• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.10
• /
• pp.831-840
• /
• 2013

Recently, to enhance the security of software, static analysis tools for removing weaknesses, the cause of vulnerability, have been used a lot in the software development stage. Therefore, the tools need to have the rules being able to diagnose various weaknesses. Top 5 weaknesses found in the software developed by major domestic information projects from 2011 to 2012 is 76% of top 10 weaknesses per year. Software security can be improved a lot if top 5 weaknesses just are removed properly in software development. In this paper, we propose the PMD's rules for diagnosing the major weaknesses and present the results of its performance test.

• Journal of the Korean Society for information Management
• /
• v.41 no.1
• /
• pp.465-486
• /
• 2024

The purpose of this study is to identify the current status of infrastructure and services for analyzing research data for research data managers at government-funded research institutions under the National Research Council for Science and Technology (NST) who will actually use the Korea Research Data Commons (KRDC), which is being developed by the Korea Institute of Science and Technology Information (KISTI) and to investigate the perceptions of research data managers related to the establishment of KRDC system. For the study, we conducted a survey targeting 24 government-funded research institutes, excluding KISTI, and interviewed research data managers from 9 of the 15 institutions surveyed who agreed to follow-up interviews. As a result of the survey, most institutions were providing related services, and their willingness to introduce an integrated analysis framework for the use of research data and provide a system for using externally released analysis software was also high. Meanwhile, when we investigated the external disclosure status of each institution's analysis services through follow-up interviews, only a minimal number of institutions were disclosing them to the outside world. The findings reveal that there is a demand to utilize analysis infrastructure and services when provided through the framework. However, it is difficult to disclose and share the analysis resources held by each organization. In order to establish the KRDC system, it is essential to share research sites' analysis infrastructure and services, and in addition, changes in the perception of research sites and institutional changes are necessary. Furthermore, there is a need to establish policies that consider the system's convenience, security, and compensation system raised in the follow-up interviews.

• Journal of Broadcast Engineering
• /
• v.23 no.4
• /
• pp.495-502
• /
• 2018

JVET (Joint Video Exploration Team) which explored evolving technologies of video coding with capabilities beyond HEVC (High Efficiency Video Coding), released a references software codec named the Joint Exploration Model (JEM) for performance verification of coding technologies. JEM has 67 intra prediction modes that extend the 35 modes of HEVC for intra prediction. Therefore, the enhancement of the coding performance is limited due to the overhead of prediction mode coding. In this paper, we analyze the probabilities of prediction modes selections, and then we propose a more efficient intra prediction mode coding based on the results of analyzed mode occurrence. In addition, we propose a context modeling for CABAC (Context-Adaptive Binary Arithmetic Coding) of the proposed mode coding. Experimental results show that the BD-rate gain is 0.02% on the AI (All Intra) coding structure compared to JEM 7.0. We need to optimize context modeling for additional coding performance enhancement.

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.5
• /
• pp.229-234
• /
• 2017

Because of the invisible nature of software and the bad coding habits (bad smell) of the existing developers, there are many redundant codes and unnecessary codes, which increases the complexity and makes it difficult to upgrade software. Therefore, it is required a code visualization so that developers can easily and automatically identify the complexity of the source code. To do this, it is necessary to construct SW visualization tool based on open source software and redefine the coupling and cohesion according to the object oriented viewpoint. Specially to identify a bad smell code pattern, we suggest how to plug-in diverse parsers within our tool. In this paper, through redefining coupling and cohesion from an object oriented perspective, we will extract bad smell code patterns within source code from inputting any pattern into the tool.

• Journal of Software Engineering Society
• /
• v.25 no.1
• /
• pp.1-9
• /
• 2012

RFID systems have been widely used in various fields such as logistics, distribution, food, security, traffic and others. A RFID middleware, one of the key components of the RFID system, perform an important role in many functions such as filtering, grouping, reporting tag data according to given user specifications and so on. However, manual test data generation is very hard because the inputs of the RFID middleware are generated according to the RFID middleware standards and complex encoding rules. To solve this problem, in this paper, we propose a black box test technique based on RFID middleware standards. Firstly, we define ten types of input conversion rules to generate new test data from existing test data based on the standard specifications. And then, using these input conversion rules, we generate various additional test data automatically. To validate the effectiveness of generated test data, we measure coverage of generated test data on actual RFID middleware. The results show that our test data achieve 78% statement coverage and 58% branch coverage in the classes of filtering and grouping, 79% statement coverage and 64% branch coverage in the classes of reporting.

• Journal of Internet of Things and Convergence
• /
• v.9 no.1
• /
• pp.1-7
• /
• 2023

Cases in which personal terminals or servers are infected by ransomware are rapidly increasing. Ransomware uses a self-developed encryption module or combines existing symmetric key/public key encryption modules to illegally encrypt files stored in the victim system using a key known only to the attacker. Therefore, in order to decrypt it, it is necessary to know the value of the key used, and since the process of finding the decryption key takes a lot of time, financial costs are eventually paid. At this time, most of the ransomware malware is included in a hidden form in binary files, so when the program is executed, the user is infected with the malicious code without even knowing it. Therefore, in order to respond to ransomware attacks in the form of binary files, it is necessary to identify the encryption module used. Therefore, in this study, we developed a mechanism that can detect and identify by reverse analyzing the encryption module applied to the malicious code hidden in the binary file.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.97-99
• /
• 2023

소프트웨어를 개발하거나 실행하는 환경은 매우 다양하다. 최근에 혁신을 이끌고 있는 인공지능 모델은 오픈소스 프로젝트룰 통해 공개되는 코드나 라이브러리를 활용하여 구현하는 경우가 많다. 하지만 실행을 위한 환경 설치 과정이 쉽지 않고, 데이터 혹은 기학습된 모델 사이즈가 대용량일 경우에는 로컬 컴퓨터에서 실행하는 것이 불가능한 경우도 발생하고, 동료와 작업을 공유하거나 수동 배포의 어려움 등 다양한 문제에 직면한다. 이러한 문제를 해결하기 위하여, 소프트웨어가 유연하게 동작할 수 있도록 효율적인 리소스를 관리할 수 있는 컨테이너 기술을 많이 활용한다. 이 기술을 활용하는 이유는 AI 모델이 시스템에 관계없이 정확히 동일하게 재현될 수 있도록 하기 위함이다. 본 연구에서는 인공지능 모델 개발과 관련하여 코드가 실행되는 환경을 편리하게 관리하기 위하여 소프트웨어를 컨테이너화하여 배포할 수 있는 기능을 제공하는 연구소프트웨어 개발 통합 프레임워크를 제안한다.

• Journal of the Geological Society of Korea
• /
• v.54 no.6
• /
• pp.615-630
• /
• 2018

Basin analysis is a research field to understand the formation and evolution of sedimentary basins. This task requires various geoscientific datasets as well as numerical and graphical modelling techniques to synthesize results dimensionally in time and space. For basin analysis and modelling in a comprehensive workflow, BasinVis 1.0 was released as a MATLAB-based program in 2016, and recently the software has been extended to BasinVis 2.0, with new functions and revised user-interface. As a case study, this work analyses the southern Vienna Basin and visualizes the sedimentation setting and subsidence evolution to introduce the basin modelling functions of BasinVis 2.0. This is a preliminary study for a basin-scale modelling of the Vienna Basin, together with our previous studies using BasinVis 1.0. In the study area, during the late Early Miocene, sedimentation and subsidence are significant along strike-slip and en-echelon listric normal faults. From the Middle Miocene onwards, however, subsidence decreases abruptly over the area and this situation continues until the Late Miocene. This is related to the development of the pull-apart system and corresponds to the episodic tectonic subsidence in strike-slip basins. The subsidence of the Middle Miocene is confined mainly to areas along the strike-slip faults, while, from the late Middle Miocene, the depocenter shifts to a depression along the N-S trending listric normal faults. This corresponds to the regional paleostress regime transitioning from NE-SW trending transtension to E-W trending extension. This study applies various functions and techniques to this case study, and the modelled results demonstrate that BasinVis 2.0 is effective and applicable to the basin modelling.