• The KIPS Transactions:PartC
• /
• v.9C no.2
• /
• pp.181-188
• /
• 2002

There are recently a lot of inconvenience because every client should be set to the proxy server on the browser in order to control the access by means of the client authentication in the proxy server. The client authentication technology using the transparency cache in this paper will be transparently used for every user in the internet which option of the authentication function is simply set in the cache server. In addition, the administrator will get the benefit since he can control the traffic of each client and strengthen the security. And also, this system is expected to use in the eCRM deeply rotated to the tendency of the client in the field of the e-commerce like shopping mall in the internet since the administrator can monitor the pattern of the client using the internet. This technique can be applied to the company affiliated research center, the EC website, and the military where it is essential for the tight security even though there are no additional security devices.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.7 no.1
• /
• pp.90-99
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients' browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, and annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• The KIPS Transactions:PartA
• /
• v.9A no.3
• /
• pp.301-310
• /
• 2002

Internet has been applied to the educational field such as data search, lecture by motion picture, realtime examination. Most questions made for these remote examinations use methods of making questions randomly using fixed questions or item pools. The designed system in this paper makes questions without knowing MARK-UP language and after undergoing examinations on Web. Also it readjusts degree of difficulty automatically on the basis of the rate of correct answers. In addition, this enables learners to perform feedback learning after examinations and subsequently learners themselves to adjust their degree of difficulty and undergo reexaminations. The automatic selection system makes it easy to select questions, possible to expect average marks and number of questions made, and to prevent that questions may be made too easy or too hard. For a remote examination, as there are much possibilities of dishonesty such as examination by proxy so different types of problems are made, and problems of the rationality caused from that can be avoided.

• Convergence Security Journal
• /
• v.11 no.6
• /
• pp.9-15
• /
• 2011

It is difficult to identify attack requests from normal ones when those attacks are based on CSRF which enables an attacker transmit fabricated requests of a trusted user to the website. For the protection against the CSRF, there have been a lot of research efforts including secret token, custom header, proxy, policy model, CAPTCHA, and user reauthentication. There remains, however, incapacitating means and CAPTCHA and user reauthentication incur user inconvenience. In this paper, we propose a method to detect CSRF attacks by analyzing the structure of websites and the usage patterns. Potential victim candidates are selected and website usage patterns according to the structure and usage logs are analyzed. CSRF attacks can be detected by identifying normal usage patterns. Also, the proposed method does not damage users' convenience not like CAPTCHA by requiring user intervention only in case of detecting abnormal requests.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5C
• /
• pp.523-531
• /
• 2003

Java applets are downloaded from web server through internet and executed in Java Virtual Machine of clients'browser. Before execution of java applets, JVM checks bytecode program with bytecode verifier and performs runtime tests with interpreter. However, these tests will not protect against undesirable runtime behavior of java applets, such as denial of service attack, email forging attack, URL spoofing attack, or annoying sound attack. In order to protect malicious applets, a technique used in this paper is java bytecode modification. This technique is used to restrict applet behavior or insert code appropriate to profiling or other monitoring efforts. Java byte modification is divided into two general forms, class-level modification involving subclassing non-final classes and method-level modification used when control over objects from final classes or interface. This paper showed that malicious applets are controlled by java bytecode modification using proxy server. This implementation does not require any changes in the web sever, JVM or web browser.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.9
• /
• pp.435-444
• /
• 2007

Caching web pages is an important part of web infrastructures. The effects of caching service are even more pronounced for wireless infrastructures due to their limited bandwidth. Medium to large-scale infrastructures deploy a cluster of servers to solve the scalability problem and hot spot problem inherent in caching. In this paper we present scheduling scheme based on cache utilization in a wireless internet proxy server cluster environment. The proposed method uses cache utilization for distributing evenly client requests to a cluster of cache servers and solving hot spot problem. We have implemented our approach and performed various experiments using publicly available traces. Experimental results on a cluster of 16 cache servers demonstrate that the proposed hashing method gives 45% to 114% Performance improvement over other widely used methods while addressing the hot spot problem.

• The KIPS Transactions:PartB
• /
• v.12B no.7 s.103
• /
• pp.775-782
• /
• 2005

In this paper, we propose multicast technique in order to reduce the required network bandwidth by n times, by merging the adjacent multicasts depending on the number of HENs (Head-End-Nodes) n that request the same video. Allowing new clients to immediately join an existing multicast through patching improves the efficiency of the multicast and offers services without any initial latency. A client might have to download data through two channels simultaneously, one for multicast and the other for patching. The more the frequency of requesting the video is, the higher the probability of caching it among HENs increases. Therefore, the requests for the cached video data can be served by HENs. Multicast from server is generated when the playback time exceeds the amount of cached video data. Since the interval of multicast can be dynamically expanded according to the popularity of videos, it can be reduced the server's workload and the network bandwidth. We perform simulations to compare its performance with that of conventional multicast. From simulation results, we confirm that the Proposed multicast technique offers substantially better performance.

• Journal of Information Science Theory and Practice
• /
• v.10 no.4
• /
• pp.53-65
• /
• 2022

Altmetrics or alternative metrics gauge the digital attention received by scientific outputs from the web, which is treated as a supplement to traditional citation metrics. In this study, we performed a meta-analysis of correlations between classic citation metrics and altmetrics indicators of library and information science (LIS) articles. We followed the systematic review method to select the articles and Erasmus Rotterdam Institute of Management Guidelines for reporting the meta-analysis results. To select the articles, keyword searches were conducted on Google Scholar, Scopus, and ResearchGate during the last week of November 2021. Eleven articles were assessed, and eight were subjected to meta-analysis following the inclusion and exclusion criteria. The findings reported negative and positive associations between citations and altmetric indicators among the selected articles, with varying correlation coefficient values from -.189 to 0.93. The result of the meta-analysis reported a pooled correlation coefficient of 0.47 (95% confidence interval, 0.339 to 0.586) for the articles. Sub-group analysis based on the citation source revealed that articles indexed on the Web of Science showed a higher pooled correlation coefficient (0.41) than articles indexed in Google Scholar (0.30). The study concluded that the pooled correlation between citation metrics with altmetric indicators was positive, ranging from low to moderate. The result of the study gives more insights to the scientometrics community to propose and use altmetric indicators as a proxy for traditional citation indicators for quick research impact evaluation of LIS articles.

• Journal of Korea Multimedia Society
• /
• v.7 no.8
• /
• pp.1066-1077
• /
• 2004

Dramatic increase in the number of Internet users want highly qualified service of continuous media contents on the web. To solve these problems, we present two network caching schemes(PPC, PPCwP) which consider the characteristics of continuous media objects and user access pattern in this paper. While there are plenty of reasons to create rich media contents, delivering this high bandwidth contents over the internet presents problems such as server overload, network congestion and client-perceived latency. PPC scheme periodically calculates the popularity of objects based on the playback quantity and determines the optimal size of the initial fraction of a continuous media object to be cached in proportion to the calculated popularity. PPCwP scheme calculates the expected popularity using the series information and prefetches the expected initial fraction of newly created continuous media objects. Under the PPCwP scheme, the initial client-perceived latency and the data transferred from a remote server can be reduced and limited cache storage space can be utilized efficiently. Trace-driven simulation have been performed to evaluate the presented caching schemes using the log-files of iMBC. Through these simulations, PPC and PPCwP outperforms LRU and LFU in terms of BHR and DSR.