• Journal of Navigation and Port Research
• /
• v.36 no.5
• /
• pp.363-370
• /
• 2012

Recently, International Maritime Organization has been developing e-navigation implementation strategy plan, which is focused on various services for vessel safety navigation. Then, different kinds of software will be developed in maritime area and with this, the quality issues are to be expected becoming more important. In this paper, we adopt software refactoring techniques to reduce the complexity of structure on source code level. It makes software program more effective to understand and modify, without any change of outward behavior. The existing AIS broadcast server program is used as an example for our trial, and calculating coupling and cohesion metric are introduced to analyze the refactoring effect, taking account of the maintainability of IEC/ISO9126 software quality standards.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.12
• /
• pp.2775-2782
• /
• 2010

In this paper, we propose a web-based programming class support system to help a lecturer to teach a programming language to students effectively. The proposed system is composed of a error analysis step and a verification step. The error analysis step checks whether there are compile time errors or run time errors in each student's submitted program. Given some errors, the system provides helpful feedback for the student to fix the errors. On the contrary, the system provides quick feedback after checking the source code style, comments, and plagiarism in the submitted program. As soon as the student submits the program, the student can see the check results. According to the result of utilizing the proposed system in a C programming language class, students tend to submit program assignments actively.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.19-26
• /
• 2006

Recently, web server hacking is trending toward web application hacking which uses comparatively vulnerable web applications based on open sources. And, it is possible to hack databases using web interfaces because web servers are usually connected databases. Web application attacks use vulnerabilities not in web server itself, but in web application structure, logical error and code error. It is difficult to defend web applications from various attacks by only using pattern matching detection method and code modification. In this paper, we propose a method to secure the web applications based on profiling which can detect and filter out abnormal web application requests.

• The KIPS Transactions:PartD
• /
• v.14D no.5
• /
• pp.517-530
• /
• 2007

Recently web applications have growl rapidly and have become more and more complex. As web applications become more complex, there is a growing concern about their quality. But very little attentions are paid to web applications testing and there are scarce of the practical research efforts and tools. Thus, in this paper, we suggest the automated testing methods for web applications. For this, the methods generate an analysis model by analyzing the HTML codes and the source codes. Then test targets are identified and test cases are extracted from the analysis model. In addition, test drivers and test data are generated automatically, and then they are depleted on the web server to establish a testing environment. Through this process we can automate the testing processes for web applications, besides the automated methods makes our approach more effective than the existing research efforts.

• KIISE Transactions on Computing Practices
• /
• v.21 no.5
• /
• pp.379-386
• /
• 2015

We propose a novel user-perceived performance optimization framework for the Android platform that takes advantage of the user-centric response time analysis. To this end, we propose a new definition of response time, which we call the user-centric response time, as a metric for the quality of user-perceived performance of the smartphone application. In this paper, we describe the design and implementation of an on-line user-centric response time analyzer for Android-based smartphones, which provides smartphone application developers with valuable insight for user-perceived performance optimization. We implemented the user-centric response time analyzer on the Android platform, version 4.0.4 (ICS) running on a Galaxy Nexus smartphone. From our experimental results, the proposed user-centric response time analyzer accurately estimates user-centric response times with an accuracy of 92.0% compared to manually measured times with less than 1% performance penalty. In order to evaluate the efficiency of the proposed framework, we were able to reduce the user-centric response time of the target application by up to 16.4% based on the evaluation results by the proposed framework.

• Journal of KIISE
• /
• v.42 no.8
• /
• pp.1022-1030
• /
• 2015

The context-awareness of mobile applications yields several issues for testing, since mobile applications should be able to be tested in any environment and under any contextual input. In previous studies of testing for Android applications as an event-driven system, many researchers have focused on using generated test cases considering only Graphical User Interface (GUI) events. However, it is difficult to find failures that could be detected when considering the changes in the context in which applications run. It is even more important to consider various contexts since the mobile applications adapt and use the new features and sensors of mobile devices. In this paper, we provide a method of systematically generating various executing contexts from permissions. By referring to the lists of permissions, the resources used by the applications for running Android applications can be easily inferred. To evaluate the efficiency of our testing method, we applied the method on two open source projects and showed that it contributes to improve the statement code coverage.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.807-819
• /
• 2019

Greybox fuzzing is known as an effective method to discover unknown security flaws reside in software and has been actively researched today. However, most of greybox fuzzing tools require an executable file. Because of this, a library, which cannot be executed by itself requires an additional executable file for greybox fuzzing. Generating such an executable file is challengeable because it requires both understanding of the library and fuzzing. In this research, we suggest the approach to generate an executable file automatically for a library and implement this approach as a tool based on the LLVM framework. This tool shows that executable files and seed files can be generated automatically by static/dynamic analysis of a unit test in the target project. A generated executable file is compatible with various greybox fuzzers like AFL because it has a common interface for greybox fuzzers. We show the performance of this tool as code coverage and discovered unknown security bugs using generated executable files and seed files from open source projects through this tool.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.9
• /
• pp.1173-1178
• /
• 2019

In this paper, we design a security management application module for an Excel VBA password file. You will set a password for the important VBA program file. If this password is lost, you set a new password. If you forgot the password after setting the password in the Excel VBA file, you will not be able to change the VBA source code. In this paper, we design a function to modify VBA file passwords conveniently. The VBA password modification module extracts VBA files from Excel files. The password can be modified by modifying specific field information in the extracted VBA program file. This allows you to modify the password for the VBA program file. The experiments were performed by implementing the contents proposed in this paper. As a result of the experiment, we can confirm that the password can be used by modifying the VBA file password.

• Convergence Security Journal
• /
• v.18 no.1
• /
• pp.33-42
• /
• 2018

CFD analysis is an analytical technique that applies a computer to the design and development of products across the entire industry for heat or fluid flow. This technology is used to shorten the development period and reduce costs through computerized simulation. However, the software used for CFD analysis is now required to use expensive foreign software. The Opensource CFD analysis software used in the proposed system has reliability of commercial CFD analysis software and has various user groups. However, for users who have expert knowledge, Opensource CFD software which supports only text interface environment, We have developed an environment that enables the construction of a CFD analysis environment for beginners as well as professionals. In addition, the proposed system supports the pre-processing (design and meshing) environment for CFD analysis and the environment for post-processing (result analysis & visualization), enabling the integrated CFD analysis process in one platform.

• Journal of Advanced Navigation Technology
• /
• v.23 no.2
• /
• pp.186-193
• /
• 2019

This paper presents and implements a simple programmable PCM encoder structure uisng the commutation method. In the telemetry system, information is required to assign each data to the channel in order to generate a frame format the data acpuired from the sensor. In this case, when the number of state information is large or the data type is various, there is a necessity to input a large amount of information to each channel. However, the more the number of channels and data, the more probability the error will occur. Therefore, in this paper, the channel information is created using the program. And PCM encoder was implemented to store channel information in ROM. The proposed PCM encoder architecture reduces the likelihood of errors. And it can improve the development speed. The validity of proposed structure is proved by simulation.