• Journal of the Korea Computer Industry Society
• /
• v.6 no.5
• /
• pp.715-724
• /
• 2005

Recently many important systems that used to be operated in a closed environment are now providing web services and these kinds of web-based services are often an easy and common target of attacks. In addition, the great variety of web content and applications cause the development of new various intrusion technologies, while the misuse-based intrusion detection technology cannot keep the peace with the attacks and it seems to lack the capability to deal with such various new security threats, As a result it is necessary to research and develop new types of detection technologies that can detect newly developed attacks and intrusions as well as to be able to deal with previous types of exploits. In this paper, a HTTP traffic model is tested for its anomaly by using a HTTP request traffic pattern analysis and the field information analysis of the HTTP packet. Consequently, the HTTP traffic models by applying anomaly tests is designed and established.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.38 no.3
• /
• pp.71-86
• /
• 2013

This research explores the question how interactions between customer and firm affect firm growth. To test suggested hypotheses, this study collects data on social commerce industry in Korea during the period from the beginning of social commerce industry in Korea, May 2010, to March 2012, and investigates the effect of social media on the growth of social commerce firms. We suggest two hypotheses in this study. First, as web traffic inflow through social media into a focal social commerce increases, the growth rate of the focal social commerce increases. Second, the more diverse social media channel through which web traffic inflows into a focal social commerce, the weaker the positive effect of web traffic inflow on the growth rate of the focal social commerce. Analysis of data shows that inflow through social media is positively related to the growth of social commerce. In addition, our analysis shows that inflow channel diversity weakens the positive relationship between web traffic inflow through social media and growth rate of social commerce firms. These results suggest that firms need to concentrate on few social media in order to attract customers. The study contributes to understanding how interaction between firms and customers influences the growth of the firm.

• The Journal of the Korea Contents Association
• /
• v.10 no.3
• /
• pp.44-52
• /
• 2010

The most popular world wide web traffic in the Internet uses TCP as the transport layer protocol. Since TCP utilizes the single path, it can not communicate with the correspondent host during the link-down. On the other hand, SCTP can still communicate with the other SCTP entity by using alternate path even while the primary path is down. Most of previous studies have conducted the performance comparison research between TCP and SCTP by using typical file transfer. Since web traffic with self-similarity is characterized by the packet inter-arrival times and shape parameter affecting the size of web file in the Pareto distribution, it is necessary to perform the experiments considering these parameters. This paper aims to compare the throughput between TCP and SCTP while varying parameters reflecting the web traffic characteristics in link-down environment. Experimental results for web traffic using NS-2 simulator show that the throughput of SCTP using multi-homing is better than that of TCP. Simulation also shows that TCP is more affected than SCTP by mean inter-arrival and shape parameters with regard to the web traffic. These results can be applied to estimate the performance variation of web traffic due to the duration of link-down.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.33-40
• /
• 2012

In this paper we propose an anomaly detection scheme to detect new attack paths or new attack methods without false positives by monitoring HTTP Outbound Traffic after efficient training. Our proposed scheme detects web-based attacks by comparing tags or javascripts of HTTP Outbound Traffic with normal behavioral models which apply HMM(Hidden Markov Model). Through the verification analysis under the real-attacked environment, we show that our scheme has superior detection capability of 0.0001% false positive and 96% detection rate.

• Proceedings of the KIEE Conference
• /
• 2000.11d
• /
• pp.824-826
• /
• 2000

네트워크 데이터 traffic 특성은 네트워크의 성능분석과 설계에 중요한 요소이고 적절한 traffic modeling을 통해 load balancing, fault tolerance 및 전송속도 개선 둥 시스템 성능을 높이는데 보다 유용한 자료를 제공할 수 있어 지금까지 많은 연구가 진행되어 왔다. 그러나 네트워크 traffic은 네트워크의 규모와 서비스 종류 등 여러 가지 이유로 어느 한가지 모델로 규정짓는 것이 용이하지 않다. 또한 근래 인터넷 사용자의 수가 급속히 증가함에 따라 네트워크 traffic의 대부분이 world wide web에 기인하는 특성을 볼 수 있다. 본 논문에서는 웹서버 운용환경 하에서 적용될 수 있는 traffic model들에 대해 고찰하고 실제 네트워크에서의 패킷 모니터 링을 통한 traffic 분석 예를 보인다.

• Journal of Advanced Navigation Technology
• /
• v.13 no.5
• /
• pp.669-676
• /
• 2009

HTTP or audio/video streaming services are good candidates for future centralized navigation system and in order to provide stability for such services, service providers use a cluster of web servers. In this paper, we provide the criteria for web server cluster design of vehicular users with consideration of differentiated access per different user classes. Several feasible scenarios are examined and their performance analysis using queueing theory is presented to provide the foundation for web server cluster design using traffic load balancer. Through the thorough analysis, efficient criteria for traffic load balancer design is derived. In order to satisfy users' service requirements, priority services controlled by traffic load balancer are considered and analyzed. We also provide the evaluation of the accuracy of the analytical model through simulation.

• The Journal of Engineering Research
• /
• v.3 no.1
• /
• pp.7-20
• /
• 1998

With our economic development and increment and increment of GNP, the number of autos has incremented. But lacking in mind for traffic safety and traffic order, many traffic accidents have occurred. So the purpose of development of traffic safety education system based on web is to advertise the importance and the need of traffic order and safety education and protect walkers and drivers from traffic accidents. The Contents and Scopes of Study Development are as follows. There are input of text, image and moving image data for traffic safety education, establishment of hierarchical relation for traffic safety education, relation analysis between traffic safety education information and design of hyper link structure between them, thesaurus implementation for traffic safety education system, design and implementation of information retrieval engine based on thesaurus, design and implementation of database schema for traffic safety education and GUI implementation for user.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.1
• /
• pp.125-132
• /
• 2011

A hierarchical Web Security System, which is a solution to various web-based attacks, seemingly is not able to keep up with the improvement of detoured or compound attacks. In this paper, we suggest an efficient detecting scheme for web-based attacks like Malware, XSS, Creating Webshell, URL Spoofing, and Exposing Private Information through monitoring HTTP outbound traffics in real time. Our proposed scheme detects web-based attacks by comparing the outbound traffics with the signatures of HTML tag or Javascript created by the attacks. Through the verification analysis under the real-attacked environment, we show that our scheme installed in a hierarchical web security system has superior detection capability for detoured web-based attacks.

• Journal of the Korea Society of Computer and Information
• /
• v.6 no.3
• /
• pp.64-71
• /
• 2001

In this paper we propose the network traffic monitoring system that can supported network and system operation, management, expansion, and design using network analysis and diagnosis to a network administrator. The proposed system consists of two parts: analysis server for collection and analysis of the network information. and supports real-time monitoring of network traffic, and client system shows user a graphical data that analyzed a returned result from the server This system implements web-based technology using java and contributes to enhance the effectiveness of network administrator's management.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.1 no.2
• /
• pp.64-72
• /
• 2006

The long propagation delay over satellite internet causes degradation of TCP performance in slow start phase. Especially, web traffic performance is greatly reduced by low throughput in slow start phase. To improve web traffic performance, we propose the Dynamic ACK Generation Scheme which generates ACKs and considers sender RTO in PEP (Performance Enhancing Proxy). The Normal ACK generation mechanism improves TCP throughput, and also decreases sender RTO. if PEP stops generating ACKs, TCP performance will be reduced by frequent RTO expiration. To solve this problem, our scheme adjusts RTO using ACK generation interval. And it supports retransmission mechanism for loss recovery in PEP. The results of the performance analysis provide a good evidence to demonstrate the efficiency of our mechanisms over satellite internet.