• Journal of Advanced Navigation Technology
• /
• v.22 no.5
• /
• pp.467-471
• /
• 2018

During the fourth industrial revolution, the amount of data available to users has surged. And it became a stepping stone for various convergence technologies such as ECMA script, WebAssembly, and web of things using web technology. Also, as the amount of data shared on the web increases, the web has emerged as the most influential media in modern life. As a result, web developers have tried to deliver data quickly over the Web. So, various web application analysis tools appeared, and developers tried to find a solution to solve the speed problem by analyzing the web application. However, the performance of web application analysis tools has not improved significantly. Most existing analytical tools require direct installation, require expertise on the Web to perform analysis, and do not have function to analysis new technologies such as WebAssembly. Therefore, in this paper, we propose the design of a new reporting solution that can solve problems of existing web application analysis tool.

• Journal of Advanced Navigation Technology
• /
• v.22 no.5
• /
• pp.456-461
• /
• 2018

Until the 4th Industrial Revolution fused the Web with diverse technologies, the only factor in evaluating the performance of a Web application was the loading speed of the Web application. Therefore, most existing Web application performance analysis tools focus on the speed at which Web applications run in a Web browser. However, the web is now being used not only in a simple web browser but also in a variety of services. So, in addition to simple speed, there are more elements to be checked to evaluate web applications. Therefore, in this paper, we design a server to perform web application performance analysis considering progressive web app, accessibility, best practice, and search engine optimization as well as the above mentioned speed. Also, we realize a REST API based server that can provide web application performance services without being affected by user's devices or environment.

• Journal of KIISE:Software and Applications
• /
• v.30 no.12
• /
• pp.1193-1207
• /
• 2003

Various web applications are developed as the Internet is popularized in many fields. However, in most cases of web application development, systematic analysis is omitted and developers jump into the implementation. Therefore developers have difficulties with applying the development methods for a large scale project. The approach of creating an analysis models of a web application from a business model is proposed for the rapid and efficient development. The analysis process, tasks and techniques are proposed for this approach. The use case diagram and web page list are created from business modes that is depicted using the notation of UML activity diagram. The page diagram and logical / physical database models are created using the use case diagram and the web page list. These analysis models are refined during the detailed design phase. The efficiency of proposed method has been shown using a practical case study which reflects the development project of the web application for supporting the association of auto repair shops.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.3
• /
• pp.139-146
• /
• 2008

Despite of information security installation, leakage of personal information in web services has not decreased. This is because traffics to web applications are still vulnerable by permitting external sources to access services in port HTTF 80 and HTTPS 443, even with firewall systems in place. This thesis analyzes various attack patterns resulted from web service environment and vulnerable traffic and categorizes the traffics into normal and abnormal traffics. Also this proposes ways to analyze web application attack patterns from those abnormal traffics based on weak points warned in OWASF(Open Web Application Security Project), design a system capable of detect and isolate attacks in real time, and increase efficiency of preventing attacks.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.9
• /
• pp.1011-1018
• /
• 2014

Because of the proliferation of web services through web site, web hacking attempts are increasing using vulnerabilities of the web application. In order to improve the security of web applications, we have to find vulnerabilities in web applications and then have to remove. This paper addresses a vulnerability in a web application on existing problems and analyze and propose solutions to the vulnerability. This paper have checked the stability of existing web security solutions and evaluated its suitability through analysis of vulnerability. Also, we have implemented the vulnerability analysis tools for web Proxy system and proposed methods to optimize for resolution of web vulnerabilities.

• ETRI Journal
• /
• v.42 no.3
• /
• pp.433-445
• /
• 2020

A denial-of-service (DoS) attack is a serious attack that targets web applications. According to Imperva, DoS attacks in the application layer comprise 60% of all the DoS attacks. Nowadays, attacks have grown into application- and business-layer attacks, and vulnerability-analysis tools are unable to detect business-layer vulnerabilities (logic-related vulnerabilities). This paper presents the business-layer dynamic application security tester (BLDAST) as a dynamic, black-box vulnerability-analysis approach to identify the business-logic vulnerabilities of a web application against DoS attacks. BLDAST evaluates the resiliency of web applications by detecting vulnerable business processes. The evaluation of six widely used web applications shows that BLDAST can detect the vulnerabilities with 100% accuracy. BLDAST detected 30 vulnerabilities in the selected web applications; more than half of the detected vulnerabilities were new and unknown. Furthermore, the precision of BLDAST for detecting the business processes is shown to be 94%, while the generated user navigation graph is improved by 62.8% because of the detection of similar web pages.

• Journal of KIISE:Information Networking
• /
• v.30 no.1
• /
• pp.97-116
• /
• 2003

Frequency of attacks on web services and the resulting damage continue to grow as web services become popular. Techniques used in web service attacks are usually different from traditional network intrusion techniques, and techniques to protect web services are badly needed. Unfortunately, conventional intrusion detection systems (IDS), especially those based on known attack signatures, are inadequate in providing reasonable degree of security to web services. An application-level IDS, tailored to web services, is needed to overcome such limitations. The first step in developing web application IDS is to analyze known attacks on web services and characterize them so that anomaly-based intrusion defection becomes possible. In this paper, we classified known attack techniques to web services by analyzing causes, locations where such attack can be easily detected, and the potential risks.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.2
• /
• pp.155-166
• /
• 2002

Even the short history of the Web system, the technology related to the Web system has been developed rapidly. Yet, the quality of the Web-based application software has not been improved that much. For this reason, the efficient method to develop the Web-based application software is needed. This paper describes the items necessary to develop the Web-based application software. On the basis of ISO/IEC 12207-Software Life Cycle Processes this paper mainly suggests the analysis and design stage of the Web-based model for developing software. Also, this paper describes the methods to define the process and the entity for applying contents to Web-based application software. With the web-based model suggested in this paper the Web-RoadMap Methodology of KCC Information & Communication, a system provider in Korea, has been applied to the public-domain projects. Through the application, Web-RoadMap Methodology has been proved to be an applicable model for analyzing and designing the systems based on the web environments.

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2005.06a
• /
• pp.173-176
• /
• 2005

In this paper, a study on Web-based application using commercial CAE program, ANSYS is performed. Customized analysis, site or user oriented specific analysis, is suitable to user and user's demand who has little experience in structural analysis for specific CAE analysis. Customized analysis methodology using ANSYS Workbench SDK is presented through the web-based application. Case Studies of mobile phone about the implementation of web-based application are also presented as an example.

• Communications for Statistical Applications and Methods
• /
• v.12 no.1
• /
• pp.191-197
• /
• 2005

Application of data mining techniques to the world wide web, referred to as web mining, has been the focus of several recent researches. With the explosive growth of information sources available on the world wide web, it has become increasingly necessary to track and analyze their usage patterns. In this study, we introduce a process of pre-processing and cluster analysis on web log data and suggest a distance measure considering the structural relationships between web contents. Also, we illustrate some real examples of cluster analysis for web log data and look into practical application of web usage mining for eCRM.