• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.397-404
• /
• 2016

Illegal and harmful contents on the Internet has been an issue and been increased in Korea. They are often posted on the billboard and website of small enterprise and government office. Those illegal and harmful contents can relate to crime and suspicious activity, so, we need a detection system. However, to date the detection itself has been conducted manually by a person. In this paper, we develop an automated URL detection scheme for detecting a drug trafficking by using Google. This system works by analyzing the frequently used keywords in a drug trafficking and generate a keyword dictionary to store words for future search. The suspected drug trafficking URL are automatically collected based on the keyword dictionary by using Google search engine. The suspicious URL can be detected by classifying and numbering each domain from the collection of the suspected URL. This proposed automated URL detection can be an effective solution for detecting a drug trafficking, also reducing time and effort consumed by human-based URL detection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.481-491
• /
• 2020

The malicious URLs which can be used for sending malicious codes and illegally acquiring private information is one of the biggest threat of information security field. Particularly, recent prevalence of smart-phone increases the possibility of the user's exposing to malicious URLs. Since the way of hiding the URL from the user is getting more sophisticated, it is getting harder to detect it. In this paper, after conducting a survey of the user experiences related to malicious URLs, we are proposing the rule-based malicious URL detection method. In addition, we have developed java library which can be applied to any other applications which need to handle the malicious URL. Each class of the library is implementation of a rule for detecting a characteristics of a malicious URL and the library itself is the set of rule which can have the chain of rule for deteciing more complicated situation and enhancing the accuracy. This kinds of rule based approach can enhance the extensibility considering the diversity of malicious URLs.

• Proceedings of the Korean Information Science Society Conference
• /
• 1998.10a
• /
• pp.486-488
• /
• 1998

인터넷 사용의 증가로 인한 정체 현상을 극복하기 위한 방안으로 캐시 서버를 사용하고 있다. 캐시 서버의 보다 효율적인 사용을 위해 할당 네트웍의 트래픽에 대한 이해는 매우 중요하다. 즉, 보다 적극적인 캐싱 전략을 수립하기 위해 트래픽 분석이 선행되어야한다. 본 논문에서는 URL- tree와 URL-net이라는 자료구조를 제안하고, 이것을 이용하여 웹 트래픽 분석을 수행한다. 이러한 자료구조를 통해 웹 트래픽에 존재하는 '참조의 연결성'이라는 성질을 찾을 수 있다. 본 논문에서는 위의 두 자료구조들이 인터넷 트래픽을 분석하는데 어떻게 도움을 주고 그러한 분석이 효율적인 캐싱 전략을 수립하는데 어떻게 사용될 수 있는가를 보여준다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04a
• /
• pp.418-420
• /
• 2000

본 연구에서는 인터넷상에 존재하는 웹 사이트를 새로운 도메인 네임으로 연결시켜주는 URL forwarding 서버를 설계 및 구현하였다. URL forwarding 서버는 수많은 인터넷 사용자들의 웹 사이트를 간단하고 다양한 형태의 URL로 매핑 시켜준다. URL forwarding 서버는 HTTP 프로토콜에서 redirection 응답코드를 기반으로 구현되었으며 Linux 시스템에서 실험을 하였다. 본 논문에서는 HTTP와 forwarding 서버를 서로 비교 분석하여 고찰해보고 구현된 forwarding 서버의 동작에 대해서 알아본다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.2
• /
• pp.239-249
• /
• 2003

A lot many WWW sites are come into the world more and more as Web is considered as the unified Internet information tool. The location of each site or resource is usually specified by a physical URL, which is often too long to remember and tends to raise difficulty to show the aim of the site intuitively by seeing it. Since any person or organization can get his/her own domain name easily, it is more desirable to use a logical URL with the domain name which can be chosen more compact to remember and meaningful to represent the ultimate intention of the site. This paper presents an implementation of a URL forwarding server which forwards a URL to another, so that a WWW site can use a logical URL instead of a physical one. The server consists of a domain mapper which uses the redirection transaction of the HTTP protocol, and a name server based on the HIND. The paper shows how the interaction between the domain mapper and the name sever can make forwarding possible and describes its implementation in detail. Experimental results shows that the overhead incurred by URL forwarding is negligible compared to the typical delay of current Internet traffic condition.

• Journal of Information Management
• /
• v.34 no.2
• /
• pp.55-66
• /
• 2003

The Web is rich with various sources of information. It contains the contents of documents, multimedia data, shopping materials and so on. Due to the massive and heterogeneous web document collections, users want to find various types of target pages. We can classify user queries as three categories according to users'intent, content search, the site search, and the service search. In this paper, we present that different strategies are needed to meet the need of a user. Also we show the properties of content information, link information and URL information according to the class of a user query. In the content search, content information showed the good result. However, we lost the performance by combining link information and URL information. In the site search, we could increase the performance by combining link information and URL information.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.04a
• /
• pp.367-369
• /
• 2000

에이전트의 객체가 사용자의 요구에 맞는 에이전트 시스템으로 이동하여 사용자의 요구를 충족시키기 위한 이동성은 이동 에이전트 시스템에서 가장 기본적이고도 중요한 문제이다. 이동성을 증가시키기 위해 URL을 이용한 많은 연구가 이루어져 왔다. 하지만 URL은 위치 의존성을 가지고 있기 때문에 이동 하고자 하는 에이전트 시스템의 위치가 달라지면 에이전트의 이동이 불가능해지고 가진고 있는 URL정보는 아무 쓸모가 없어진다는 문제를 가지고 있다. 이에 본 논문에서는 기존의 URL을 이용한 이동성 구현의 문제점을 보완하고자, URL 그리고 URC데이터 베이스를 이용한 에이전트 프로그램 언어를 설계하려 한다. 또한 에이전트 이동을 위하여 URN을 URC 데이터 베이스를 이용하여 URL로 매핑 시키는 과정에 있어서는 Resource Monitor이라는 개념을 이용하여 좀더 효과적인 방법을 제시한다. 이러한 이동성이 극대화된 에이전트는 사용자에게 보다나은 서비스를 제공할 것으로 기대된다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.01a
• /
• pp.119-122
• /
• 2019

최근 웹 변조 공격은 대형 포탈, 은행, 학교 등 접속자가 많은 홈페이지에 악성 URL을 불법 삽입하여 해당 URL을 통해 접속자 PC에 자동으로 악성코드 유포하고 대규모 봇넷(botnet)을 형성한 후 DDoS 공격을 수행하거나 감염 PC들의 정보를 지속적으로 유출하는 형태로 수행된다. 이때, 홈페이지에 삽입되는 악성 URL은 탐지가 어렵도록 Javascript 난독화 기법(obfuscation technique) 등으로 은밀히 삽입된다. 본 논문에서는 웹 소스코드에 은닉된 악성 Javascript URL들에 대한 일괄 점검체계를 제안하며, 구현된 점검체계의 prototype을 활용하여 점검성능에 대한 시험결과를 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.6
• /
• pp.473-484
• /
• 2013

Shorten URL service is the method of using short URL instead of long URL, it redirect short url to long URL. While the users of microblog increased rapidly, as the creating and usage of shorten URL is convenient, shorten url became common under the limited length of writing on microblog. E-mail, SMS and books use shorten URL well, because of its simplicity. But, there is no relativeness between the most of shorten URLs and their target URLs, user can not expect the target URL. To cover this problem, there is attempts such as changing the shorten URL service name, inserting the information of website into shorten URL, and the usage of shortcode of physical address. However, each ones has the limits, so these are the trouble of automation, relatively long address, and the narrowness of applicable targets. SHRT is complementary to the attempts, as getting the idea from the writing system of Arabic. Though the writing system of Arabic has no vowel alphabet, Arabs have no difficult to understand their writing. This paper proposes SHRT, new method of URL Shortening. SHRT makes user guess the target URL using Relative word of the lowest domain of target URL without vowels.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.881-891
• /
• 2023

Recently, various studies on malicious URL detection using artificial intelligence have been conducted, and most of the research have shown great detection performance. However, not only does classical machine learning require a process of analyzing features, but the detection performance of a trained model also depends on the data analyst's ability. In this paper, we propose a DL-ML Fusion Hybrid Model for malicious web site URL detection based on URL lexical features. the propose model combines the automatic feature extraction layer of deep learning and classical machine learning to improve the feature engineering issue. 60,000 malicious and normal URLs were collected for the experiment and the results showed 23.98%p performance improvement in maximum. In addition, it was possible to train a model in an efficient way with the automation of feature engineering.