• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.4
• /
• pp.81-87
• /
• 2015

Recently, with the development of the ICT environment, the use of the software is growing rapidly. And the number of the web server software used with a variety of users is also growing. However, There are also various damage cases increased due to a software security vulnerability as software usage is increasing. Especially web shell hacking which abuses software vulnerabilities accounts for a very high percentage. These web server environment damage can induce primary damage such like homepage modification for malware spreading and secondary damage such like privacy. Source code weaknesses checking system is needed during software development stage and operation stage in real-time to prevent software vulnerabilities. Also the system which can detect and determine web shell from checked code in real time is needed. Therefore, in this paper, we propose the system improving security for web server by detecting web shell attacks which are invisible to existing detection method such as Firewall, IDS/IPS, Web Firewall, Anti-Virus, etc. while satisfying existing secure coding guidelines from development stage to operation stage.

• International Journal of Advanced Culture Technology
• /
• v.4 no.3
• /
• pp.13-19
• /
• 2016

The growth of mobile devices in Internet of Things (IoT) leads to a number of remote and controlling system related IoT applications. For instance, home automation controlling system uses client system such web apps on smartphone or web service to access the home server by sending control commands. The home server receives the command, then controls for instance the light system. The web service gateway responsible for handling clients' requests attests an internet latency when an increasing number of end users requests submit toward it. Therefore, this web service gateway fails to detect several commands, slows down predefined actions which should be performed without human intervention. In this paper, we investigate the performance of a web server-side platgorm based event-driven, non-blocking approach called Node.js against traditional thread-based server side approach to handle a large number of client requests simultaneously for remote and controlling system in IoT remote monitoring applications. The Node.JS is 40% faster than the traditional web server side features thread-based approach. The use of Node.js server-side handles a large number of clients' requests, then therefore, reduces delay in performing predefined actions automatically in IoT environment.

• Journal of the military operations research society of Korea
• /
• v.23 no.2
• /
• pp.25-44
• /
• 1997

Internet users been rapidly increased due to the convenient GUI environment. Current Web-based HTTP/CGI client/server architecture has several problems such as the CGI bottleneck, no maintaince of state, and no load balancing. However, with Java and CORBA technologies called“Object Web technology”, we can solve them because Java is not only a mobile code but also a platform-independent code, and CORBA has ability to build distributed object and language-independent object model. The goal of “Object Web technology”is to create multivendor, multiOS, multilanguage“legoware”using objects. This paper implement“Book Search System”which is Web-based client/server architecture using distributed objects. Environments of this implementation are Hangul Windows NT(included IIS) server, Hangul Windows 95 client, Visigenic's VisiBroker for Java 1.2 which is a product of CORBA 2.0, HTTP protocol on TCP-IP-based, Sybase SQL Anywhere 5.0 database server, and the interface between application server and database is JDBC-ODBC bridge middleware.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.04b
• /
• pp.701-704
• /
• 2001

인터넷의 서비스개선으로 사용자의 수는 기하급수적으로 늘어나고 있으며, 이러한 경향에 발맞추어 홈페이지의 수도 날로 늘어가고 있는 추세이다. 홈페이지를 만드는데 있어서 필수적인 것이 바로 Web Server라고 할 수 있으며, 현재 Web Server에 대한 연구가 계속되고 있는 추세이다. 본 논문에서는 현재 사용되고 있는 Web Server보다 좀더 개선된 Server 시스템을 제안하였으며, 이 Server 시스템은 OS에 독립적일 뿐만 아니라 사용자에 대한 서비스 시간과 사용 자원을 줄일 수 있다.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.605-614
• /
• 2002

Amount of the web traffic web server handles are explosively increasing, which requires that the performance of the web server should be improved for the various web services. Although the analysis for the HTTP traffic with the proper tuning for the web server is essential, the research relevant to the subject are insignificant. In particular, although most of applications are implemented over HTTP 1.1 protocol, the researches mostly deal with the performance evaluation of the HTTP 1.0 protocol. Consequently, the modeling approach and the performance evaluation over HTTP 1.1 protocol have not been well formed. Therefore, basing on the HTTP 1.1 protocol supporting persistent connection, we present an analytical end-to-end tandem queueing model for web server to consider the specific hardware configuration inside web server beginning at accepting the user request until completing the service. we compare various performances between HTTP 1.0 and HTTP 1.1 under the overloading condition, and then analyze the characteristics of the HTTP traffic that include file size requested to web server, the OFF time between file transfers, the frequency of requests, and the temporal locality of requests. Presented model is verified through the comparing the server throughput according to varying requests rate with the real web server. Thereafter, we analyze the performance evaluation of the web server, according to the interrelation between TCP Listen queue size, the number of HTTP threads and the size of the network buffers.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.781-786
• /
• 2004

In these days, such services are popularized as E-commerce, E- government, multimedia services, and home networking applications. Most web traffics generated contemporarily basically use the Hyper Text Transfer Protocol(HTTP). Unfortunately, the HTTP is improper for these applications that comprise significant components of the web traffics. In this paper, we introduce a real-time contents compression architecture that maximizes the web service performance as well as reduces the response time. This architecture is built into the linux kernel-based web accelerating module. It guarantees not only the freshness of compressed contents but also the minimum time delay using an server-state adaptive algorithm, which can determine whether the server sends the compressed message considering the consumption of sewer resources when heavy requests reach the web server. Also, We minimize the CPU overhead of the web server by exclusively implementing the compression kernel-thread. The testing results validates that this architecture saves the bandwidth of the web server and that elapsed time improvement is dramatic.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.17-25
• /
• 2004

As Internet and Internet users are rapidly increasing and getting popularized in the world the existing firewall has limitations to detect attacks which exploit vulnerability of web server. And these attacks are increasing. Most of all, intrusions using web application's programming error are occupying for the most part. In this paper, we introduced real-time web-server agent which analyze web-server based log and detect web-based attacks after the analysis of the web-application's vulnerability. We propose the method using real-time agent which remove Process ID(pid) and block out attacker's If if it detects the intrusion through the decision stage after judging attack types and patterns.

• Journal of Korea Spatial Information System Society
• /
• v.6 no.1 s.11
• /
• pp.87-100
• /
• 2004

When spatial data which a user requests are stored various data servers in web mapping environment, it is necessary to access one more map servers to gain data and then integrate them. This paper designs and implements a fusion map server for web mapping. The proposed fusion map server has three characteristics. First, it has customizing metadata which reflect various user's requests. Second, it provides fusion services which integrate spatial and non-spatial data. Last, it uses the dynamic liking method to support the fusion services efficiently. We design and implement a publisher client, a map server and a fusion map server for proposed map server.

• Journal of Information Technology Applications and Management
• /
• v.12 no.4
• /
• pp.123-131
• /
• 2005

Since most of the conventional web servers have been designed to Provide the general purpose and user's convenience as the primary goal, there is an overhead to apply them to the embedded system for remote monitoring and controlling the operation status of the Internet appliance. To cope with this overhead, an embedded Linux web server Is suggested in this paper The basic concept is to provide miniaturization and extendability by simplifying the requirements of web server as the services to the requests of web document for the user's menu and the execution of CGI Program for monitoring and controling the Internet appliance, and satisfying only the indispensable requirements of HTTP which are necessary for the interface with the conventional web browsers. For the evaluation of its feasibility, each module has been implemented on Linux environment, and tested with the MS Explorer 6.0.

• International Journal of Contents
• /
• v.4 no.1
• /
• pp.16-19
• /
• 2008

In this paper, we propose to new dispatcher method, which doesn't depend on an operating system of the server, and the direct routing method, by which a server answers a client's request at first hand. And, propose new web clustering scheme based on the contents on the web where web servers composed of cluster, with each different contents, answer client's request. The other purposes are to reduce overhead of the dispatcher through load balance, and to minimize the time to take in responding to a client's request. The performance of new web cluster scheme was improved by about 39% than that of the existing RR method. It was identified that the performance of the proposed web cluster method was extraordinary improved comparing with that of the existing RR method as a whole.