• International journal of advanced smart convergence
• /
• v.10 no.4
• /
• pp.22-29
• /
• 2021

For web application vulnerability diagnosis, from the development stage to the operation stage, it is possible to stably operate the web only when there is a policy that is commonly applied to each task through diagnosis of vulnerabilities, removal of vulnerabilities, and rapid recovery from web page damage. KISA presents 28 evaluation items for technical vulnerability analysis of major information and communication infrastructure. In this paper, we diagnose the vulnerabilities in the automobile goods shopping mall website and suggest security measures according to the vulnerabilities. As a result of diagnosing 28 items, major vulnerabilities were found in three items: cross-site scripting, cross-site request tampering, and insufficient session expiration. Cookie values were exposed on the bulletin board, and personal information was exposed in the parameter values related to passwords when personal information was edited. Also, since the session end time is not set, it was confirmed that session reuse is always possible. By suggesting security measures according to these vulnerabilities, the discovered security threats were eliminated, and it was possible to prevent breaches in web applications and secure the stability of web services.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.303-306
• /
• 2010

Personal information being leaked, and personal assets that through a malicious web site for hackers to exploit. Other confidential information via the web site of the country, and your personal information by illegally accessing the data has been obtained who Hacker forces are operating in some countries. Due to the problem of web site management has many vulnerabilities that web sites, as well as programs. In this paper, in the trend world, as well as domestic XSS, SQL Injection, Web Shell analysis of the vulnerability to attacks and XSS, SQL Injection, Web Shell is a direct attack to attack. Security measures are presented what after the attack demonstrated the hack to data collection, analysis. In this study, web site management, web site security and safety can be improved and research will contribute.

• Fashion & Textile Research Journal
• /
• v.15 no.3
• /
• pp.393-405
• /
• 2013

This study considers the effect of smartphone involvement for purchase intentions in fashion shopping malls based on mobile web apps and on PC web apps; in addition, it investigates the correlation between purchase intention in fashion shopping malls (based on activated PC web apps) and those of fashion shopping malls (based on newly created mobile web apps). The results of this study are: First, the analysis of smartphones factors showed that smartphones consist of 6 kinds of dimensions of 'appearance involvement', 'time and information search involvement', 'application involvement', 'entertainment involvement', 'communication involvement', and 'transaction involvement'. Second, the higher the entertainment and transaction involvement among descriptive variables for smartphone involvement were due to the positive responses displayed towards fashion shopping mall purchases based on mobile web apps. Third, a higher application and entertainment involvement in the descriptive variables for smartphones resulted in a positive response displayed for purchases in fashion shopping malls based on PC web apps shown in a regression analysis that verified the smartphone and purchase intention relationship in fashion shopping malls based on PC web apps. Fourth, consumers with high purchase intention in the existing PC web app based fashion shopping malls were shown to have a high purchase intention in mobile web app based fashion shopping malls due to the results of a correlation analysis that analyzed the relationship between purchase intention in PC web app based fashion shopping malls and mobile web app based fashion shopping malls.

• Spatial Information Research
• /
• v.22 no.5
• /
• pp.87-98
• /
• 2014

Google Maps have changed the response time of Web-GIS using AJAX technologies. In addition, Google released the Open API named Google Maps API(Application Programming Interface) and it lead to the big paradigm on the Open API, where the SDK(Software Development Kit) and ASP(Application Service Provider) had ruled at the related map market. In short, the Open API has been paradigm-shifting for the web mapping. After this, government, many companies and open source foundations have guided Web-GIS market's growth through releasing the relevant Open APIs. So many comparative analysis on web-mapping API carried out by many researches. However there were no researches that can be applied to our current domestic environments. This paper investigates components of web-mapping API. Then we compare how many components supported and enumerate features for each of those APIs. Finally this paper presents direction of future development of Web Mapping API.

• Convergence Security Journal
• /
• v.12 no.4
• /
• pp.71-76
• /
• 2012

As the use of Mashups, web3.0, JavaScript and AJAX(Asynchronous JavaScript XML) widely increases, the new security threats for web vulnerability also increases when the web application services are provided. In order to previously diagnose the vulnerability and prepare the threats, in this paper, the classification of security threats and requirements are presented, and the web vulnerability is analyzed for the domestic web sites using WVS(Web Vulnerability Scanner) automatic evaluation tool. From the results of vulnerability such as XSS(Cross Site Scripting) and SQL Injection, the total alerts are distributed from 0 to 31,177, mean of 411, and standard deviation of 2,563. The results also show that the web sites of 22.5% for total web sites has web vulnerability, and the previous defenses for the security threats are required.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.834-837
• /
• 2009

There is a growing need for ad-hoc analysis of extremely large data sets, especially at e-Commerce companies which depend on recommender application. Nowadays, as the number of e-Commerce web pages grow to a tremendous proportion; vertical recommender services can help customers to find what they need. Recommender application is one of the reasons for e-Commerce success in today's world. Compared with general e-Commerce recommender application, obviously, general e-Commerce recommender application's processing scope is greatly narrowed down. MapReduce is emerging as an important programming model for large-scale data-parallel applications such as web indexing, data mining, and scientific simulation. The objective of this paper is to explore MapReduce framework for the e-Commerce recommender application on major general and dedicated link analysis for e-Commerce recommender application, and thus the responding time has been decreased and the recommender application's accuracy has been improved.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.149-153
• /
• 2007

One common type of web-application vulnerabilities is injection flaw, where an attacker exploits faulty application code instead of normal input. In order to be free from injection flaw, an application program should be written in such a way that every potentially bad input character is filtered out. This paper proposes a precise analysis that statically checks whether or not an input string variable may have the given set of characters at hotspot. The precision is accomplished by taking the semantics of condition into account in the analysis.

• Journal of the Korean association of regional geographers
• /
• v.13 no.5
• /
• pp.563-575
• /
• 2007

This study aims to investigate a possibility of using topographic information by web mapping in open environments. Web mapping intends to focus on a map analysis and application of the function and geo-visualization. Functions of Web topographic info-map include a spatial analysis, enlargement and minimization, movement, landuse information, user-controling 3 dimension map, landform cross-section analysis, shortest path analysis. The web system adopts SVG(scalable vector graphics), MYSQL, PHP, XML for mapping. SVG has open source policy, so everyone can use it, as well, it is effective on flexible database linkage, cartographic representation. 3D map is intended to represent 3D map by user-controlled sunshine putting pixel opacity by elevation values after making DEM. Landform is designed to show a cross-section analysis and statistics by retrieving height information from database engine with clicking two points on the map. Shortest path analysis within regions uses Dijkstra's algorithm. Near future, resultantly, the area of WebGIS will have to meet more social demands for use-created geo-information and application, so more researches are needed to be web mapping more applicable for users.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.11
• /
• pp.305-310
• /
• 2021

Artificial intelligence technology in the medical field initially focused on analysis and algorithm development, but it is gradually changing to web application development for service as a product. This paper describes a Urinary Stone segmentation model in abdominal CT images and an artificial intelligence web application based on it. To implement this, a model was developed using U-Net, a fully-convolutional network-based model of the end-to-end method proposed for the purpose of image segmentation in the medical imaging field. And for web service development, it was developed based on AWS cloud using a Python-based micro web framework called Flask. Finally, the result predicted by the urolithiasis segmentation model by model serving is shown as the result of performing the AI web application service. We expect that our proposed AI web application service will be utilized for screening test.

• Knowledge Management Research
• /
• v.10 no.2
• /
• pp.49-63
• /
• 2009

In this study, sub domain of flow was investigated on literature survey, and suggested of the measuring method of web-site flow and its simulation analysis. Constructing of measuring method of flow, and using this method what-if analysis was simulated when several condition changed. Using causal map approach to extract knowledge from web-site domain experts and to derives a causal relationship of knowledge. Specially, in our study, describes method of developing and building causal map, and suggests guide line of this method on practical application. This research results show that web-site flow starts "direct searching" or "interesting of special issue(domain)", and when challenges of web-site were accorded with user's skills web-site flow grows. Further, in the web-site, information searching intention results in increase of user's duration time and experience flow to discovery new interesting issues in this process. If user's web-site of interaction is increased, awareness of environment conditions decreased, finally, user's telepresense results in increased web-site flow. This paper contained thai this method make used of measuring flow in the web-site and developing of practical strategy.