimedia title contents to internet document and then display on internet browser. Contents in multimedia title are transcoded to internet pages, having greate quality, based on CSS Layer for spatial synchronization of multimedia data. This method converts existing DB into XML for multimedia title including personal information. Therefore, XML data and resource information is playable by private multimedia player. Consequently, user can display multimedia content without player using internet browser in anytime.