• Journal of Software Assessment and Valuation
• /
• v.17 no.2
• /
• pp.125-142
• /
• 2021

Reports of rampant cross-site scripting (XSS) vulnerabilities raise growing concerns on the effectiveness of current Static Analysis Security Testing (SAST) tools as an internet security device. Attentive to these concerns, this study aims to examine seven open-source SAST tools in order to account for their capabilities in detecting XSS vulnerabilities in PHP applications and to determine their performance in terms of effectiveness and analysis runtime. The representative tools - categorized as either text-based or graph-based analysis tools - were all test-run using real-world PHP applications with known XSS vulnerabilities. The collected vulnerability detection reports of each tool were analyzed with the aid of PhpStorm's data flow analyzer. It is observed that the detection rates of the tools calculated from the total vulnerabilities in the applications can be as high as 0.968 and as low as 0.006. Furthermore, the tools took an average of less than a minute to complete an analysis. Notably, their runtime is independent of their analysis type.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.05a
• /
• pp.563-566
• /
• 2020

지식 그래프 기반의 질문 응답 문제는 자연어 질문에 대한 이해뿐만 아니라, 기반이 되는 지식 그래프상에서 올바른 답변을 찾기 위한 효과적인 추론 능력을 요구한다. 본 논문에서는 다중 홉 추론을 요구하는 복잡한 자연어 질문에 대해 연관 지식 그래프 위에서 답변 추론을 효과적으로 수행할 수 있는 심층 신경망 모델을 제안한다. 제안 모델에서는 지식 그래프상의 추론 과정에서 추른 경로를 명확히 하기 위한 노드의 양방향 특정 전파와 이웃 노드들 간의 맥락 정보까지 각 노드의 특정값에 반영할 수 있는, 표현력이 풍부한 쌍 선형 그래프 신경망 (BGNN)을 이용한다. 본 논문에서는 오픈 도메인의 지식 베이스 Freebase와 자연어 질문 응답 데이터 집합 WebQuestionsSP를 이용한 실험들을 통해, 제안 모델의 효과와 우수성을 확인하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2008.11a
• /
• pp.1425-1428
• /
• 2008

최근 웹사이트를 통해 악성 코드의 유포가 성행하면서 많은 웹 서비스 사용자들이 위험에 노출 되어 있다. 특히, 특정 웹페이지에 접속하는 것만으로도 사용자가 알지 못하는 사이에 악성 코드를 자동으로 다운로드 받도록 함으로써 그 위협은 더욱 커지고 있다. 본 논문에서는 이러한 악성 코드 유포 사이트를 탐지하기 위해 사용하였던 Website relationship graph, Parallel coordination, Amazon Web Service system을 차례로 소개하고, 각 기법의 장단점과 결과적으로 도출해낸 악성 코드 유포사이트들의 특징과 그것을 이용한 알려지지 않은 악성 코드 유포 사이트 탐지 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.340-343
• /
• 2007

복잡하고 난해한 웹 응용을 이해하고 테스트하는 것은 사용자가 요구하는 품질을 만족시키기 위한 필수적인 과정이지만 실제로 이 과정을 제대로 수행하는 것은 쉬운 일이 아니다. 지금까지 웹 응용의 테스트를 위해 여러 가지 프레임워크가 제시되어 사용되고 있지만 이러한 프레임워크의 효율성은 어떤 접근법을 사용하느냐에 의존적인 경우가 많다. 본 논문에서는 웹 응용 상태를 표현하는 도메인 모델과 테스트 활동 그래프를 통해 객체의 활동과 의존성을 표현하여 웹 응용의 정확성을 검증하는 테스트 기법을 제안하고자 한다. 이 기법은 웹 응용을 사용자가 이해하기 쉬운 활동으로 모델링하여 테스트할 수 있도록 도와줄 수 있으므로 업무의 효율성과 편의성을 증대시킬 수 있을 것으로 기대된다.

• Korean Association of Arts Management
• /
• no.58
• /
• pp.205-239
• /
• 2021

This study explores the importance of semantic web-based network construction in art data archiving, as well as its meaning and value in the context of arts management along with its potential for future application. The study focuses on oral history obtained from the Arko Arts Archives that contained records of the lives and artistic views of early artists. In this study, the possibility of applying semantic web-based technology to materials concerning culture and the arts was discussed in five aspects based on the results of the case analysis. First, checking the relationship and discovering hidden artists are possible by revealing relationships between characters. Second, understanding and studying society and culture at a given time is possible by interpreting the contextual meaning of information. Third, art exploration can be done broadly and deeply, encompassing various genres from the perspective of the consumer. Fourth, through art construction, history can be reconstructed using a new and rich method. Fifth, expanding the scope beyond the boundaries of art is possible through convergence and collaboration of programs that handle big data. The network data can be used in various methods, such as art history research, art planning, and creation, throughout the art ecosystem. The results of the study suggest that digitizing a large quantity of data concerning culture and the arts is meaningful in arts management as well as identifying and analyzing the relationship network among data clusters using semantic web-based technology.

• The KIPS Transactions:PartD
• /
• v.10D no.4
• /
• pp.603-612
• /
• 2003

According to development of Web, an amount of XML documents has been increasing. So, many researches are proceeding to verify XML data coming from clients and to store or query efficiently database. In order to verify, store and query, DTD or XML Schema of XML documents is necessary. However, Schemaless XML documents couldn't be operated since they do not have either DTD or in Schema. In this paper, we extract XML schema in order to verify XML data and store or query efficiently database from either well-formed XML or XML Schemaless documents. XML Schema extracting technique which is proposed in this paper extract Schema graph using simulation and dataguide that is a extracting technique for semistructured characteristics of XML data. Also, we propose extracting technique for XML Schema using pattern tables that are considerated with Schema graph and reusability.

• KIPS Transactions on Software and Data Engineering
• /
• v.3 no.12
• /
• pp.547-552
• /
• 2014

As social multimedia sites are getting popular such as Flickr and Facebook, the amount of image information has been increasing very fast. So there have been many studies for accurate social image retrieval. Some of them were web image classification using semantic relations of image tags and BoVW(Bag of Visual Words). In this paper, we propose a method to detect salient region in images using GBVS(Graph Based Visual Saliency) model which can eliminate less important region like a background. First, We construct BoVW based on SIFT algorithm from the database of the preliminary retrieved images with semantically related tags. Second, detect salient region in test images using GBVS model. The result of image classification showed higher accuracy than the previous research. Therefore we expect that our method can classify a variety of images more accurately.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.3
• /
• pp.615-620
• /
• 2016

Improved quality of life has increased in a population with a high BMI (Body Mass Index). Accordingly, the development of a system for prevention of obesity management is required. Because a requirement for the prevention of obesity management system. This system has been developed to solve this problem and it is done by measuring the user information of the individual's body. The purpose of this paper is to understand the changes in your own BMI over the course of usage of this application and store the BMI in the database. This BMI data is expressed as a graph to the user and based on the BMI graph, the user is suggested to the type of exercise required by his body. The most appropriate exercise equipment's are shown to the user based on the BMI and also recommendations based on the historical data of other users with similar BMI. This system also recommends chronic diseases depending on blood sugar, blood pressure.

• Spatial Information Research
• /
• v.19 no.3
• /
• pp.43-52
• /
• 2011

Recently, interest in location-based service (LBS) which utilizes a DBMS in mobile system environment has been increasing, and it is expected to overcome the existing file-based system's limitation in advanced in-vehicle system by utilizing DBMS's advantages such as efficient storage, transaction management, modelling and spatial queries etc. In particular, the road network data corresponds to the most essential domain in a route planning system, which needs efficient management and maintenance. Accordingly, this study aims to develop an efficient graph-based geodata model for topological network data and to support dynamic path computation algorithm based on heuristic approach in mobile LBS system. To achieve this goal, we design a data model for supporting the hierarchy of network, and implement a path planning system to evaluate its performance in mobile LBS system. Last but not least, we find out that the designed path computation algorithm with hierarchical graph model reduced the number of nodes used for finding and improved the efficiency of memory.

• Journal of KIISE:Databases
• /
• v.32 no.5
• /
• pp.526-535
• /
• 2005

Ontology is a methodology on describing specific concepts and their relationships, and it is being considered important more and more as semantic web and variety of knowledge management systems are being highlighted. Ontology uses the relationships among concerts to represent some concrete semantics of specific concept. When we want to get some useful information from ontology, we severely have to process the transitive relationships because most of relationships among concepts represent transitivity. Technically, it causes recursive calls to process such transitive closure queries with heavy costs. This paper describes the efficient technique for processing transitive closure queries in ontology. To the purpose of it, we examine some approaches of current systems for transitive closure queries, and propose a technique by graph labeling scheme. Basically, we assume large size of ontology, and then we show that our approach gives relative efficiency in processing of transitive closure, queries.