• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.1
• /
• pp.115-123
• /
• 2021

Manufacturing execution system is a factory information system that handles production-related quality data as well as executes production plans of process unit for all resources in the production process on site. As the 4th industrial revolution, which maximizes an automation and connectivity with artificial intelligence, has become a hot topic, manufacturers are showing interest in building a smart factories, but enormous construction costs and unstandardized production processes are obstacles to smart factory construction. Therefore, this paper designs and implements a manufacturing execution system for building a smart factory in a deterioration factory. we propose a Web-based manufacturing execution system aiming at a smart factory at the basic level for steel wire processing. The proposed system will smoothly support interworking with the existing ERP system using REST APIs, and will consider extensibility so that it can be used in various devices and browsers. We will show practicality by implementing the proposed WoT-based manufacturing execution system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.3
• /
• pp.91-98
• /
• 2021

In most hacking attacks, hackers tend to access target systems in a variety of circumvent connection methods to hide their original IP. Therefore, finding the attacker's IP(Internet Protocol) from the defender's point of view is one of important issue to recognize hackers. If an attacker uses a proxy, original IP can be obtained through a program other than web browser in attacker's computer. Unfortunately, this method has no effect on the connection through VPN(Virtual Private Network), because VPN affects all applications. In an academic domain, various IP traceback methods using network equipments such as routers have been studied, but it is very difficult to be realized due to various problems including standardization and privacy. To overcome this limitation, this paper proposes a practical way to use client's network configuration temporarily until it can detect original IP. The proposed method does not only restrict usage of network, but also does not violate any privacy. We implemented and verified the proposed method in real internet with various VPN tools.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.15-22
• /
• 2002

Java applet, executed in user's web browsers which is via proxy server on web sever, can approach client files or resources, so it is necessary to secure against malicious java applet. Currently, the previous security countermeasures against malicious java applet use two ways: one is making a filter system to detect malicious java applet hewn in proxy, the other is that establishes another security java virtual machine. However, the first one can not detect unknown malicious java applet, and the other one nay increase loads, because it decides whether there is malicious or not after implementing java applet on proxy server. In this paper, after inserting monitoring function to java applet on proxy server using java-methods substitution and transfer it to user to detect malicious java applet, we propose a technique for detecting malicious java applet that can detect the unknown malicious java applet with reducing loads

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.113-124
• /
• 2009

Recently, lots of anti-phishing schemes have been developed. Several products identify phishing sites and show the results on the address bar of the internet browser, but they determine only by domain names or IP addresses. Although this kind of method is effective against recent DNS pharming attacks, there is still a possibility that hidden attacks which modifies HTML codes could incapacitate those anti-phishing programs. In this paper, the cognitive approach which compares images to decide phishing or pharming is presented, using system tray and balloon tips that are hard to fake with pop-ups or flash in order for users to compare pictures from connecting sites and system tray. It differs from an old method that a program analyzes IP or domains to judge if it is phishing or pharming, but observes if there were HTML code changing between plug-ins and a server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.35-45
• /
• 2005

There has recently been an increase of phishing attacks, attacks which lure users into revealing their personal information to an attacker who in turn exploits this information for economic gain. The conventional methods of fooling the user with similarly modified mail or address are constantly evolving and have diversified to include the forgery of mail or domain addresses. Recently the injury incurred by these attacks has greatly increased as attackers exploit the weaknesses found on a few web browsers and used these to conduct phishing attacks based on URL spoofing. Furthermore we are now witnessing the entrance of highly advanced phishing techniques that no longer simply rely on vulnerabilities, but employ ordinary script, HTML, DNS sniffing, and the list goes on. In this paper we first discuss means of investigating and preventing the advanced URL spoofing techniques used in phishing attacks, and then propose a scheme for fundamentally restricting them altogether.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.869-882
• /
• 2012

With the growth of Web services and the development of web exploit toolkits, web-based malware has increased dramatically. Using Javascript Obfuscation, recent web-based malware hide a malicious URL and the exploit code. Thus, pattern matching for network intrusion detection systems has difficulty of detecting malware. Though various methods have proposed to detect Javascript malware on a users' web browser, the overall detection is needed to counter advanced attacks such as APTs(Advanced Persistent Treats), aimed at penetration into a certain an organization's intranet. To overcome the limitation of previous pattern matching for network intrusion detection systems, a novel deobfuscating method to handle obfuscated Javascript is needed. In this paper, we propose a framework for effective hidden malware detection through an automated deobfuscation regardless of advanced obfuscation techniques with overriding JavaScript functions and a separate JavaScript interpreter through to improve jsunpack-n.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.1
• /
• pp.134-139
• /
• 2022

Recently, interest in programming and artificial intelligence is continuously increasing, and software education is being implemented as a mandatory education from elementary school. For efficient programming education, it is basically necessary to build a lab environment suitable for students and teachers, but there are performance problems due to the inadequacy of old computers and network equipment. Therefore, in this paper, we propose a web page-based online practice environment and algorithm competition scoring system using React and Spring boot to solve the problem of the programming practice environment. Through this, it is thought that programming learning can be carried out using only a web browser even on low-spec computers. In addition, since various programming languages can be learned irrespective of the language to be learned, it is considered that the time cost for establishing a practice environment can be reduced.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.5
• /
• pp.137-144
• /
• 2021

The IETF has recently been standardizing the QUIC protocol for HTTP/3 services. It is noted that HTTP/3 uses QUIC as the underlying protocol, whereas HTTP/1.1 and HTTP/2 are based on TCP. Differently from TCP, the QUIC uses 0-RTT or 1-RTT transmissions to reduce the connection establishment delays of TCP and SCTP. Moreover, to solve the head-of-line blocking problem, QUIC uses the multi-streaming feature. In addition, QUIC provides various features, including the connection migration, and it is available at the Chrome browser. In this paper, we analyze the performance of QUIC for HTTP-based web and streaming services by comparing with the existing TCP and Streaming Control Transmission Protocol (SCTP) in the network environments with different link delays and packet error rates. From the experimental results, we can see that QUIC provides better throughputs than TCP and SCTP, and the gaps of performances get larger, as the link delays and packet error rates increase.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.743-754
• /
• 2022

This paper contains the results of the development and performance evaluation of the environmental data monitoring system for the fish farm. For the hardware development, the analogue sensor is used to collect dissolved oxygen, pH, salinity, and temperature of the fish farm water, and the digital sensor is used for collecting ambient temperature, humidity, and location information via a GPS module to be sent to cloud-based Firebase DB. A set of LoRa transmitters and receivers is used as a communication module to upload the collected data. The data stored in Firebase is retrieved as a graph on a web and mobile application to monitor the environmental data changes in real-time. A notification will be delivered if the collected data is outside the determined optimal value. To evaluate the performance of the developed system, a response time from hardware modules to web and mobile applications is ranging from 6.2 to 6.85 seconds, which indicates satisfactory results.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.6
• /
• pp.1121-1128
• /
• 2022

Information about the present invention is made available for business use. You are helping to use the LCD, you can't use the LCD screen. During software configuration, Raspbian was used to provide the system environment. We made our way through the menu and made our financial through play. It provides various information such as weather, weather, apps, streamer music, and web browser search function, and it can be charged. Currently, the 'Google Assistant' will be provided through the GUI within a predetermined time.