• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.663-664
• /
• 2009

OWASP에서 발표한 2007년 웹 애플리케이션 취약점 중 하나인 XSS 공격이 사용자 브라우저에서 스크립트를 실행하게 함으로써 사용자의 세션을 가로채거나 웜을 업로드하여 악성코드를 삽입하는 공격이다[2]. 하지만 많은 XSS 방어 기법에서는 단순 스크립트 우회기법과 강제적인 스크립트 차단 방법을 채택하고 있다. 또한 강제적인 XSS 필터 적용으로 과탐지로 인한 정상적인 웹 페이지가 출력 되지 않는 사례가 나타나고 있다. 따라서 본 연구는 효율적인 정규식을 이용하여 XSS 공격 특징을 분석하여 특징점들을 추출하고 이 특징점들을 기반으로 특정한 규칙을 가진 문자열들을 모든 문자가 유효한지 확인할 수 있는 정규식 표현 방법을 이용하여 다양한 응용프로그램에 적용할 수 있는 기술을 연구하고자 한다. 또한 이를 기반으로 포털 사이트와 브라우저에서 제공하는 XSS 필터들과 비교하여 과탐지율 및 오탐지율 서로 비교하여 본 연구가 효율성 면에서 효과가 있는지 우위를 둘 것이며, 브라우저 벤더, 포털 사이트, 개인 PC 등 충분한 시험 평가와 수정을 통해서 응용할 수 있는 계기를 마련할 것이다

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.12
• /
• pp.2341-2347
• /
• 2016

In this paper, we implement monitoring system for grain sorting using a high-speed FPGA and embedded LINUX. The proposed system is designed by base on web server and web-based applications while existing system was designed by base on stand-alone mode.The interface the Web server with high speed hardware of FPGA is designed on the implemented monitoring system. The proposed system has the advantages of multi-tasking on Linux web server and real-time high speed on FPGA also. The control logic of a high speed rate line-scan CCD camera, the method of center of gravity, HSL decoding and the interface on the Web server are implemented in FPGA. The implemented monitoring system has the advantage of being able to control the grain monitoring, system failure and recovery remotely by web application. As a result, we can upgrade the performance of sorting quality compared by existing system.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.1
• /
• pp.21-28
• /
• 2005

Web servers or web application servers, in general, adopt multi-thread model for efficient handling of many user requests. However, the multi -thread model always does not show the better performance than multi -process model. Sometimes, in a certain specific case, it can show worse performance than multi -process model. In this paper, to trace the cause of the decreased performance of multi -thread model, we experiment and analyze the performance of the multi-thread model by using two approaches. At first, we compare the performance of the multi-process model and multi-thread model for various application environments. Second, we observe the effects of variations of web server's dynamic directives, which are used to increase the flexibility of the web server for various system environments. For the experiments, we integrated a web client simulator, which was written by us, with the Apache 2.0 web server. This paper shows and analyze the results of the experiments.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.2
• /
• pp.53-59
• /
• 2010

Android that was made by Google and Open Handset Alliance is the open source software toolkit for mobile phone. In a few years, Android will be used by millions of Android mobile phones and other mobile devices, and become the main platform of application developers. In this paper, we develop an application contents Booky based on Google Android flatform by using Webview merits and Google search engine. The features of the developed content are as follows. First, a mobile-based Web browser which has an advanced screen resolution and can support more faster viewer than normal web browser as it reduces the amount of data transmission. Second, efficient E-book search and reading functionality. In the performance evaluation, we show the results of simulation using AVD(Android Virture Device).

• Journal of Digital Contents Society
• /
• v.8 no.3
• /
• pp.269-277
• /
• 2007

Web service is an important technology to develop business to business e-commerce application. From a business perspective of time to market, dynamic evolution offers flexibility that software can adapt to unforeseen and fluctuating business requirements. OWL-S, based on OWL, is a service ontology language. The semantics provided by OWL support automation of service discovery, invocation, and service composition. In this paper we propose a framework to support dynamic evolution of service-oriented applications. We extend use-case analysis method to derive service description by defining requirements concept and mapping from requirement concept to activity diagram. A prototype is provided to show the validity of this framework.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.1
• /
• pp.71-80
• /
• 2013

Due to the increased use of mobile devices, there is a lot of discussion on mobile accessibility. Mobile accessibility means that everyone, who includes the disabled, the elderly people, can easily use the functions of mobile devices. In this paper, we presented and implemented a mobile interface using a speech I/O APIs to improve the accessibility. The proposed interfaces are implemented on Android platforms and they used speech recognition and text-to-speech APIs supported as built-in services. In addition, to facilitate the internet access for visually impaired or blind people, we also implemented the web browsing application (web reader).

• The KIPS Transactions:PartD
• /
• v.10D no.1
• /
• pp.85-100
• /
• 2003

Today's computing system has expanded its application to business trade and distributed work transactions using the Internet. As the demand for more flexible, adaptable, extensible, and robust web-based enterprise, these application development has been gradually expanded based on reusable, independent, and portable components. Component Based Development (CBD) works by developing and evolving software from selected reusable software components and then assembling them within appropriate software architecture. However, it requires an increase in cost to build new components as well as the necessary effort to develop of the business requirement these components. Standardized component models are required as well from the perspective of systems in order to support rapid and exact component information transmission on the web. In this paper, we describe the e-Business Component Development with agent for rapid application development on the web that correspond to the demands of users in the business domain. We design and implement the specifications of e-business components by combining these demands. In order to improve the agent register and retrieval, we propose the intelligent search and register agents, which can conduct more precise searching and specializing for components. The system enables the locating of user's frequently used components through an agent involving register and retrieval, as well as rapid procedures for registers The e-BCOS (e-Business Component System) is the agent system for the user to register distributed components and to search for components Information. The e-BCOS increases reusability through the e-business component development of distributed components in the business domain. For the share and delivery, specification with XML is acceptable to user's variable order e-BCOS Includes the effective investment, timeliness, reliability, efficiency, and maintenance effort by with agent.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.538-541
• /
• 2017

네트워크 통신을 이용한 원격 관리 응용프로그램, 스마트폰 애플리케이션, 웹 브라우저 기반의 그룹웨어 기능을 통해 실습실 자원을 효율적으로 관리하고자 한다. 소규모 그룹을 목적으로 개발하며 OSMD(One Source Multi DeviceO)를 통하여 실시간으로 접근이 가능하여 효율적으로 관리 할 수 있도록 한다.

• The Journal of Korean Association of Computer Education
• /
• v.11 no.1
• /
• pp.57-64
• /
• 2008

This paper presents a web-based virtual educational system for Java language, which consists of a management system named Java Web Player (JWP) and creative multimedia contents for the lectures of Java language. The JWP is a Java application program free from security problems by the Java Web Start technologies that supports an integrated learning environment including three important learning procedures: Java concept learning process, programming practice process and assessment process. On-line voice presentation and its related texts together with moving images are synchronized for efficiently conveying creative contents to learners. Furthermore, a simple and useful compiler is included in the JWP for providing user-friendly language practice environment enabling such as coding, editing, executing, and debugging Java source files on the Web. Finally, simple multiple choices are given suddenly to the learners while they are studying through the JWP and the test results are displayed on the message box. In order to show the validity of the proposed virtual educational system we analysed and assessed the learners' academic performance on the five quizzes for one semester.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.4 no.4
• /
• pp.767-773
• /
• 2000

As computer systems and communication technologies develop rapidly, CSCW(Computer Supported Collaborative Work) system appears nowadays, through which it is available to work on virtual space without any restriction of time and place. Most of CWCS systems depend on a special network and groupware. The systems of graphics and CAD are not so many because they are specified by hardware and application software. In this paper, we propose a web-based collaborative CAD system, which can be jointly worked on Internet WWW being independent from any platforms. It can create and modify 3D objects easily using VRML and Java 3D API, and it can send, print, and store them. The interactive work for designing objects can be also carried out through chatting with each other. This system is executed in the environment of Client/server architecture. Clients connect to the CAD sewer through Java applet on WWW. The server is implemented by Java application, and it consists of three components : connection manager which controls the contact to users, work manager which keeps viewing in concurrency and provides virtual work space sharing with others, and solid modeler which creates 3D object.