• Annual Conference of KIPS
• /
• 2013.11a
• /
• pp.727-730
• /
• 2013

소셜 네트워크 서비스는 사용자간의 통신수단 및 자신을 표현하는 하나의 수단으로 사용되면서 다양한 정보를 보유하고 있다. 이러한 소셜 네트워크 서비스를 모바일 디바이스를 통하여 사용하는 사용자가 늘어 가고 있다. 소셜 네트워크 서비스를 컴퓨터 디바이스를 통하여 사용하는 경우 컴퓨터 디바이스 내부에는 캐쉬, 히스토리와 같은 일반적인 웹 서비스 이용 로그 기록을 남기게 된다. 모바일 디바이스를 사용하여 소셜 네트워크 서비스를 이용하는 경우 원활한 서비스 이용을 위하여 사용자의 개인 정보, 친구 정보, 대화 내용과 같은 유출되면 악용 될 수 있는 민감한 정보를 모바일 디바이스 내부에 저장하여 서비스 한다. 이러한 민감한 데이터는 적절한 보안 관리가 실행되어야 한다. 하지만, 다양한 보안 취약점이 존재한다. 본 논문에서는 이러한 모바일 소셜 네트워크 서비스 데이터 관리 보안 취약점에 대하여 분석하고 대응방안에 대하여 연구한다.

• Journal of Internet Computing and Services
• /
• v.14 no.6
• /
• pp.71-84
• /
• 2013

Log data, which record the multitude of information created when operating computer systems, are utilized in many processes, from carrying out computer system inspection and process optimization to providing customized user optimization. In this paper, we propose a MongoDB-based unstructured log processing system in a cloud environment for processing the massive amount of log data of banks. Most of the log data generated during banking operations come from handling a client's business. Therefore, in order to gather, store, categorize, and analyze the log data generated while processing the client's business, a separate log data processing system needs to be established. However, the realization of flexible storage expansion functions for processing a massive amount of unstructured log data and executing a considerable number of functions to categorize and analyze the stored unstructured log data is difficult in existing computer environments. Thus, in this study, we use cloud computing technology to realize a cloud-based log data processing system for processing unstructured log data that are difficult to process using the existing computing infrastructure's analysis tools and management system. The proposed system uses the IaaS (Infrastructure as a Service) cloud environment to provide a flexible expansion of computing resources and includes the ability to flexibly expand resources such as storage space and memory under conditions such as extended storage or rapid increase in log data. Moreover, to overcome the processing limits of the existing analysis tool when a real-time analysis of the aggregated unstructured log data is required, the proposed system includes a Hadoop-based analysis module for quick and reliable parallel-distributed processing of the massive amount of log data. Furthermore, because the HDFS (Hadoop Distributed File System) stores data by generating copies of the block units of the aggregated log data, the proposed system offers automatic restore functions for the system to continually operate after it recovers from a malfunction. Finally, by establishing a distributed database using the NoSQL-based Mongo DB, the proposed system provides methods of effectively processing unstructured log data. Relational databases such as the MySQL databases have complex schemas that are inappropriate for processing unstructured log data. Further, strict schemas like those of relational databases cannot expand nodes in the case wherein the stored data are distributed to various nodes when the amount of data rapidly increases. NoSQL does not provide the complex computations that relational databases may provide but can easily expand the database through node dispersion when the amount of data increases rapidly; it is a non-relational database with an appropriate structure for processing unstructured data. The data models of the NoSQL are usually classified as Key-Value, column-oriented, and document-oriented types. Of these, the representative document-oriented data model, MongoDB, which has a free schema structure, is used in the proposed system. MongoDB is introduced to the proposed system because it makes it easy to process unstructured log data through a flexible schema structure, facilitates flexible node expansion when the amount of data is rapidly increasing, and provides an Auto-Sharding function that automatically expands storage. The proposed system is composed of a log collector module, a log graph generator module, a MongoDB module, a Hadoop-based analysis module, and a MySQL module. When the log data generated over the entire client business process of each bank are sent to the cloud server, the log collector module collects and classifies data according to the type of log data and distributes it to the MongoDB module and the MySQL module. The log graph generator module generates the results of the log analysis of the MongoDB module, Hadoop-based analysis module, and the MySQL module per analysis time and type of the aggregated log data, and provides them to the user through a web interface. Log data that require a real-time log data analysis are stored in the MySQL module and provided real-time by the log graph generator module. The aggregated log data per unit time are stored in the MongoDB module and plotted in a graph according to the user's various analysis conditions. The aggregated log data in the MongoDB module are parallel-distributed and processed by the Hadoop-based analysis module. A comparative evaluation is carried out against a log data processing system that uses only MySQL for inserting log data and estimating query performance; this evaluation proves the proposed system's superiority. Moreover, an optimal chunk size is confirmed through the log data insert performance evaluation of MongoDB for various chunk sizes.

• Journal of Internet Computing and Services
• /
• v.13 no.6
• /
• pp.55-62
• /
• 2012

Grid web applications by standard Web technology are increasingly used to provide grid service to users as normal Web user interface and service. It is however difficult to integrate a grid security system such as Grid Security Infrastructure (GSI) into Web applications because the delegation way of standard Web security is not the same as the one of Grid security. This can be solved by allowing Web applications to get a Grid credential by using an online credential repository system such as MyProxy. In this paper, we investigate the problem that occurs when MyProxy, which assumes mutual trust between a user and Grid web application, is adapted for achieving security integration between Web and Grid, and we propose a new Grid proxy delegation service to delegate a Grid credential to the Web without assuming mutual trust. In the service, the X.509 proxy delegation process is added to OAuth protocol for credential exchange, and authentication can be done by an external service such as OpenID. So, users can login onto the Grid web application in a single sign-on manner, and are allowed to securely delegate and retrieve multiple credentials for one or more Virtual Organizations.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.10 no.3
• /
• pp.608-613
• /
• 2006

There are many e-showing mall because of revitalization of e-commerce system. It is necessary to recommending system of products that is for saving time and effort of customer. In this paper, we propose the system that is applying classification among data mining techniques to analysis of log data of customer. This log data contains access of user and purchasing of products. The proposed system operates in two phases. The first phase is composed of data filter module and association extraction module among web pages. The second phase is composed of personalization module and rule generation module. Customer can easily know the recommended sites because the proposed system can present rank of the recommended web pages to customer. As a result, the proposed system can efficiently do recommending of products to customer.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1179-1195
• /
• 2018

Recently, a variety of attacks on web services have been occurring through a multiple access environment such as PC, tablet, and smartphone. These attacks are causing various subsequent damages such as online fraud transactions, takeovers and theft of accounts, fraudulent logins, and information leakage through web service vulnerabilities. Creating a new fake account for Fraud attacks, hijacking accounts, and bypassing IP while using other usernames or email addresses is a relatively easy attack method, but it is not easy to detect and block these attacks. In this paper, we have studied a method to detect online fraud transaction and obsession by identifying and managing devices accessing web service using web-based device fingerprinting. In particular, it has been proposed to identify devices and to manage them by scoring process. In order to secure the validity of the proposed scheme, we analyzed the application cases and proved that they can effectively defend against various attacks because they actively cope with online fraud and obtain visibility of user accounts.

• Proceedings of the Korean Operations and Management Science Society Conference
• /
• 2004.05a
• /
• pp.694-697
• /
• 2004

최근 빠르게 성숙되고 있는 시장과 경쟁적 환경으로 인해 고객 유지에 대한 중요성이 증대되고 있다. 이는 기존 고객을 유지하는 것이 비용 면에서 저렴할 뿐 아니라, 고객 충성도나 구전효과가 같은 기타 부수적인 이득을 획득할 수 있다는 측면에서 유리하기 때문이다. 본 논문은 고객의 이탈 가능성을 미리 예측하고 이를 사전에 방지할 수 있는 고객 유지 절차를 제시하고 있다. 이탈고객의 탐지 및 방지를 위해서는 기존의 인구통계학적 자료 외에도 웹로그, 구매 Database 등의 대용량의 고객 행위 데이터에 대한 분석이 요구되기 때문에 데이터 마이닝 기법의 활용이 필수적이다. 그러나 대부분의 데이터 마이닝 연구는 예측 및 분류의 정확성이 높은 모델을 개발하는데 초점이 맞추어져 있으며, 고객의 행위를 이해하고 바람직한 방향으로 유도하고자 하는 연구는 지극히 부족한 상황이다. 그러므로 본 논문은 다양한 데이터마이닝 기법을 통합하여 잠재 이탈고객을 탐지하고, 기존 연구에서 간과하고 있던 비용적 측면을 고려한 이탈 방지 절차를 제시하고자 한다.

• Journal of Digital Convergence
• /
• v.14 no.11
• /
• pp.275-281
• /
• 2016

In modern society, which boomed it became easier to obtain the necessary information to the emergence of a variety of smart devices. Due to this, the frequency of using the content based on the Web is growing rapidly. In addition, companies are turning into a production and modify the content using the CMS under the web-based. It can be a very important part to provide users with the content. Currently web services are designing a UI to the device and provided. To improve the ease of use, they are enhancing services only by survey and analysis of the patterns of all users. Most are designed without considering the UX only in the technical aspects. In this paper, to break the limits that apply to all users of the Web service pattern analysis, we propose a visualization system via the animation based on the individual user's movement patterns and usage patterns. Through this convergence is expected to be able to transform the web from the central manager to the user UX and the planning aspects researchers.

• Journal of the Korean BIBLIA Society for library and Information Science
• /
• v.32 no.4
• /
• pp.189-212
• /
• 2021

The purpose of this study is to analyze an usage behavior for the public library website through web traffic. For this purpose, using Google Analytics and growth hacking technique, the data of A public library website log was analyzed for three months from August 1, 2021 to October 31, 2021. As a result of the study, the young age group of 18-24 years old and 25-34 years old recorded a high rate of new member registration, & it was found that the inflow rate through SNS was high for external inflows. As a result of analysis for the access rate by time, it was found that the time with the highest inflow rate was between 10 am and 11 am both on Wednesday and Friday. As a access channel, the access rate using mobile (64.90%) was quite high, but at the same time, the bounce rate (27.20%) was higher than the average (24.93%), & the rate of duration time (4 minutes 33 seconds) was lower than thee average (5 minutes 22 seconds). Finally, it was found that the utilization rate of reading program events and online book curation service, which the library focuses on producing and promoting, is very low. These research results can be used as basic data for future improvement of public library websites.

• Electronics and Telecommunications Trends
• /
• v.20 no.1 s.91
• /
• pp.73-83
• /
• 2005

인터넷에 산재한 id와 개인정보들은 적절한 관리와 보호를 필요로 한다. 인터넷 ID 관리 서비스는 가입자의 id와 개인정보를 관리해 주는 서비스이다. 가입자는 인터넷 ID 관리 서비스에 가입해 id와 개인정보를 등록하면, 이 id로 한 번의 로그인 후 모든 가맹 웹 사이트를 이용할 수 있고, 개인정보의 활용에대한 통제도 할 수 있다. 인터넷 ID 관리 서비스가 도입되면 인터넷 이용이 편리해지고 id 도용을 크게줄이며, 개인정보 보호를 강화할 수 있다. 본 고에서는 인터넷 ID 관리 서비스의 개념과 현재 실시되고있는 서비스 동향, 관련 표준화 동향, 그리고 관련 기술 적용 사례를 소개한다. 또한 인터넷 ID 관리 분야의 연구 프로젝트를 살펴 본다.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.53 no.2
• /
• pp.76-86
• /
• 2016

SQL Injection attacks are the most widely used and also they are considered one of the oldest traditional hacking techniques. SQL Injection attacks are getting quite complicated and they perform a high portion among web hacking. The big data environments in the future will be widely used resulting in many devices and sensors will be connected to the internet and the amount of data that flows among devices will be highly increased. The scale of damage caused by SQL Injection attacks would be even greater in the future. Besides, creating security solutions against SQL Injection attacks are high costs and time-consuming. In order to prevent SQL Injection attacks, we have to operate quickly and accurately according to this data analysis techniques. We utilized data analytics and machine learning techniques to defend against SQL Injection attacks and analyzed the execution plan of the SQL command input if there are abnormal patterns through checking the web log files. Herein, we propose a way to distinguish between normal and abnormal SQL commands. We have analyzed the value entered by the user in real time using the automated SQL Injection attacks tools. We have proved that it is possible to ensure an effective defense through analyzing the execution plan of the SQL command.