• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.3
• /
• pp.162-168
• /
• 2014

Cross-Site Request Forgery is one of the attack techniques occurring in today's Web Applications. It allows an unauthorized attacker to send authorized requests to Web Server through end-users' browsers. These requests are approved by the Web Server as normal requests therefore unexpected results arise. The problem is that the Web Server verifies an end-user using his Cookie information. In this paper, we propose an enhanced CSRF defense scheme which uses Page Identifier and user password's hash value in addition to the Cookie value which is used to verify the normal requests. Our solution is simple to implement and solves the problem of the token disclosure when only a random token is used for normal request verification.

• The KIPS Transactions:PartC
• /
• v.18C no.3
• /
• pp.127-134
• /
• 2011

Malicious botnet has been used for more malicious activities, such as DDoS attacks, sending spam messages, steal personal information, etc. To prevent this, many studies have been preceded. But malicious botnets have evolved and evaded detection systems. In particular, HTTP GET Request attack that exploits the vulnerability of the application layer is used. ALAB of ALADDIN proposed by ETRI is DDoS attack detection system that HTTP GET, Incomplete GET request flooding attack detection algorithm is applied. In this paper, we extend Incomplete GET detection algorithm of ALAB and derive the optimal configuration parameters to verify the validity of the algorithm ALAB by the study of the normal and attack packets.

• Journal of Information Technology Services
• /
• v.18 no.2
• /
• pp.37-54
• /
• 2019

The purpose of this study is to present an evaluation model to measure the clarification level of stakeholder requirements of public sector software projects in the Republic of Korea. We tried to grasp the quality of proposal request through evaluation model. It also examines the impact of the level of stakeholder requirements on the level of system requirements. To do this, we analyzed existing research models and related standards related to business requirements and stakeholder requirements, and constructed evaluation models for the system operation concept documents in the ISO/IEC/IEEE 29148. The system operation concept document is a document prepared by organizing the requirements of stakeholders in the organization and sharing the intention of the organization. The evaluation model proposed in this study focuses on evaluating whether the contents related to the system operation concept are faithfully written in the request for proposal. The evaluation items consisted of three items: 'organization status', 'desired changes', and 'operational constraints'. The sample extracted 217 RFPs in the national procurement system. As a result of the analysis, the evaluation model proved to be valid and the internal consistency was maintained. The level of system operation concept was very low, and it was also found to affect the quality of system requirements. It is more important to clearly write stakeholders' requirements than the functional requirements. we propose a news classification methods for sentiment analysis that is effective for bankruptcy prediction model.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.611-616
• /
• 2003

Recently, the HFC-CATV network stand in a substructure of superhighway information network. Because of sharing up to 500 of subscribes, the Collision Resolution Algorithm needs in the upstream channel of HFC-CATV network. In order to provide Quality of Service (QoS) to users with real-time data such as voice, video and interactive service, the research of Collision Resolution Algorithm must include an effective priority scheme. In IEEE 802.14, the Collision Resolution Algorithm has high request delay because of static PNA(Priority New Access) slots structure and different priority traffics with the same probability. In order to resolve this problem, this paper proposed dynamic priority collision resolution algorithm with ternary tree algorithm. It has low request delay according to an increase of traffic load because high priority traffic first resolve and new traffic content with different probability. In the result of the simulation, it demonstrated that the proposed algorithm needs lower request delay than that of ternary tree algorithm with static PNA slots structure.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.9 no.6
• /
• pp.584-590
• /
• 2016

This paper proposed "Priority Scheduling and MultiPath Routing Protocol (RRPS) for preventing communication disruption in the urban environment" to minimize the disconnection or disruption of V2I and V2V communication in the urban environment where communication is frequently disconnected according to density. The flow of the RRPS is explained as follows. RSU Request Priority Scheduling (RRPS) is used to apply the priority of the request message prior to reaching the end line by using the Start Line and End Line, which are the management areas of the RSU). This paper also proposed MPRP (Multi Path Routing Protocol) design to set up the multipath to the destination. As a result, the proposed RRPS improves the processing efficiency of V2I by applying priority scheduling to the message of the vehicle requesting the information in the RSU, and can prevent the communication disconnection. Thereby, it is improved the transmission success probability.

• THE INTERNATIONAL COMMERCE & LAW REVIEW
• /
• v.69
• /
• pp.543-566
• /
• 2016

This article examines the Annulment Procedure of ICSID Arbitration Award. Although the ICSID annulment procedure is not substantially different from arbitration procedure, it does have certain unique features. Article 52 of the Convention provides that the application for annulment must be made within 120days after the date on which the award was rendered. ICSID Arbitration Rule 50, in turn, stipulates that a request for annulment of a award must: i)be addressed in writing to the Secretary-General; ii)identify the award to which it relates; iii)indicated the date of the application; and iv)state in detail the grounds for annulment on which it is based. The grounds for annulment are limited to those in Article 52(1) of the Convention. With respect to the possibility of waiving the right to annulment in advance, commentators are divided. Some authors admit the possibility of agreements eliminating the right to request annulment. Other authors, instead, have taken the position that parties cannot waive their right to annulment in advanced because no provision in the Convention allows the parties to do so, and thus the right to request annulment is inalienable. In accordance with Article 52(4), annulment decisions must comply with the requirements for awards stipulated in Article 48. Therefore; i)the committee decide questions by majority; ii)the decision must be in writing and must be signed by the members of the committee who voted for it; iii)any member of the committee may attach his individual opinion to the award; and iv)ICSID must not publish the decision without the consent of the parties. Finally, under Article 52(4), parties are not allowed to request the interpretation, revision, or annulment of a decision on annulment. Even if the committee allegedly manifestly exceeded its powers or engaged in any conduct sanctioned by Article 52(1), the parties cannot request the annulment of the decision on annulment.

• The Journal of Society for e-Business Studies
• /
• v.12 no.3
• /
• pp.33-47
• /
• 2007

The requirements have been changed during development progresses, since it is impossible to define all of software requirements. These requirements change leads to mistakes because the developers cannot completely understand the software's structure and behavior, or they cannot discover all parts affected by a change. Requirement changes have to be managed and assessed to ensure that they are feasible, make economic sense and contribute to the business needs of the customer organization. We propose a feature-oriented requirements change management method to manage requirements change with value analysis and feature-oriented traceability links including intermediate catalysis using features. Our approach offers two contributions to the study of requirements change: (1) We define requirements change tree to make user requirements change request generalize by feature level. (2) We provide overall process such as change request normalization, change impact analysis, solution dealing with change request, change request implementation, change request evaluation. In addition, we especially present the results of a case study which is carried out in asset management portal system in details.

• Journal of Korea Multimedia Society
• /
• v.9 no.9
• /
• pp.1107-1117
• /
• 2006

In this paper, a load balancing method using ring network structure in the Grid database is proposed. In the Grid database, generally, data is replicated for performance and availability. And, user's request is transferred to node and processed in that node which has target data. But, in such environment, a decline of performance can be occurred because unbalanced workload. A traditional research is proposed to solve unbalanced load problem. However, the Grid database has a number of systems and user's request always changes dynamically. Therefore, a traditional research can not be applied. The proposed method connects each node which has a same replicated data through ing network structure. If workload is overflowed in some node, user's request is transferred to a linked node which has a target data. And, this node stops another request processing until workload is decreased. Then, it changes the link structure through sending a message to a previous node, to stop request forwarding from a previous node. This paper shows a proposed method increases performance than existing research through performance evaluation and is more suitable for a complex and dynamic environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.12B
• /
• pp.1623-1635
• /
• 2011

Fourth-generation (4G) cellular communication systems must provide different quality-of-service (QoS) to users according to the service type, membership class, and usage case of each user. For the purpose of user's QoS differentiation, we propose an enhanced uplink random access scheme for bandwidth request. More specifically, we divide a bandwidth request channel into two parts: One is a primary region and the other is a secondary region. Then, each region has a unique minimum access class that allows only specific users to perform random access through that region. By doing so, we can reduce collision probability and increase the success probability of bandwidth request. From the perspective of standardization, we presented this scheme in the IEEE 802.16m Session #66 held on March 2010. As a result, the concept of the proposed scheme and required messages were defined in the 802.16m standard.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.10
• /
• pp.1248-1257
• /
• 1999

MDDS는 디스크 시스템의 성능을 향상시키기 위해 하이퍼큐브의 각 노드에 디스크 블록들을 분산 저장하며, 인접한 노드에서 분산 저장하고 있는 디스크 블록을 중복 저장하고 있는 디스크 시스템이다. 본 논문에서는 디스크 서비스 시간을 분석하기 위한 선행 연구로서 소스 노드에서 생성된 디스크 서비스 요구 메시지가 디스크 서비스를 제공하는 목적 노드에 수신될 때까지의 시간인 전송 시간을 분석한다. 이러한 메시지의 전송 시간을 분석하기 위해 이 메시지가 링크를 통해 전송되지 못하고 대기할 확률인 전송 대기 확률을 분석한다. 이들 메시지의 전송 대기 확률을 분석하기 위해 메시지가 각 링크에서 전송되지 못하고 대기해야 하는 시간인 전송 대기 시간을 분석한다. 또 디스크 서비스 요구 메시지의 전송을 위해 링크가 사용되는 비를 분석하며, 메시지의 전송 대기 확률, 전송 대기 시간, 메시지 전송을 위해 링크가 사용될 비를 이용하여 디스크 서비스 요구 메시지의 전송 시간을 분석한다. Abstract Mirrored Declustering Disk System(MDDS) is the disk system to enhance the performance of disk system for hypercube. In MDDS, each node stores the disk blocks using the declustering technique. And the node also duplicates the disk blocks stored in neighboring nodes. In this paper, as the leading research for analyzing the disk service time, we analyze the transmission time of the disk service request message from the source node to the destination node. To analyze the transmission time of disk service request message, we analyze the probability of blocking the message related to the disk service request. For the analysis of the blocking probability, we analyze the blocking time at the link. We also analyze the rate at which the transmission link is used for transferring the disk service requests. And we analyze the transmission time of disk service request message by using the blocking probability, the blocking time, and the usage rate of link for transmitting the message.