• The Journal of the Korea institute of electronic communication sciences
• /
• v.14 no.2
• /
• pp.303-308
• /
• 2019

Spring framework is widely used as a base technology for e-government frameworks and to the extent it is a standard for web service development tools of Korean public institutions. However, recently, a remote code execution vulnerability(CVE-2018-1270) was found in an application using a spring framework. This paper proposes a method of analyzing the vulnerability experiment using a hacking scenario, Proof Of Concept(POC), in which the spring framework is a hazard to the server. We propose the patch to version 4.3.16 and version 5.0.5 or later as an ultimate response. It is also expected that the proposed experiment analysis on vulnerability of hacking scenario will be used as a data for improving performance of security programs and establishing a new authentication system.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.01a
• /
• pp.101-102
• /
• 2016

사물인터넷(Internet of Things)의 도래와 함께, 무선공유기(wireless access point)들의 보안이 심각한 문제로 대두되고 있다. 연구진은 대부분의 무선공유기들이 제공하는 웹 기반 관리 인터페이스들에 웹 어플리케이션 취약점(web application vulnerability)들이 존재할 수 있다는 점을 착안, 국내 주요 무선공유기들에 대한 웹 어플리케이션 취약점 점검을 수행하였으며, 악용이 가능한 여러 취약점들이 존재함을 확인하였다. 본 논문에서는 연구진이 무선공유기 대상 웹 어플리케이션 취약점 점검에 보조적으로 사용하기 위하여 개발한 3종의 모바일 앱(mobile app)들을 설명한다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.17 no.4
• /
• pp.77-83
• /
• 2021

As Open Source Software(OSS) recently invigorates, many companies actively use the OSSes in their business software. With such OSS invigoration, our web application is developed in order to provide the safety in using the OSSes, and update the information on the new vulnerabilities and the patches at all times by crawling the web pages of the relevant OSS home pages and the managing organizations of the vulnerabilities. By providing the updated information, our application helps the OSS users and developers to be aware of such security issues, and gives them to work in the safer environment from security risks. In addition, our application can be used as a security platform to greatly contribute to preventing potential security incidents not only for companies but also for individual developers.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.237-242
• /
• 2012

Cyber attacks have rapidly increased by exploiting the underlying vulnerabilities in the target software. However, identifying and correcting these vulnerabilities are extremely difficult and time consuming tasks. To address these problems efficiently, we propose a systematic methodology for security vulnerability assessment process on binary code in the paper. Specifically, we first classified the existing vulnerabilities based on whether the target software run in a Web environment and features of the software. Based on the classification, we determined the list and scope of the vulnerabilities. As our future research direction, we need to further refine and validate our methodology.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.595-598
• /
• 2014

The cyber attacks of recent attacks that target zero-day exploit security vulnerabilities before the security patch is released (Zero Day) attack, the web site is without the Lord. These attacks, those that use the vulnerability of security that is built into the software itself is in most cases, cyber attacks that use the vulnerability of the security of the source code, in particular, has a characteristic response that are difficult to security equipment. Therefore, it is necessary to eliminate the security vulnerability from step to implement the software to prevent these attacks. In this paper, we try to design a Secure Coding Guide support tool to eliminate the threat of security from the stage of implementation.

• Journal of Internet Computing and Services
• /
• v.9 no.5
• /
• pp.23-34
• /
• 2008

The number of web service user is increasing steadily as web-based service is offered in various form. But, web service has a vulnerability such as SQL Injection, Parameter Injection and DoS attack. Therefore, it is required for us to develop Web IDS system and additionally to offer Rule-base intrusion detection/response mechanism against those attacks. However, existing Web IDS system didn't correspond properly on recent web attack mechanism because they didn't including suitable pre-processing procedure on huge web log data. Therfore, we propose an efficient web log pre-processing mechanism for enhancing rule based detection and improving the performance of web IDS base attack response system. Proposed algorithm provides both a field unit parsing and a duplicated string elimination procedure on web log data. And it is also possible for us to construct improved web IDS system.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.1-7
• /
• 2008

The hacking method came to be more complicated, became program ant it was automated. That is hacking trend of recent times. Before, The password crack, catch root authority is trend of hacking which uses the vulnerability of server. Hacker attack network or all of domain not some host. Web application system at hacking technique develops and improve transmitted data through the network shows many vulnerability. The massive data are transmitted through the network without encipherment filtering. It will be able to bring about the neck of a bottle actual condition which is serious in security system because of the network where the user comes to be many it leads and the data which is delivered comes to be many. In this paper, we propose web application system to prevent overload from bottleneck in encipherment system. It can solve security key trust problem in encoding and decoding with public key infrastructure.

• Journal of Digital Contents Society
• /
• v.9 no.1
• /
• pp.125-130
• /
• 2008

User web service is increasing by development of internet technology. Quantity of encrypted data that transmitted through the network are increasing by development of encipherment technology. We have many problems; it is caused by technical development and service increase of user requests. It is like that, we have reliability of contents and illegality copy problem of internet contents in web application system. It is contents protection skills in web that encipherment technology, authentication and digital signature. We need message encoding and secret key for solve vulnerability of encipherment in web application system. In this paper, we propose a distributed secure system that can data confidentiality and user authentication. It prevent performance degradation from bottle neck in encipherment server, and improve service quality.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.115-125
• /
• 2003

As Web services are generally open for external uses and not filtered by Firewall, these result in attacker's target. Web attacks which exploit vulnerable web-applications and malicious users' requests cause economical and social problems. In this paper, we are modelling general web service usages based on user-web-session and detect anomal usages with Bayesian estimation method. Finally we propose SAD(Session Anomaly Detection) for detection unknown web attacks. To evaluate SAD, we made an experiment on attack simulation with web vulnerability scanner, whisker. The results show that the detection rate of SAD is over 90%, which is influenced by several features such as size of window or training set, detection filter method and web topology.

• The Journal of the Korea Contents Association
• /
• v.21 no.1
• /
• pp.284-291
• /
• 2021

As the current security monitoring system is operated as a passive system only for response after an attacker's attack, it is common to respond to intrusion incidents after an attack occurs. In particular, when new assets are added and actual services are performed, there is a limit to vulnerability testing and pre-defense from the point of view of an actual hacker. In this paper, a new security monitoring model has been proposed that uses multiple hacking-related search engines to add proactive vulnerability response functions of protected assets. In other words, using multiple search engines with general purpose or special purpose, special vulnerabilities of the assets to be protected are checked in advance, and the vulnerabilities of the assets that have appeared as a result of the check are removed in advance. In addition, the function of pre-checking the objective attack vulnerabilities of the protected assets recognized from the point of view of the actual hacker, and the function of discovering and removing a wide range of system-related vulnerabilities located in the IP band in advance were additionally presented.