• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.07a
• /
• pp.121-122
• /
• 2019

본 논문에서는 웹쉘을 탐지하기 위한 방법 중 하나로 슬라이딩윈도우 기반 머신러닝을 활용하는 방안을 제안하고자 한다. 웹 공격에 많이 활용되는 웹쉘의 탐지를 위하여 제안하는 슬라이딩윈도우 기반의 탐지 기법은 시간이 지남에 따라 발전해가는 웹쉘 탐지 우회 기술에 대응하여 보다 정확한 탐지를 제공하는 기술이며, 이를 기반으로 웹쉘의 다양한 변종 또한 탐지할 수 있다. 본제안의 경우 코드의 부분별 위험도를 측정 및 제공하여 보다 효과적으로 대응할 수 있을 것으로 전망된다.

• Journal of Korea Multimedia Society
• /
• v.24 no.2
• /
• pp.255-266
• /
• 2021

Most common web or application system architectures have central network. As a result, central network can be supervised and controlled in all situation. And It has the advantage of easy to manage and fast to work. However, central network have a disadvantage of weak to security and unclear. In particular, many institutions used by web system be has many problems by central network. In this paper, we proposed blokchain technology based on ethereum to resolve of problem and trading structure that arise in cental network. We propose a decentralized application based on points including cryptocurrency functions and smart contract to the advantages of blockchain with a decentralized structure. The results of the performance experiment are as follows; It has shown the advantages of reliable use and security in a variety of environments(Windows, Ubuntu, Mac).

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.63-68
• /
• 2022

Given the competition between different tourist destinations to attract domestic and international tourists it is absolutely vital to examine their website efficacy on specific attributes. This study employs one of the recently developed multi-criteria decision-making method the Best-Worst Method to assess the state government official tourism website across four Indian states known for their tourism potential- Himachal Pradesh, Uttrakhand, Uttar Pradesh and Rajasthan on specific attributes provided by the widely acknowledged WebQual instrument. Information Fit-to-Task and Trust emerged as the most important criterion. Relative advantage and Innovation the least important. The results of the study are easily interpretable and visual. They offer both an individual and comparative analysis of the perceived website efficacy on specific attributes to facilitate tourism stakeholders and website administrators to strategize and make their digital presence effective and competitive.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.211-221
• /
• 2024

Pakistan is a top producer and exporter of high-quality rice, but traditional methods are still being used for detecting rice diseases. This research project developed an automated rice blast disease diagnosis technique based on deep learning, image processing, and transfer learning with pre-trained models such as Inception V3, VGG16, VGG19, and ResNet50. The modified connection skipping ResNet 50 had the highest accuracy of 99.16%, while the other models achieved 98.16%, 98.47%, and 98.56%, respectively. In addition, CNN and an ensemble model K-nearest neighbor were explored for disease prediction, and the study demonstrated superior performance and disease prediction using recommended web-app approaches.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.1222-1225
• /
• 2007

보안수준 평가 및 개선에 있어서 온라인 웹사이트 응용프로그램의 경우 측정 기준 설정과 보안 수준 표시에 많은 어려운 점이 있다. 이에 모토롤라부터 도입한 경영혁신 도구로서의 6 시그마 수준 표현 및 개선 기법을 웹사이트 보안수준 평가에 적용할 수 있도록, WASC(Web Application Security Consortium)에서 제공하고 있는 웹 애플리케이션 보안 평가 체크리스트를 사용하여 Bottom-Up 방식으로 웹 사이트에 대한 실제 침해 시도의 결과를 측정, 이를 보안수준 측정 및 개선에 활용할 수 있는 방안을 제시한다.

• Korean Journal of Computational Design and Engineering
• /
• v.11 no.5
• /
• pp.327-334
• /
• 2006

Recently, security incidents are growing rapidly in which internal employees let the drawing leak out to competitors or other countries. This type of security incidents has a characteristic that it occurs less frequently than other types of security incidents such as network or server security incident, but the damage is a lot more serious. The existing information security technologies to prevent internal information from being leaked out are only applicable to general documents(office documents, web pages and image files in which data are encrypted one by one). However, architectural drawings made up of collection of files with various formats(extensions) have problems with the process speed of en(de) cryption and accuracy, so the developments of security technologies by new methods are required. In this study, we design and develop a security technology based on work area with which users can protect the leakage of critical information in the kernel level while maintaining their work environment when they have to use sharing information that cannot be managed by the unit of file. As a result, we developed the "Virtual Secure Disk" which allows only authorized users and applications to have an access to drawings, and have verified its security by applying it to the actual company.

• The KIPS Transactions:PartC
• /
• v.14C no.7
• /
• pp.545-552
• /
• 2007

P3P(Platform for Privacy Preference) that is used in the World Wide Web is a standard to define and negotiate policies about definition, transmission, collection, and maintenance of personal information. Current P3P standard provides methods that define client personal information protection policy and P3P policy associated with web server. It also provides a method that compares these two policies. The current P3P standard, however, does not handle detail functions for safe transmission of the personal information and data. Also, it does not handle problems that can be induced by the detail functions. In this paper, in order to solve these problems, we propose a Secure P3P(S-P3P) protocol, which is a security protocol for the current P3P standard, offers mutual authentication between the web server and the client, and guarantees integrity and confidentiality of the messages and data. Furthermore, a S-P3P protocol provides non-repudiation on transmission and reception of personal information that is transmitted from the client to the web server.

• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.359-367
• /
• 2022

Arabic skills are the tools by which children are prepared for the educational procedures on which their life depends. Deaf and hard of hearing students (DHH), must be able to grasp the same Arabic terms as hearing students and their different meanings in a context of different sentences less than what they are supposed to be due to their inability. However, problems arise in the same Arabic word and their different meanings in a context for (DHH) students since the way of comprehending such words does not meet the needs and circumstances of (DHH) students. Therefore, researchers introduce web-based method for Arabic words and their meanings in a context prototype that can overcome those problems. Methodology: The study sample consists of 30 (DHH) students at Al Amal City of Palestine, Gaza Region (GR). Those participants that agreed to take part in this study were recruited using a purposeful sampling method. Additionally, to examine the survey information descriptively, the Statistical Packages for social Sciences (SPSS) version 24.0 was used. A sign language teaching movie is utilized in the prototype to standardize the process and verify that Arabic vocabulary and their implications are comprehended. The Evolutionary Process Model of Prototype technique was utilized to create this system. Finding: The findings of this study show that the prototype built is workable and has the ability to help DHHS differentiate between phrases that have the same letters but distinct meanings. The findings of this study are expected to contribute to a better understanding and application of Development of Web-based Arabic Assessments for (DHH) Students in developing countries, which will help to increase the use of Development of Web-based Arabic for (HDD) students in those countries. The empirical models of Web-based Arabic for (DHH) students are established as a proof of concept for the proposed model. The results of this study are predicted to have a significant impact to the information system practitioners and to the body of knowledge.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.19-25
• /
• 2023

The current network environment provides a real-time interactive service from an initial one-way information prov ision service. Depending on the form of web-based information sharing, it is possible to provide various knowledge a nd services between users. However, in this web-based real-time information sharing environment, cases of damage by illegal attackers who exploit network vulnerabilities are increasing rapidly. In particular, for attackers who attempt a phishing attack, a link to the corresponding web page is induced after actively generating a forged web page to a user who needs a specific web page service. In this paper, we analyze whether users directly and actively forge a sp ecific site rather than a passive server-based detection method. For this purpose, it is possible to prevent leakage of important personal information of general users by detecting a disguised webpage of an attacker who induces illegal webpage access using traceback information

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.4
• /
• pp.228-233
• /
• 2014

In recent general social surveillance systems, secure access control mechanism is needed. ONVIF establishes standards for interoperability between cameras and defines web service framework for it. In this paper we present an efficient attribute based access control mechanism for surveillance system networks which follow the ONVIF standards. It accommodates web service information security techniques and provides efficient secure access control.