• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.139-146
• /
• 2008

Despite of information security installation, leakage of personal information in web services has not decreased. This is because traffics to web applications are still vulnerable by permitting external sources to access services in port HTTF 80 and HTTPS 443, even with firewall systems in place. This thesis analyzes various attack patterns resulted from web service environment and vulnerable traffic and categorizes the traffics into normal and abnormal traffics. Also this proposes ways to analyze web application attack patterns from those abnormal traffics based on weak points warned in OWASF(Open Web Application Security Project), design a system capable of detect and isolate attacks in real time, and increase efficiency of preventing attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.387-389
• /
• 2014

It is preferred to the popularization of smart device business processes through mobile. The ratio of Internet access via mobile devices is reached 30% of PC in September 2012. It is reproduced in a mobile environment that security threats arising from the Internet. that is the characteristics of cyber security threats appearing on the mobile era. Web Application Service security research firm OWASP (The Open Web Application Security Project) issued Session Management threat. That threat will be reproduced in the mobile environment. But Mobile is significantly different from Desktop Computer about Session Management environment. This proceeding proposes a improved Session Management method in Mobile environment.

• Convergence Security Journal
• /
• v.16 no.4
• /
• pp.43-51
• /
• 2016

Nowadays hacked using a security vulnerability in a web application, and the number of security issues on the web site at many sites due to the exposure of personal information is increasing day by day. In this paper, considering the open-source Web Application Security Project at the time of production of the website. Proposed the OWASP TOP 10 vulnerability verification method, by applying the proposed method and then analyzed for improved method and vulnerability to verify the performance of security vulnerability.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.199-202
• /
• 2023

Carriage return (CR) and line feed (LF), also known as CRLF injection is a type of vulnerability that allows a hacker to enter special characters into a web application, altering its operation or confusing the administrator. Log poisoning and HTTP response splitting are two prominent harmful uses of this technique. Additionally, CRLF injection can be used by an attacker to exploit other vulnerabilities, such as cross-site scripting (XSS). Email injection, also known as email header injection, is another way that can be used to modify the behavior of emails. The Open Web Application Security Project (OWASP) is an organization that studies vulnerabilities and ranks them based on their level of risk. According to OWASP, CRLF vulnerabilities are among the top 10 vulnerabilities and are a type of injection attack. Automated testing can help to quickly identify CRLF vulnerabilities, and is particularly useful for companies to test their applications before releasing them. However, CRLF vulnerabilities can also lead to the discovery of other high-risk vulnerabilities, and it fosters a better approach to mitigate CRLF vulnerabilities in the early stage and help secure applications against known vulnerabilities. Although there has been a significant amount of research on other types of injection attacks, such as Structure Query Language Injection (SQL Injection). There has been less research on CRLF vulnerabilities and how to detect them with automated testing. There is room for further research to be done on this subject matter in order to develop creative solutions to problems. It will also help to reduce false positive alerts by checking the header response of each request. Security automation is an important issue for companies trying to protect themselves against security threats. Automated alerts from security systems can provide a quicker and more accurate understanding of potential vulnerabilities and can help to reduce false positive alerts. Despite the extensive research on various types of vulnerabilities in web applications, CRLF vulnerabilities have only recently been included in the research. Utilizing automated testing as a recurring task can assist companies in receiving consistent updates about their systems and enhance their security.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.161-168
• /
• 2007

Web attack uses structural, logical and coding error or web application rather than vulnerability to Web server itself. According to the Open Web Application Security Project (OWASP) published about ten types of the web application vulnerability to show the causes of hacking, the risk of hacking and the severity of damage are well known. The detection ability and response is important to deal with web hacking. Filtering methods like pattern matching and code modification are used for defense but these methods can not detect new types of attacks. Also though the security unit product like IDS or web application firewall can be used, these require a lot of money and efforts to operate and maintain, and security unit product is likely to generate false positive detection. In this research profiling method that attracts the structure of web application and the attributes of input parameters such as types and length is used, and by installing structural database of web application in advance it is possible that the lack of the validation of user input value check and the verification and attack detection is solved through using profiling identifier of database against illegal request. Integral security management system has been used in most institutes. Therefore even if additional unit security product is not applied, attacks against the web application will be able to be detected by showing the model, which the security monitoring log gathering agent of the integral security management system and the function of the detection of web application attack are combined.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.220-223
• /
• 2017

세계적인 웹 어플리케이션 취약점을 다루는 OWASP(The Open Wed Application Security Project) TOP 10 [1]에 따르면 빈도가 높고 영향이 큰 취약점들은 모두 철저한 웹 보안 코드를 작성하면 어느 정도 예방할 수 있다는 결론이 나왔다. 이에 따라 최근 국내에서 일어난 웹 사이트의 취약점 사례를 알아보고 그 대응법에 대하여 분석한 후, 직접 개발한 웹 사이트에 웹 보안 코드를 적용할 수 있도록 하였다. 또한, 소프트웨어 공학자를 위한 java 시큐어코딩 가이드를 숙지하여 웹 개발 시 보안 유지를 강화하였다.

• Proceedings of the KAIS Fall Conference
• /
• 2010.11a
• /
• pp.239-242
• /
• 2010

웹 애플리케이션 해킹 방법인 CSRF(Cross Site Request Forgery) 공격은 2008년 2월에 온라인 경매사이트인 옥션에서의 1800만명의 개인정보를 유출 사고 피해를 입힌 공격이다. OWASP(Open Web Application Security Project)에서는 이 공격의 해결방안으로 동기화되고 고유한 토큰 값을 생성하여 페이지 요청 시에 이를 검증하는 시스템을 권고하고 있다. 따라서 본 논문에서는 이 공격을 방어하기 위한 방법으로 타임스탬프와 사용자 고유의 값인 전자서명을 토큰형태로 생성하여 Hidden Field에 삽입함으로써 검증하는 기법에 대해 연구하고자 한다.

• Journal of Information Processing Systems
• /
• v.13 no.4
• /
• pp.689-702
• /
• 2017

The Structured Query Language (SQL) Injection continues to be one of greatest security risks in the world according to the Open Web Application Security Project's (OWASP) [1] Top 10 Security vulnerabilities 2013. The ease of exploitability and severe impact puts this attack at the top. As the countermeasures become more sophisticated, SOL Injection Attacks also continue to evolve, thus thwarting the attempt to eliminate this attack completely. The vulnerable data is a source of worry for government and financial institutions. In this paper, a detailed survey of different types of SQL Injection and proposed methods and theories are presented, along with various tools and their efficiency in intercepting and preventing SQL attacks.