• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.959-962
• /
• 2006

최근 고객의 컴퓨터와 개인 정보를 보호하기 위하여 개인용 컴퓨터 방화벽과 바이러스 백신의 사용이 점차 증가하고 있다. 그러나 개인용 컴퓨터 방화벽과 바이러스 백신은 이미 존재하거나 발견된 해킹 툴과 바이러스에 대해서만 개인 정보를 보호하기 때문에 한계가 존재한다. 따라서 원천적으로 개인 정보의 유출을 막을 수 있는 솔루션이 필요하다. 그 대표적인 것이 키로그(Keylog) 해킹방지 시스템이다. 이 시스템에서는 키보드의 입력을 암호화하거나 별도의 키보드 드라이버를 생성하여 개인 정보를 보호한다. 하지만 암호화하기 전 단계인 하드웨어 단계에서 개인 정보 유출과 오류로 인한 시스템의 미설치의 문제점이 여전히 존재한다. 본 논문에서는 웹사이트에서 발생하는 이러한 문제점들을 극복하기 위한 하나의 방법으로 KLD(Keyboard Logger Defense) 시스템을 제안하였다. 이 시스템은 키보드 사용으로 발생되는 근본적인 문제점을 해결하기 위하여 웹기반 마우스 입력방식을 사용하였고, 테스트 결과 기존 키로거(Keylogger) 프로그램에 대해서 입력한 키 데이터가 보호됨을 알 수 있었다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.11
• /
• pp.2459-2464
• /
• 2012

Many companies has led to the damage case being leaked to personal information by taking cyber attack. Also, planned hacking cases continues to increase for the purpose of acquiring monetary gain or causing social disruption induction, etc. Approximately 75% of the Web site attacks exploit the vulnerability of the application. Major security issue is to strengthen the S/W development security according to the legal basis. The members of the project team is the fact that the lack of recognition of application development security. In addition, passive response and security validation/testing, etc. throughout the SDLC to the entire area is insufficient. Therefore, rework due to the belated discovery of a defect has occurs. In this paper, we examine the case of the project step-by-step security activities by performing IT services companies. And, through this, we present security measures that can be applied to the step-wise real-world projects.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.3
• /
• pp.87-96
• /
• 2014

Hackers try to achieve their purpose in a variety of ways, such as operating own website and hacking a website. Hackers seize a large amount of private information after they have made a zombie PC by using malicious code to upload the website and it would be used another hacking. Almost detection technique is the use Snort rule. When unknown code and the patterns in IDS/IPS devices are matching on network, it detects unknown code as malicious code. However, if unknown code is not matching, unknown code would be normal and it would attack system. Hackers try to find patterns and make shellcode to avoid patterns. So, new method is needed to detect that kinds of shellcode. In this paper, we proposed a noble method to detect the shellcode by using Shannon's information entropy.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.464-472
• /
• 2017

In the ICT (Information and Communication Technology) convergence security environment, a lot of companies use an external public web system for the external disclosure and sharing of product information, manufacturing technology, service manualsand marketing materials. In this way, the web system disclosed on the Internet is an important aspect of cyber security management and has an always-on vulnerability requiringan information protection solution and IT vulnerability checks. However, there are limits to vulnerability detection management in anexternal environment. In this study, in order to solvethese problems, we constructed a system based on digital forensics and conducted an empirical study on the detection of important information in enterprises by using forensic techniques. It was found thatdue to the vulnerability of web systems operated in Korea and overseas, important information could be revealed,such as the companies' confidential data and security management improvements. In conclusion, if a system using digital forensic techniques is applied in response to theincreasing number of hacking incidents, the security management of vulnerable areas will be strengthened and the cyber security management system will be improved.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.2
• /
• pp.76-86
• /
• 2016

SQL Injection attacks are the most widely used and also they are considered one of the oldest traditional hacking techniques. SQL Injection attacks are getting quite complicated and they perform a high portion among web hacking. The big data environments in the future will be widely used resulting in many devices and sensors will be connected to the internet and the amount of data that flows among devices will be highly increased. The scale of damage caused by SQL Injection attacks would be even greater in the future. Besides, creating security solutions against SQL Injection attacks are high costs and time-consuming. In order to prevent SQL Injection attacks, we have to operate quickly and accurately according to this data analysis techniques. We utilized data analytics and machine learning techniques to defend against SQL Injection attacks and analyzed the execution plan of the SQL command input if there are abnormal patterns through checking the web log files. Herein, we propose a way to distinguish between normal and abnormal SQL commands. We have analyzed the value entered by the user in real time using the automated SQL Injection attacks tools. We have proved that it is possible to ensure an effective defense through analyzing the execution plan of the SQL command.

• Journal of Internet Computing and Services
• /
• v.5 no.3
• /
• pp.11-23
• /
• 2004

It is easy to access to the infinity information and programs, but it gives rise to the side effect. There are many side effects(ex. Hacking, Cracking, expose the personal information, etc). Nowadays, the computer virus raise the serious problems. The making program called Vaccine is work out a count measure. The Anti-Virus programs install on the client side computer and upgrade by downloading on the server's signature, the latest date, the program bound both of them is shown, but these programs have the defect that they have no remote control and no signature update because user's unconcern, This paper reported the research of existing virus infecting technology and the development of Web based Anti-Virus Scanner using the remote control on the internet server. Through this paper, I want to set up the counter measure for new virus easily, and to make more fast the vaccine for virus.

• Journal of Digital Convergence
• /
• v.13 no.2
• /
• pp.177-183
• /
• 2015

Cross Site Scripting enables hackers to steal other user's information (such as cookie, session etc.) or to do abnormal functions automatically using vulnerability of web application. This attack patterns of Cross Site Scripting(XSS) can be divided into two types. One is Reflect XSS which can be executed in one request for HTTP and its reply, and the other is Stored XSS which attacks those many victim users whoever access to the page which accepted the payload transmitted. To correspond to these XSS attacks, some measures have been suggested. They are data validation for user input, output validation during HTML encoding procedures, and removal of possible risk injection point to prevent from trying to insert malicious code into web application. In this paper, the methods and procedures for these two types are explained and a penetration testing is done. With these suggestions, the attack by XSS could be understood and prepared by its countermeasures.

• International Journal of Contents
• /
• v.5 no.3
• /
• pp.50-56
• /
• 2009

Internet is being used for several activities by a great range of users. These activities include communication, e-commerce, education, and entertainment. Users are required to register regarding website in order to enroll web activities. However, registration can be done by automated hacking software. That software make false enrollments which occupy the resources of the website by reducing the performance and efficiency of servers, even stop the entire web service. It is crucial for the websites to have a system which has the capability of differing human users and computer programs in reading images of text. Completely Automated Public Turing Test to Tell Computers and Human Apart (CAPTCHA) is such a defense system against Optical Character Recognition (OCR) software. OCR can be defined as software which work for defeating CAPTCHA images and make countless number of registrations on the websites. This study proposes a new CAPTCHA context that is Korean CAPTCHA by means of the method which is splitting CAPTCHA images into several parts with random rotation values, and drawing random lines on a grid background by using Korean characters only. Lines are in the same color with the CAPTCHA text and they provide a distortion of image with grid background. Experimental results show that Korean CAPTCHA is a more secure and effective CAPTCHA type for Korean users rather than current CAPTCHA types due to the structure of Korean letters and the algorithm we are using: rotation and splitting. In this paper, the algorithm of our method is introduced in detail.

• Journal of Industrial Convergence
• /
• v.21 no.3
• /
• pp.181-188
• /
• 2023

The e-Government standard framework provides overall technologies such as reuse of common components for web environment development such as domestic government/public institutions, connection of standard modules, and resolution of dependencies. However, in a standardized development environment, there is a possibility of updating old versions according to core versions and leakage of personal and confidential information due to hacking or computer viruses. This study directly analyzes security vulnerabilities focusing on websites that operate eGovFrame in Korea. As a result of analyzing/classifying vulnerabilities at the internal programming language source code level, five items associated with representative security vulnerabilities could be extracted again. As a countermeasure against this, the security settings and functions through the 2 steps (1st and 2nd steps) and security policy will be explained. This study aims to improve the security function of the e-government framework and contribute to the vitalization of the service.