• Title/Summary/Keyword: user session

Search Result 310, Processing Time 0.021 seconds

User Identification and Session completion in Input Data Preprocessing for Web Mining (웹 마이닝을 위한 입력 데이타의 전처리과정에서 사용자구분과 세션보정)

  • 최영환;이상용
    • Journal of KIISE:Software and Applications
    • /
    • v.30 no.9
    • /
    • pp.843-849
    • /
    • 2003
  • Web usage mining is the technique of data mining that analyzes web users' usage patterns by large web log. To use the web usage mining technique, we have to classify correctly users and users session in preprocessing, but can't classify them completely by only log files with standard web log format. To classify users and user session there are many problems like local cache, firewall, ISP, user privacy, cookey etc., but there isn't any definite method to solve the problems now. Especially local cache problem is the most difficult problem to classify user session which is used as input in web mining systems. In this paper we propose a heuristic method which solves local cache problem by using only click stream data of server side like referrer log, agent log and access log, classifies user sessions and completes session.

Session Management and Control Architecture for N-Screen Services (N-스크린 서비스를 위한 세션 제어 및 관리 구조)

  • Kim, Jae-Woo;Ullah, Farman;Sarwar, Ghulam;Lee, Hyun-Woo;Lee, Sung-Chang
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.13 no.2
    • /
    • pp.15-23
    • /
    • 2013
  • In this paper, we propose a session management and control architecture for N-Screen services, which enable users to change devices and transfer contents among user's devices during service by session transfer and split. In N-Screen services, users may have multiple devices with different attribute such as screen resolution, CPU capability and access network interfaces. Also, since users may change devices during service, or one user may use multiple stream, N-Screen services need to enable the user to share and transfer contents across N-Screen devices. We introduce the management and control servers to provide session split over user multiple devices and session continuity while changing device. Furthermore, the proposed architecture provides the device capabilities aware session continuity. In addition, the proposed scheme minimizes the session transfer delay and content server processing load. We present results that show the effectiveness and usefulness of proposed architecture.

Recipient S-CSCF Assured (RSA) Session Transfer for IMS based NGN

  • Yun, Chang-Ho;Cho, A-Ra;Kim, Seung-Geun;Park, Jong-Won;Lim, Yong-Kon
    • Journal of information and communication convergence engineering
    • /
    • v.8 no.4
    • /
    • pp.355-364
    • /
    • 2010
  • A session transfer method, referred to as a Recipient Serving-call session control function (S-CSCF) Assured (RSA), is proposed in order to support both session mobility and consistency in IP multimedia subsystem (IMS) based next generation network (NGN). RSA session transfer simplifies a basic session transfer operation specified in [1] by using the user agent client (UAC) like characteristics of an S-CSCF. To show its efficiency, the session transfer delay and the traffic cost of RSA session transfer are investigated and compared with those of existing session transfer applications, including Assured and Consultative session transfers, by practically considering multiple session transfer failures. It is shown that RSA session transfer can further improve user experience by reducing session transfer delay as well as traffic cost than Assured and Consultative session transfers.

Enhancing the Session Security of Zen Cart based on HMAC-SHA256

  • Lin, Lihui;Chen, Kaizhi;Zhong, Shangping
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.1
    • /
    • pp.466-483
    • /
    • 2017
  • Zen Cart is an open-source online store management system. It is used all over the world because of its stability and safety. Today, Zen Cart's session security mechanism is mainly used to verify user agents and check IP addresses. However, the security in verifying the user agent is lower and checking the IP address can affect the user's experience. This paper, which is based on the idea of session protection as proposed by Ben Adida, takes advantage of the HTML5's sessionStorage property to store the shared keys that are used in HMAC-SHA256 encryption. Moreover, the request path, current timestamp, and parameter are encrypted by using HMAC-SHA256 in the client. The client then submits the result to the web server as per request. Finally, the web server recalculates the HMAC-SHA256 value to validate the request by comparing it with the submitted value. In this way, the Zen Cart's open-source system is reinforced. Owing to the security and integrity of the HMAC-SHA256 algorithm, it can effectively protect the session security. Analysis and experimental results show that this mechanism can effectively protect the session security of Zen Cart without affecting the original performance.

A improved authentication protocol for the forward security (개선된 포워드 보안을 위한 인증 프로토콜)

  • Shi, Wenbo;Jang, In-Joo;Yoo, Hyeong-Seon
    • The Journal of Society for e-Business Studies
    • /
    • v.12 no.4
    • /
    • pp.17-27
    • /
    • 2007
  • This paper proposes a key distribution and authentication protocol between user, service provider and key distribution center (KDC). This protocol is based on symmetric cryptosystem, challenge-response, Diffie-Hellman component and hash function. In the proposed protocol, user and server update the session key under token-update operation, and user can process repeated efficient authentications by using updated session keys. And another merit is that KDC needs not to totally control the session key between user and server in proposed protocol. Even an attacker steals the parameters from the KDC, the attacker still can not calculate session key. According to the comparison and analysis with other protocols, our proposed protocol provides good efficiency and forward secure session key.

  • PDF

Ensemble-By-Session Method on Keystroke Dynamics based User Authentication

  • Ho, Jiacang;Kang, Dae-Ki
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.8 no.4
    • /
    • pp.19-25
    • /
    • 2016
  • There are many free applications that need users to sign up before they can use the applications nowadays. It is difficult to choose a suitable password for your account. If the password is too complicated, then it is hard to remember it. However, it is easy to be intruded by other users if we use a very simple password. Therefore, biometric-based approach is one of the solutions to solve the issue. The biometric-based approach includes keystroke dynamics on keyboard, mice, or mobile devices, gait analysis and many more. The approach can integrate with any appropriate machine learning algorithm to learn a user typing behavior for authentication system. Preprocessing phase is one the important role to increase the performance of the algorithm. In this paper, we have proposed ensemble-by-session (EBS) method which to operate the preprocessing phase before the training phase. EBS distributes the dataset into multiple sub-datasets based on the session. In other words, we split the dataset into session by session instead of assemble them all into one dataset. If a session is considered as one day, then the sub-dataset has all the information on the particular day. Each sub-dataset will have different information for different day. The sub-datasets are then trained by a machine learning algorithm. From the experimental result, we have shown the improvement of the performance for each base algorithm after the preprocessing phase.

Design of the Adaptive SIP Application Server System Architecture supporting SIP-based Session Mobility over the Home Network configured with Private IP (사설IP 기반 홈네트워크에서 세션이동성 지원의 적응적인 SIP 응용서버 시스템 구조 설계)

  • Oh, Yeon-Joo;Beom, Min-Jun;Kim, Dong-Hee;Paik, Eui-Hyun
    • IEMEK Journal of Embedded Systems and Applications
    • /
    • v.1 no.2
    • /
    • pp.73-81
    • /
    • 2006
  • The home network is generally separated from the Internet, as it is made up of a private network due to security issues and the lack of IPv4 addresses space. Also, a user may want to move from a terminal to another terminal connected in the home network during communicating with people outside the home. In this case, people connected in the Internet, or another home network could not communicate the user at the home. These limitations prevent a SIP-capable device connected in the home network from communicating with another SIP-capable device connected in the Internet or the outside of the home network. To overcome the limitations, This paper proposes the Adaptive SIP Application Server System as a software architecture that a user inside of the home can communicate with people outside of the home when the home is composed of a private IP-based network. Moreover, the proposed architecture provides the session mobility that allows the user to maintain a media session even if changing the terminal inside of the home during the session established. The proposed system was implemented over a home server device which acts functionality as a connection point for transmitting IP packets between a home network and the Internet.

  • PDF

A Defense Mechanism Based on Session Status against Cookie Replay Attack in Web Applications (웹 애플리케이션에서 세션 상태 기반의 쿠키 재전송 공격 방어 기법)

  • Won, Jong Sun;Park, JiSu;Shon, Jin Gon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.4 no.1
    • /
    • pp.31-36
    • /
    • 2015
  • As web accessibility has been easier, security issue becomes much more important in web applications demanding user authentication. Cookie is used to reduce the load of the server from the session in web applications and manage the user information efficiently. However, the cookie containing user information can be sniffed by an attacker. With this sniffed cookie, the attacker can retain the web application session of the lawful user as if the attacker is the lawful user. This kind of attack are called cookie replay attack and it causes serious security problems in web applications. In this paper, we have introduced a mechanism to detect cookie replay attacks and defend them, and verified effectiveness of the mechanism.

Implementation of Location-Aware VOD Service supporting User Mobility in Ubiquitous Spaces (편재형 공간에서 사용자 이동성을 지원하는 위치 인식 VOD서비스의 구현)

  • Choi Tae Uk;Chung Ki Dong
    • Journal of KIISE:Information Networking
    • /
    • v.32 no.1
    • /
    • pp.80-88
    • /
    • 2005
  • In ubiquitous spaces, a user wants to be provided with a VOD service while moving one space to another freely. Since the traditional VOD system is dependent on user location, the VOD server transmits video data to a single client during a session. If the user moves to another space, he/she should close the old session and make a new request for the same video. However, the location-aware VOD system supports user mobility by closing and opening the session automatically. That is, the VOD system automatically perceives the movement of a user and allows the server to change the data flow so that a client near the user can receive the video data. This paper proposes a location-aware VOD service architecture and a session handoff scheme to provide a mobile user with continuous video delivery and implements a location-aware VOD prototype system based on Jini and Java. In experiment, we show that the proposed handoff scheme has a smaller handoff delay than the other handoff scheme.

An Improved Smart Card-based User Authentication Scheme with Session Key Agreement for Telecare Medicine Information System

  • Yang, Hyungkyu
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.9 no.3
    • /
    • pp.35-43
    • /
    • 2017
  • In 2013, Lee-Lie proposed secure smart card based authentication scheme of Zhu's authentication for TMIS which is secure against the various attacks and efficient password change. In this paper, we discuss the security of Lee-Lie's smart card-based authentication scheme, and we have shown that Lee-Lie's authentication scheme is still insecure against the various attacks. Also, we proposed the improved scheme to overcome these security problems of Lee-Lie's authentication scheme, even if the secret information stored in the smart card is revealed. As a result, we can see that the improved smart card based user authentication scheme for TMIS is secure against the insider attack, the password guessing attack, the user impersonation attack, the server masquerading attack, the session key generation attack and provides mutual authentication between the user and the telecare system.