• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.535-545
• /
• 2014

As the software industry has developed, the attacks making use of software vulnerability has become a big issue in society. In particular, because the attacks using the vulnerability of web browsers bypass Windows protection mechanism, web browsers can readily be attacked. To protect web browsers against security threat, research on fuzzing has constantly been conducted. However, most existing web browser fuzzing tools use a simple fuzzing technique which randomly mutates DOM tree. Therefore, this paper analyzed existing web browser fuzzing tools and the patterns of their already-known vulnerability to propose an event and command based fuzzing tool which can detect the latest web browser vulnerability more effectively. Three kinds of existing fuzzing tools were compared with the proposed tool. As a result, it was found that the event and command based fuzzing tool proposed was more effective.

• Journal of Internet Computing and Services
• /
• v.18 no.5
• /
• pp.113-121
• /
• 2017

Company A's core competency is IT internet security services. The Web diagnosis team analyzes the vulnerability of customer's internet web servers and provides remedy reports. Traditionally, Company A management has utilized a simple table format report for resource planning. But these reports do not notify the timing of human resource commitment. So, upper management asked its team leader to organize a task team and design a visual dashboard for decision making with the help of outside professional. The Task team selected the web security diagnosis practice process as a pilot and designed a dashboard for performance evaluation. A structural design process was implemented during the heuristic working process. Some KPI (key performance indicators) for checking the productivity of internet web security vulnerability reporting are recommended with the calculation logics. This paper will contribute for security service management to plan and address KPI design policy, target process selection, and KPI calculation logics with actual sample data.

• Convergence Security Journal
• /
• v.4 no.2
• /
• pp.17-25
• /
• 2004

As Internet and Internet users are rapidly increasing and getting popularized in the world the existing firewall has limitations to detect attacks which exploit vulnerability of web server. And these attacks are increasing. Most of all, intrusions using web application's programming error are occupying for the most part. In this paper, we introduced real-time web-server agent which analyze web-server based log and detect web-based attacks after the analysis of the web-application's vulnerability. We propose the method using real-time agent which remove Process ID(pid) and block out attacker's If if it detects the intrusion through the decision stage after judging attack types and patterns.

• The Journal of the Korea Contents Association
• /
• v.22 no.2
• /
• pp.125-134
• /
• 2022

Due to the development of smartphone technology, as of 2020, 91.9% of people use the Internet[1] to frequently acquire information through websites and mobile apps. As the number of homepages in charge of providing information is increasing every year, the number of applications for web vulnerability diagnosis, which diagnoses the safety of homepages, is also increasing. In the existing web vulnerability check, the number of diagnostic personnel should increase in proportion to the number of homepages that need diagnosis because the diagnosticians manually test the homepages for vulnerabilities. In reality, however, there is a limit to securing a web vulnerability diagnosis manpower, and if the number of diagnosis manpower is increased, a lot of costs are incurred. To solve these problems, an automatic diagnosis tool is used to replace a part of the manual diagnosis. This paper explores a new method to expand the current automatic diagnosis range. In other words, automatic diagnosis possible items were derived by analyzing the impact of web vulnerability diagnosis items. Furthermore, automatic diagnosis identified possible items through comparative analysis of diagnosis results by performing manual and automatic diagnosis on the website in operation. In addition, it is possible to replace manual diagnosis for possible items, but not all vulnerability items, through the improvement of automatic diagnosis tools. This paper will explore some suggestions that can help improve plans to support and implement automatic diagnosis. Through this, it will be possible to contribute to the creation of a safe website operating environment by focusing on the parts that require precise diagnosis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.59-74
• /
• 2020

The web space where web applications run is the cyber information warfare of attackers and defenders due to the open HTML. In the cyber attack space, about 84% of worldwide attacks exploit vulnerabilities in web applications and software. It is very difficult to detect web vulnerability attacks with security products such as web firewalls, and high labor costs are required for security verification and assurance of web applications. Therefore, rapid vulnerability detection and response in web space by automated software is a key and effective cyber attack defense strategy. In this paper, we establish a security risk management model by intensively analyzing security threats against web applications and software, and propose a method to effectively diagnose web and application vulnerabilities. The testing results on the commercial service are analyzed to prove that our approach is more effective than the other existing methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.601-613
• /
• 2012

It is required to design and implement secure web applications to provide safe web services. For this reason, there are several scoring frameworks to measure vulnerabilities in web applications. However, these frameworks do not classify according to seriousness of vulnerability because these frameworks simply accumulate score of individual factors in a vulnerability. We rate and score vulnerabilities according to probability of privilege acquisition so that we can prioritize vulnerabilities found in web applications. Also, our proposed framework provides a method to score all web applications provided by an organization so that which web applications is the worst secure and should be treated first. Our scoring framework is applied to the data which lists vulnerabilities in web applications found by a web scanner based on crawling, and we show the importance of categorizing vulnerabilities according to privilege acquisition.

• Journal of Information Processing Systems
• /
• v.1 no.1 s.1
• /
• pp.75-78
• /
• 2005

Although many tests for stabilization of the software have been done, vulnerability test for a system run by combination of the software of various products has not been conducted enough. This has led to increased threats and vulnerability of system. Especially, web-based software system, which is public, has inherent possibility of exposure to attacks and is likely to be seriously damaged by an accident. Consequently, comprehensive and systematic test plans and techniques are required. Moreover, it is necessary to establish a procedure for managing and handling the results of vulnerability test. This paper proposes vulnerability test plans and designs for implementing automated tools, both of which can be complied with on web-based software systems.

• ETRI Journal
• /
• v.42 no.3
• /
• pp.433-445
• /
• 2020

A denial-of-service (DoS) attack is a serious attack that targets web applications. According to Imperva, DoS attacks in the application layer comprise 60% of all the DoS attacks. Nowadays, attacks have grown into application- and business-layer attacks, and vulnerability-analysis tools are unable to detect business-layer vulnerabilities (logic-related vulnerabilities). This paper presents the business-layer dynamic application security tester (BLDAST) as a dynamic, black-box vulnerability-analysis approach to identify the business-logic vulnerabilities of a web application against DoS attacks. BLDAST evaluates the resiliency of web applications by detecting vulnerable business processes. The evaluation of six widely used web applications shows that BLDAST can detect the vulnerabilities with 100% accuracy. BLDAST detected 30 vulnerabilities in the selected web applications; more than half of the detected vulnerabilities were new and unknown. Furthermore, the precision of BLDAST for detecting the business processes is shown to be 94%, while the generated user navigation graph is improved by 62.8% because of the detection of similar web pages.

• The Journal of Society for e-Business Studies
• /
• v.24 no.2
• /
• pp.15-27
• /
• 2019

In the past, the control system was a closed network that was not connected to the external network. However, in recent years, many cases have been opened to the outside for the convenience of management. Are connected to the Internet, and the number of operating control systems is increasing. As a result, it is obvious that hackers are able to make various attack attempts targeting the control system due to external open, and they are exposed to various security threats and are targeted for attack. Industrial control systems that are open to the outside have most of the remote management ports for web services or remote management, and the expansion of web services through web programs inherits the common web vulnerability as the control system is no exception. In this study, we classify and compare existing web vulnerability items in order to derive the most commonly tried web hacking attacks against control system from the attacker's point of view. I tried to confirm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.885-895
• /
• 2017

Security issues arise due to various types of external intrusions as much as the rapidly changing IT environment. Attacks using vulnerabilities in web applications are increasing, and companies are trying to find the cause of the vulnerability, prevent external intrusion, and protect their systems and important information. Especially, according to the Supervision Regulation, each financial institution and electronic financial service provider shall perform vulnerability analysis evaluation for the website for disclosure once every six months and report the result to the Financial Services Commission. In this study, based on the Web vulnerability items defined in the Supervision Regulation, based on the inspection cases of actual financial institution, we analyze the most frequently occurring items and propose effective countermeasures against them and ways to prevent them from occurring in advance.