• Title/Summary/Keyword: Web Threat

Search Result 75, Processing Time 0.021 seconds

Web Attack Classification via WAF Log Analysis: AutoML, CNN, RNN, ALBERT (웹 방화벽 로그 분석을 통한 공격 분류: AutoML, CNN, RNN, ALBERT)

  • Youngbok Jo;Jaewoo Park;Mee Lan Han
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.4
    • /
    • pp.587-596
    • /
    • 2024
  • Cyber Attack and Cyber Threat are getting confused and evolved. Therefore, using AI(Artificial Intelligence), which is the most important technology in Fourth Industry Revolution, to build a Cyber Threat Detection System is getting important. Especially, Government's SOC(Security Operation Center) is highly interested in using AI to build SOAR(Security Orchestration, Automation and Response) Solution to predict and build CTI(Cyber Threat Intelligence). In this thesis, We introduce the Cyber Threat Detection System by analyzing Network Traffic and Web Application Firewall(WAF) Log data. Additionally, we apply the well-known TF-IDF(Term Frequency-Inverse Document Frequency) method and AutoML technology to classify Web traffic attack type.

Implementation of the Web-Based K-LOSA Program for the Safety Observation in Normal Operation (정상운항에서 안전 관찰을 위한 웹 기반 K-LOSA 프로그램 구현)

  • Choi, Youn-Chul;Hong, Seung-Beom
    • Journal of Advanced Navigation Technology
    • /
    • v.18 no.4
    • /
    • pp.319-324
    • /
    • 2014
  • Line operation safety audit (LOSA) is the proactive data collection system to capture the accident and serious incident caused by flight crew and is the safety management program for collecting threat error management (TEM) and crew resource management (CRM) during normal operations. The typically LOSA is written by hand, manages and archives the LOSA Observation Worksheet. But, this method is not easy to archive and ensure confidentiality of the LOSA worksheets. As we implemented the K-LOSA of the web-document type instead of the existing LOSA archive method and change the TEM category code. we yields to archive the efficient data management and confidentiality. In this paper, we introduce the LOSA and to configure the K-LOSA program.

Threat Management System for Anomaly Intrusion Detection in Internet Environment (인터넷 환경에서의 비정상행위 공격 탐지를 위한 위협관리 시스템)

  • Kim, Hyo-Nam
    • Journal of the Korea Society of Computer and Information
    • /
    • v.11 no.5 s.43
    • /
    • pp.157-164
    • /
    • 2006
  • The Recently, most of Internet attacks are zero-day types of the unknown attacks by Malware. Using already known Misuse Detection Technology is hard to cope with these attacks. Also, the existing information security technology reached the limits because of various attack's patterns over the Internet, as web based service became more affordable, web service exposed to the internet becomes main target of attack. This paper classifies the traffic type over the internet and suggests the Threat Management System(TMS) including the anomaly intrusion detection technologies which can detect and analyze the anomaly sign for each traffic type.

  • PDF

A Study on Security Evaluation for Mobile Web Services Message (모바일 웹서비스 메시지의 보안 평가에 관한 연구)

  • Lee, Seoung-Hyeon;Lee, Jae-Seung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2007.06a
    • /
    • pp.765-768
    • /
    • 2007
  • In this paper, the security evaluation method about mobile web services message is suggested in the method for improving the safety an reliability about the mobile web services message. In order that the goal of this paper is accomplished, the security threat and the security vulnerability which can be occurred in the mobile web services message are defined. The evaluation method for performing the security evaluation about the mobile web services message is defined. Also, the requirements for the mobile web services message security evaluation are defined. Finally, the evaluation framework for performing the mobile web services message security evaluation is constituted, and the evaluation scenario example is suggested. By using the mobile web services message security evaluation defined in the paper, before the mobile web services is deployed, the security threats and security vulnerability can be verified. Also, the countermeasure for the security threat and security vulnerability discovered in the verification result can be prepared. Therefore, the sorority and reliability about the mobile web services can be improved.

  • PDF

Vulnerability Analysis and Threat Mitigation for Secure Web Application Development (안전한 웹 애플리케이션 개발을 위한 취약점 분석 및 위협 완화)

  • Moon, Jae-Chan;Cho, Seong-Je
    • Journal of the Korea Society of Computer and Information
    • /
    • v.17 no.2
    • /
    • pp.127-137
    • /
    • 2012
  • Recently, as modern Internet uses mashups, Web 3.0, JavaScript/AJAX widely, the rate at which new vulnerabilities are being discovered is increasing rapidly. It can subsequently introduce big security threats. In order to efficiently mitigate these web application vulnerabilities and security threats, it is needed to rank vulnerabilities based on severity and consider the severe vulnerabilities during a specific phase of software development lifecycle (SDLC) for web applications. In this paper, we have first verified whether the risk rating methodology of OWASP Top 10 vulnerabilities is a reasonable one or not by analyzing the vulnerability data of web applications in the US National Vulnerability Database (NVD). Then, by inspecting the vulnerability information of web applications based on OWASP Top-10 2010 list and CWE (Common Weakness Enumeration) directory, we have mapped the web-related entries of CWE onto the entries of OWASP Top-10 2010 and prioritized them. We have also presented which phase of SDLC is associated with each vulnerability entry. Using this approach, we can prevent or mitigate web application vulnerabilities and security threats efficiently.

The Threat Analysis and Security Guide for Private Information in Web Log (웹 로그 데이터에 대한 개인정보 위협분석 및 보안 가이드)

  • Ryeo, Sung-Koo;Shim, Mi-Na;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.6
    • /
    • pp.135-144
    • /
    • 2009
  • This paper discusses an issue of serious security risks at web log which contains private information, and suggests solutions to protect them. These days privacy is core information to produce value-added in information society. Its scope and type is expanded and is more important along with the growth of information society. Web log is a privacy information file enacted as law in South Korea. Web log is not protected properly in spite of that has private information It just is treated as residual product of web services. Many malicious people could gain private information in web log. This problem is occurred by no classified data and improper development of web application. This paper suggests the technical solutions which control data in development phase and minimizes that the private information stored in web log, and applies in operation environment. It is very efficient method to protect private information and to observe the law.

Application and Evaluation of a Web-based Education Program on Blood-borne Infection Control for Nurses (간호사를 위한 웹기반 혈액매개 감염관리 프로그램의 적용 및 평가)

  • Choi, Jeong-Sil;Kim, Keum-Soon
    • Journal of Korean Academy of Nursing
    • /
    • v.39 no.2
    • /
    • pp.298-309
    • /
    • 2009
  • Purpose: To develop a web-based program on blood-borne infection control and to examine the effect of the newly developed program on perceived threat of diseases, knowledge, preventive health behaviors for blood-borne infections, and incidence rates of accidental needle sticks and other sharp object injuries in nurses. Methods: The program was developed through the processes of analysis, design, development, implementation, and evaluation. The research design involved a nonequivalent control group for pretest and posttest experiments. The setting was a 745-bed general hospital located in Korea. Results: The program was designed and developed after consulting previous studies. After development of the program was completed, it was evaluated and revised by a panel of experts. The total score for perceived threat of diseases, knowledge, preventive health behaviors in the experimental group was significantly higher compared to the control group (p<.05). The incidence rates for needle sticks and other sharp object injuries in the experimental group were significantly lower compared to the control group (p<.05). Conclusion: Application of a Web-based, blood-borne infection control program is effective, and can be expanded to other healthcare workers who also have a high risk of blood-borne infections.

Improved Session Management for Mobile Workflow in Web Application Service (모바일 환경을 위한 웹 애플리케이션 서비스의 세션 관리 개선방안)

  • Kim, Young-hun;Park, Yongsuk
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.10a
    • /
    • pp.387-389
    • /
    • 2014
  • It is preferred to the popularization of smart device business processes through mobile. The ratio of Internet access via mobile devices is reached 30% of PC in September 2012. It is reproduced in a mobile environment that security threats arising from the Internet. that is the characteristics of cyber security threats appearing on the mobile era. Web Application Service security research firm OWASP (The Open Web Application Security Project) issued Session Management threat. That threat will be reproduced in the mobile environment. But Mobile is significantly different from Desktop Computer about Session Management environment. This proceeding proposes a improved Session Management method in Mobile environment.

  • PDF

Design and Implementation of Malicious URL Prediction System based on Multiple Machine Learning Algorithms (다중 머신러닝 알고리즘을 이용한 악성 URL 예측 시스템 설계 및 구현)

  • Kang, Hong Koo;Shin, Sam Shin;Kim, Dae Yeob;Park, Soon Tai
    • Journal of Korea Multimedia Society
    • /
    • v.23 no.11
    • /
    • pp.1396-1405
    • /
    • 2020
  • Cyber threats such as forced personal information collection and distribution of malicious codes using malicious URLs continue to occur. In order to cope with such cyber threats, a security technologies that quickly detects malicious URLs and prevents damage are required. In a web environment, malicious URLs have various forms and are created and deleted from time to time, so there is a limit to the response as a method of detecting or filtering by signature matching. Recently, researches on detecting and predicting malicious URLs using machine learning techniques have been actively conducted. Existing studies have proposed various features and machine learning algorithms for predicting malicious URLs, but most of them are only suggesting specialized algorithms by supplementing features and preprocessing, so it is difficult to sufficiently reflect the strengths of various machine learning algorithms. In this paper, a system for predicting malicious URLs using multiple machine learning algorithms was proposed, and an experiment was performed to combine the prediction results of multiple machine learning models to increase the accuracy of predicting malicious URLs. Through experiments, it was proved that the combination of multiple models is useful in improving the prediction performance compared to a single model.