• Journal of the Korean Society for information Management
• /
• v.19 no.3
• /
• pp.111-122
• /
• 2002

In order to investigate information seeking behavior of web search users, this study analyzes transaction logs posed by users of NAVER, a major Korean Internet search service. We present a session definition method for Web transaction log analysis, a way of cleaning original logs and a query classification method. We also propose a query term definition method that is necessary for Korean Web transaction log analysis. It is expected that this study could contribute to the development and implementation of more effective Web search systems and services.

• Industrial Engineering and Management Systems
• /
• v.11 no.1
• /
• pp.82-86
• /
• 2012

In For the past few years, query log data has been collected to find user's behavior in using the site. Many researches have studied on the usage of query logs to extract user's preference, recommend personalization, improve caching and pre-fetching of Web objects, build better adaptive user interfaces, and also to improve Web search for a search engine application. A query log contain data such as the client's IP address, time and date of request, the resources or page requested, status of request HTTP method used and the type of browser and operating system. A query log can offer valuable insight into web site usage. A proper compilation and interpretation of query log can provide a baseline of statistics that indicate the usage levels of website and can be used as tool to assist decision making in management activities. In this paper we want to discuss on the tasks performed of query logs in pre-processing of web usage mining. We will use query logs from an online newspaper company. The query logs will undergo pre-processing stage, in which the clickstream data is cleaned and partitioned into a set of user interactions which will represent the activities of each user during their visits to the site. The query logs will undergo essential task in pre-processing which are data cleaning and user identification.

• Journal of the Korean Society for information Management
• /
• v.36 no.4
• /
• pp.183-205
• /
• 2019

Among the various methods for identifying users's information needs, Log analysis methods can realistically reflect the users' actual search behavior and analyze the overall usage of most users. Based on the large quantity of query log big data obtained through the portal service of the National Archives of Korea, this study conducted an analysis by the information type and search result type in order to identify the users' information needs. The Query log used in analysis were based on 1,571,547 query data collected over a total of 141 months from 2007 to December 2018, when the National Archives of Korea provided search services via the web. Furthermore, based on the analysis results, improvement methods were proposed to improve user search satisfaction. The results of this study could actually be used to improve and upgrade the National Archives of Korea search service.

• Journal of the Korean Society for Library and Information Science
• /
• v.39 no.1
• /
• pp.265-278
• /
• 2005

This study examines web query types and topics submitted to Naver during one year period by analyzing query logs and click logs. Query logs capture queries users submitted to the system, and click logs consist of documents users clicked and viewed. This study presents a methodology to classify query types and topics. A method for click log analysis is also suggested. When classified by query types, there are more site search queries than content search queries. Queries about computer/internet. entertainment, shopping. game, education rank hightest. The implications for system designers and web content providers are discussed.

• Journal of the Korean Society for Library and Information Science
• /
• v.45 no.2
• /
• pp.209-228
• /
• 2011

Web search behavior has evolved. People now search using many diverse information devices in various situations. To monitor these scattered and shifting search patterns, an improved way of learning and analysis are needed. Traditional web search studies relied on the server transaction logs and single query instance analysis. Since people use multiple smart devices and their searching occurs intermittently through a day, a bundled query research could look at the whole context as well as penetrating search needs. To observe and analyze bundled queries, we developed a proprietary research software set including a log catcher, query bundling tool, and bundle monitoring tool. In this system, users' daily search logs are sent to our analytic server, every night the users need to log on our bundling tool to package his/her queries, a built in web survey collects additional data, and our researcher performs deep interviews on a weekly basis. Out of 90 participants in the study, it was found that a normal user generates on average 4.75 query bundles a day, and each bundle contains 2.75 queries. Query bundles were categorized by; Query refinement vs. Topic refinement and 9 different sub-categories.

• Journal of the Korean Society for information Management
• /
• v.20 no.2
• /
• pp.27-41
• /
• 2003

Query logs are online records that capture user interactions with information retrieval systems and all the search processes. Query log analysis offers ad advantage of providing reasonable and unobtrusive means of collecting search information from a large number of users. In this paper, query logs of NAVER, a major Korean Internet search service, were analyzed to investigate the information seeking behabior of NAVER users. The query logs were collected over one week from various collecions such as comprehensive search, directory search and web ducument searc. It is expected that this study could contribute to the development and implementation of more effective web search systems and services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.11
• /
• pp.2381-2390
• /
• 2011

This paper presents the effective and detailed secure monitoring method being used based on Secure OS. For this, the detailed secure log of process, object, user's command and database query in task server are collected by 3 kinds of log collecting module. The log collecting modules are developed by ourselves and contained as constituents of security system. Secure OS module collects process and system secure log of objective unit, Backtracker module collects user's command session log, SQLtracker module collects database query in details. When a system auditor monitors and traces the behaviour of specified user or individual user, the mutual connection method between the secure logs can support detailed auditing and monitering effectively.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.181-190
• /
• 2009

DBMS access that used high speed internet web service through WAS is increasing. Need application of DB security technology for 3-Tier about DBMS by unspecified majority and access about roundabout way connection and competence control. If do roundabout way connection to DBMS through WAS, DBMS server stores WAS's information that is user who do not store roundabout way connection user's IP information, and connects to verge system. To DBMS in this investigation roundabout way connection through WAS do curie information that know chasing station security thanks recording and Forensic data study. Store session about user and query information that do login through web constructing MetaDB in communication route, and to DBMS server log storing done query information time stamp query because do comparison mapping actuality user discriminate. Apply making Rule after Pattern analysis receiving log by elevation method of security authoritativeness, and develop Module and keep in the data storing place through collection and compression of information. Kept information can minimize false positives of station chase through control of analysis and policy base administration module that utilize intelligence style DBMS security client.

• Journal of KIISE
• /
• v.44 no.1
• /
• pp.1-12
• /
• 2017

The continuously growing internet service requirements has resulted in a multitier system structure consisting of web server and database (DB) server. In this multitier structure, the existing intrusion detection system (IDS) detects known attacks by matching misused traffic patterns or signatures. However, malicious change to the contents at DB server through hypertext transfer protocol (HTTP) requests at the DB server cannot be detected by the IDS at the DB server's end, since the DB server processes structured query language (SQL) without knowing the associated HTTP, while the web server cannot identify the response associated with the attacker's SQL query. To detect these types of attacks, the malicious user is tracked using knowledge on interaction between HTTP request and SQL query. However, this is a practical challenge because system's source code analysis and its application logic needs to be understood completely. In this study, we proposed a scheme to find the HTTP request associated with a given SQL query using only system log files. We first generated an HTTP request-SQL query map from system log files alone. Subsequently, the HTTP request associated with a given SQL query was identified among a set of HTTP requests using this map. Computer simulations indicated that the proposed scheme finds the HTTP request associated with a given SQL query with 94% accuracy.

• Journal of Korean Library and Information Science Society
• /
• v.40 no.4
• /
• pp.139-158
• /
• 2009

This paper used the network analysis method to analyse a variety of attributes of searcher's search behaviors which was appeared on search access log data. The results of this research are as follows. First, the structure of network represented depending on the similarity of the query that user had inputed. Second, we can find out the particular searchers who occupied in the central position in the network. Third, it showed that some query were shared with ego-searcher and alter searchers. Fourth, the total number of searchers can be divided into some sub-groups through the clustering analysis. The study reveals a new recommendation algorithm of associated searchers and search query through the social network analysis, and it will be capable of utilization.