• Proceedings of the Korean Information Science Society Conference
• /
• 2000.10a
• /
• pp.632-634
• /
• 2000

최근에 일어나는 해킹 사고의 대부분은 스캐닝 도구를 사용하여 일차적으로 공격하고자 하는 시스템의 취약점 정보를 수집한 다음, 이를 바탕으로 시스템에 대해 공격을 시도하고 있다. 하지만, 대부분의 네트워크 시스템 관리자들은 자신의 시스템의 취약점에 대한 정보 부족과 기술 부족으로 인하여 무방비 상태로 관리하고 있는 실정이다. 그리고 대부분은 스캐닝 도구들은 처음에는 시스템 보안취약점 진단 목적으로 개발되었으나, 해커들에 의해 악용되고 있다. 따라서, 본 논문에서는 보안에 미숙한 관리자도 시스템의 취약점을 쉽게 발견하고 이를 바탕으로 하여 취약점을 보완할 수 있도록 웹 기반에서 시스템 보안 취약점을 진단하는 시스템을 제안하고자 한다.

• Review of KIISC
• /
• v.13 no.5
• /
• pp.24-30
• /
• 2003

인터넷을 비롯한 대부분의 패킷스위칭 네트워크는 IP(Internet Protocol)을 기반으로 하고 있다. 그러나, IP는 기본적으로 보안에 취약하게 설계되어 보안이 필요한 통신에 사용하는데는 어려움이 있다. IPSec(IP Security)은 IP 트래픽에 대한 이러한 보안문제를 극복하기 위해 생겨났으며, 방화벽과 결합된 형태로 가장 널리 쓰이고 있는 VPN(Virtual Private Network) 제품의 하나이다. 그러나 IPSec의 문제점이 대두되고, Web-based Service가 영역을 넓혀가면서 기존의 웹보안프로토콜인 SSL이 VPN의 새로운 형식으로 나타나고 있다. 본 고에서는 IPSec VPN과 SSL VPN의 차이점의 분석하여 정리하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.10a
• /
• pp.760-762
• /
• 2003

인터넷을 비롯한 대부분의 패킷스위칭 네트워크는 IP(Internet Protocol)을 기반으로 하고 있으나, IP는 기본적으로 보안에 취약하게 설계되어 보안이 필요한 통신에 사용하는데는 어려움이 있다. IPSec(IP Security)은 IP 트래픽에 대한 이러한 보안문제를 극복하기 위해 생겨났으며, 방화벽과 결합된 형태로 가장 널리 쓰이고 있는 VPN(Virtual Private Network) 제품의 하나이다. 그러나 IPSec 자체의 문제점이 대두되고, Web-based Service가 영역을 넓혀가면서 기존의 웹 보안 프로토콜인 SSL이 VPN의 새로운 형식으로 나타나고 있다. 본 고에서는 이러한 SSL VPN의 모델을 IPSec VPN과 비교하여 분석하고자 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.601-613
• /
• 2012

It is required to design and implement secure web applications to provide safe web services. For this reason, there are several scoring frameworks to measure vulnerabilities in web applications. However, these frameworks do not classify according to seriousness of vulnerability because these frameworks simply accumulate score of individual factors in a vulnerability. We rate and score vulnerabilities according to probability of privilege acquisition so that we can prioritize vulnerabilities found in web applications. Also, our proposed framework provides a method to score all web applications provided by an organization so that which web applications is the worst secure and should be treated first. Our scoring framework is applied to the data which lists vulnerabilities in web applications found by a web scanner based on crawling, and we show the importance of categorizing vulnerabilities according to privilege acquisition.

• Journal of Software Engineering Society
• /
• v.28 no.1
• /
• pp.13-22
• /
• 2019

To enhance effective and efficient applications of automated security vulnerability checkers in highly competitive and fast-evolving IT industry, this paper studies a comprehensive set of security bug checkers in open-source static analysis frameworks and how they can be utilized for source code inspections according to the security vulnerability inspection guidelines by MOIS. This paper clarifies the relationship be tween all 42 inspection criteria in the MOIS guideline and total 323 security bug checkers in 4 popular open-source static analysis frameworks for Java web applications. Based on the result, this paper also discuss the current challenges and issues in the MOIS guideline, the comparison among the four security bug checker frameworks, and also the ideas to improve the security inspection methodologies using the MOIS guideline and open-source static security bug checkers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2000.10a
• /
• pp.433-438
• /
• 2000

Now, It is vulnerabilities and problems of adaption in user identification and authentication on the Web environments; the BAA(Basic Access Authentication) of HTTP1.0 is that use. ID and password is passed with clear-text between client and server, For this enhancement, the DAA(Digest Access Authentication) of HTTP1.1 is that use. password is digested by MAC(Message Authentication Code) mechanism. but, this mechanism is not adapted by venders of Web browsers. This paper propose the lava based user identification and authentication model to resolve the above problems. Proposed systems are applied to the Web environment, since it has independence to web server and client.

• Convergence Security Journal
• /
• v.16 no.1
• /
• pp.81-87
• /
• 2016

In this paper, we propose a forgery/falsification detection technique of web site using the images. The proposed system captures images of the web site when a user accesses to the forgery/falsification web site that has the financial information deodorizing purpose. The captured images are compared with those of normal web site images to detect forgery/falsification. The proposed system calculates similarity factor of normal site image with captured one to detect whether the site is normal or not. If it is determined as normal, analysis procedure is finished. But if it is determined as abnormal, a message informs the user to prevent additional financial information spill and further accidents from the forgery web site.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.3
• /
• pp.162-168
• /
• 2014

Cross-Site Request Forgery is one of the attack techniques occurring in today's Web Applications. It allows an unauthorized attacker to send authorized requests to Web Server through end-users' browsers. These requests are approved by the Web Server as normal requests therefore unexpected results arise. The problem is that the Web Server verifies an end-user using his Cookie information. In this paper, we propose an enhanced CSRF defense scheme which uses Page Identifier and user password's hash value in addition to the Cookie value which is used to verify the normal requests. Our solution is simple to implement and solves the problem of the token disclosure when only a random token is used for normal request verification.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.753-762
• /
• 2021

WebAssembly(WASM) is a low-level instruction format that can be run in a web environment. Since WASM has a excellent performance, various web applications use webassembly. However, according to our security analysis WASM has a security pitfall related to control flow integrity (CFI) for indirect calls. To address the problem in this paper we propose a new code instrumentation scheme to protect indirect calls, named WACFI. Specifically WACFI enhances a CFI technique for indirect call in WASM based on source code anlysis and binary instrumentation. To test the feasibility of WACFI, we applied WACFI to a sound-encoding application. According to our experimental results WACFI only adds 2.75% overhead on the execution time while protecting indirect calls safely.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.279-285
• /
• 2015

In this paper, we present the design and implementation of a realtime DNS Query Analysis System to detect and to protect from DNS attacks. The proposed system uses mirroring to collect data in DMZ, then analizes the collected data. As a result of the analysis, if the proposed system finds attack information, the information is used as a filtering information of firewall. statistic of the collected data is viewed as a realtime monitoring information on the web. To verify the effictiveness of the proposed system, we have built the proposed system and conducted some experiments. As the result, Our proposed system can be used effectively to defend DNS spoofing, DNS flooding attack, DNS amplification attack, can prevent interior network's attackers from attacking and provides realtime DNS query statistic information and geographic information for monitoring DNS query using GeoIP API and Google API. It can be useful information for ICT convergence and the future work.