• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.686-690
• /
• 2003

웹 응용프로그램에 대한 위협이 점차 확산되면서 오늘날 많은 Web Application Firewall들이 등장하고 있다. 하지만, 대부분의 기관에서 웹 서버 자체의 변조는 기관의 미지 실추를 제외하면 업무상 큰 문제를 유발하지 않는다. 웹 서버에 대한 보안을 고려하는 이유는 웹 서버가 침입을 당할 경우 DB 서버의 내용에 손상이 가해질 수 있기 때문이다. 본 고에서는 Web Application Firewall과 연동하여 허용되는 SQL 질의패턴을 자동으로 생성하여 불법적인 SQL 질의를 차단하는 DB Application Firewall을 제안한다. 이를 통해 웹 응용프로그램의 취약점으로 인해 SQL 질의가 변조되더라도 DB 서버에 해당SQL질의가 전달되는 것을 차단할 수 있다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.132-138
• /
• 2012

Existing network layer firewall security support is one that does not support the higher layer, the application layer of a vulnerable web application security. Under these circumstances, the vulnerability of web applications to be able to defend a Web Application Firewall is positioned as a solver to solve the important security issues of businesses spotlighted in the next generation of security systems, and a very active market in the market other than domestic is expected to be formed. However, Firewall Web has not yet proposed a standard which can be used to test the performance of the Web Application Firewall Web Application Firewall and select the products of trust hardly Companies in BMT conduct their own individual problems and the cost of performance testing technologies, there is a limit. In this study, practically usable BMT model was developed to evaluate the firewall vendor. Product ratings ISO / IEC 9126, eight product characteristics meet the performance and characteristics of a web application firewall entries are derived. This can relieve the burden on the need to be evaluated in its performance testing of Web firewall, and can enhance the competitiveness of domestic-related sectors, by restoring confidence in the product can reduce the dependence on foreign products.

• Journal of Digital Convergence
• /
• v.15 no.5
• /
• pp.197-205
• /
• 2017

To achieve web application security goals effectively by providing web security features such as information leakage prevention, web application firewall system must be able to achieve the goal of enhancing web site security and providing secure services. Therefore, it is necessary to study the security evaluation of web application firewall system based on related standards. In this paper, we analyze the requirements of the base technology and security quality of web application firewall, and established the security evaluation criteria based on the international standards for software product evaluation. Through this study, it can be expected that the security quality level of the web application firewall system can be confirmed and the standard for enhancing the quality improvement can be secured. As a future research project, it is necessary to continuously upgrade evaluation standards according to international standards that are continuously changing.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.157-167
• /
• 2009

Recently, the leakage of confidential information and personal information is taking place on the Internet more frequently than ever before. Most of such online security incidents are caused by attacks on vulnerabilities in web applications developed carelessly. It is impossible to detect an attack on a web application with existing firewalls and intrusion detection systems. Besides, the signature-based detection has a limited capability in detecting new threats. Therefore, many researches concerning the method to detect attacks on web applications are employing anomaly-based detection methods that use the web traffic analysis. Much research about anomaly-based detection through the normal web traffic analysis focus on three problems - the method to accurately analyze given web traffic, system performance needed for inspecting application payload of the packet required to detect attack on application layer and the maintenance and costs of lots of network security devices newly installed. The UTM(Unified Threat Management) system, a suggested solution for the problem, had a goal of resolving all of security problems at a time, but is not being widely used due to its low efficiency and high costs. Besides, the web filter that performs one of the functions of the UTM system, can not adequately detect a variety of recent sophisticated attacks on web applications. In order to resolve such problems, studies are being carried out on the web application firewall to introduce a new network security system. As such studies focus on speeding up packet processing by depending on high-priced hardware, the costs to deploy a web application firewall are rising. In addition, the current anomaly-based detection technologies that do not take into account the characteristics of the web application is causing lots of false positives and false negatives. In order to reduce false positives and false negatives, this study suggested a realtime anomaly detection method based on the analysis of the length of parameter value contained in the web client's request. In addition, it designed and suggested a WAF(Web Application Firewall) that can be applied to a low-priced system or legacy system to process application data without the help of an exclusive hardware. Furthermore, it suggested a method to resolve sluggish performance attributed to copying packets into application area for application data processing, Consequently, this study provide to deploy an effective web application firewall at a low cost at the moment when the deployment of an additional security system was considered burdened due to lots of network security systems currently used.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.2
• /
• pp.632-657
• /
• 2022

Detecting web attacks is a major challenge, and it is observed that the use of simple models leads to low sensitivity or high false positive problems. In this study, we aim to develop a robust two-stage deep learning based stacked ensemble web application firewall. Normal and abnormal classification is carried out in the first stage of the proposed WAF model. The classification process of the types of abnormal traffics is postponed to the second stage and carried out using an integrated stacked ensemble model. By this way, clients' requests can be served without time delay, and attack types can be detected with high sensitivity. In addition to the high accuracy of the proposed model, by using the statistical similarity and diversity analyses in the study, high generalization for the ensemble model is achieved. Within the study, a comprehensive, up-to-date, and robust multi-class web anomaly dataset named GAZI-HTTP is created in accordance with the real-world situations. The performance of the proposed WAF model is compared to state-of-the-art deep learning models and previous studies using the benchmark dataset. The proposed two-stage model achieved multi-class detection rates of 97.43% and 94.77% for GAZI-HTTP and ECML-PKDD, respectively.

• Journal of information and communication convergence engineering
• /
• v.8 no.5
• /
• pp.473-478
• /
• 2010

Today's engineering design is carried out in a distributed fashion geographically or physically. This places new requirements on the computational environments such as efficient integration and collaboration. With the advances of the Internet and Network environment recently, many researches have been proposed and at the same time, Web-based distributed design gives to a new paradigm in design and manufacturing fields. That is, Web-based technologies lead to reduce the product development times and to ensure a competitive product in order to exchange and interact of real-time design information that integrates the distributed design environment between departments as well as companies via Internet and Web. So, an efficient data communication for design information sharing is the foundation for collaborative systems in the distributed environment. Design data communication techniques such as CORBA, DCOM and RMI have been considered in the existing research but they have some problems that are limitations of interoperability and firewall problems in the Web. Therefore, this paper presents a Web-based distributed design application where distributed design information resources are integrated and exchanged using Web Services for supporting XML and HTTP without the interoperability and firewall problems through the 330K VLCC case.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.10a
• /
• pp.464-466
• /
• 2021

Currently, most companies have security solutions such as firewalls or WAF (Web Application Firewall) for web services, cloud systems, and data centers. Recently, as the need for remote access increases, the task of overcoming the security vulnerabilities of remote access control is becoming more important. In this paper, the concept of the network security model from the perspective of zero trust and the strategy and security system using it will be reviewed.

• Journal of the Society of Naval Architects of Korea
• /
• v.47 no.6
• /
• pp.831-835
• /
• 2010

Currently, engineering design is carried out in a distributed manner geographically or physically. This imposes new requirements on the computational environments, such as efficient integration and collaboration in the Internet and network environments. Meanwhile, Web-based distributed design has led new paradigms in design and manufacturing fields. For example, Web-based technologies have reduced the product development time and to ensure a competitive product in order to exchange and interact of real-time design information that integrates the distributed design environment between departments as well as companies via Internet and Web. Hence, efficient data communication for design information sharing is the basis for collaborative systems in the distributed environments. Design data communication techniques such as CORBA, DCOM, and JAVA RMI have been considered in the existing research, but these techniques have some disadvantages such as limitations of interoperability and firewall problems. This paper presents the application of engineering design problems in which distributed design information resources are integrated and exchanged using Web Service for supporting XML and HTTP without interoperability and firewall problems.

• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.25 no.5 s.216
• /
• pp.44-52
• /
• 2007

• The Journal of Society for e-Business Studies
• /
• v.9 no.4
• /
• pp.137-155
• /
• 2004

A video-conference system is being utilized in web based application services in various fields due to the widespread use of Internet and the progress of computer technologies. This system should use the public IP address for sharing file and white board and it is difficult to manage the internal network users of the firewall and non-public IP address users. In this paper, we propose an Application Level Gateway which transforms non-public IP address into public IP address. This mechanism is for the internal network users of the firewall or non-public IP address users over the Internet. We also propose a Control Daemon which manages video and audio media dynamically according to network bandwidth. This mechanism can start and terminate a video conference and manage the process of the video conference.