• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• Journal of the Korean Society for Marine Environment & Energy
• /
• v.17 no.1
• /
• pp.27-35
• /
• 2014

The headspace solid-phase microextraction (HS-SPME) followed by gas chromatography/mass spectrometry procedure has been developed for the simultaneous determination of petroleum aromatic hydrocarbons such as benzene, toluene, ethylbenzene and xylene isomers (BTEX) and polycyclic aromatic hydrocarbons (PAHs) in seawater. The advantages of SPME compared to traditional methods of sample preparation are ease of operation, reuse of fiber, portable system, minimal contamination and loss of the sample during transport and storage. SPME fiber, extraction time, temperature, stirring speed, and GC desorption time were key extraction parameters considered in this study. Among three kinds of SPME fibers, i.e., PDMS ($100{\mu}m$), CAR/PDMS ($75{\mu}m$), and PDMS/DVB ($65{\mu}m$), a $65{\mu}m$ PDMS/DVB fiber showed the most optimal extraction efficiencies covering molecular weight ranging from 78 to 202. Other extraction parameters were set up using $65{\mu}m$ PDMS/DVB. The final optimized extraction conditions were extraction time (60 min), extraction temperature (50), stirring speed (750 rpm) and GC desorption time (3 min). When applied to artificially contaminated seawater like water accommodated fraction, our optimized HS-SPME-GC/MS showed comparable performances with other conventional method. The proposed protocol can be an attractive alternative to analysis of BTEX and PAHs in seawater.