• The Journal of Korean Association of Computer Education
• /
• v.14 no.5
• /
• pp.9-18
• /
• 2011

Compiler development projects, which are designed and taught in compiler course, allow students to practice and absorb valuable amount of experience and techniques in developing compilers. However, both instructors and students face difficulties as they are often limited by insufficient hands-on time during course of an academic year along with a relatively high level of technologies involved when dealing with compilers. As well, most compiler's target systems use interpreter-based technologies which are rather limited in drawing student's attention. As a result compiler courses often end up being more of a theoretical course than practical. This paper presents a new integrated development environment (IDE) that will help overcome aforementioned difficulties and allow students to obtain both theoretical and practical knowledge more efficiently. The development environment includes a reference compiler with $Mindstorms^{(R)}$ NXT Robots as the target system, compiler development tool, target language test tool, and code generation visualizer. It is developed as a plug-in for the popular Eclipse IDE which enables easy access and great expandability. This integrated development environment allows students to understand compilers better and start their development faster.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.44-53
• /
• 2015

Control flow information is useful in the analysis and comparison of programs. Virtualization-obfuscation hides control structures of the original program by transforming machine instructions into bytecode. Direct examination of the resulting binary reveals only the structure of the interpreter. Recovery of the original instructions requires knowledge of the virtual machine architecture, which is randomly generated and hidden. In this paper, we propose a method to reconstruct original control flow using only traces generated from the obfuscated binary. We consider traces as strings and find an automaton that represents the strings. State transitions in the automaton correspond to the control transfers in the original program. We have shown the effectiveness of our method with commercial obfuscators.

• The Transactions of the Korea Information Processing Society
• /
• v.4 no.11
• /
• pp.2679-2689
• /
• 1997

In this paper, a multimedia authoring system using temporal/spatial synchronization manager is designed and implemented to support easy and efficient generation of multimedia title. For this goal, a flowchart-oriented logic generator which represents a title author's design intent into a practical title composition logic without extra translation process, and a logic interpreter which translate and implement the generated title logic, are designed. Furthermore, a temporal/spatial synchronization manager which manages temporal/spatial synchronization information between media data for multimedia representation, is designed. Especially, a temporal specification model and MRL, a formal language for the model, are designed to synchronize the temporal relation between media objects. The MRL represents a complex temporal relation by simple and clear form, and synchronizes efficiently multimedia representation according to the author's intent. A presentation frame editor which makes coincidence between visible size of representation media and attachment point, is implemented for spatial synchronization.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.275-285
• /
• 2019

Web-assemblies are a new binary standard designed to improve the performance of Web browser JavaScript. Web-assemblies are becoming a new web standard that can run at near native speed with efficient execution, concise representation, and code written in multiple languages. However, current Web-assembly vulnerability verification is limited to the Web assembly interpreter language, and vulnerability verification of Web-assembly binary itself is insufficient. Therefore, it is necessary to verify the safety of the web assembly itself. In this paper, we analyze how to operate the web assembly and verify the safety of the current web-assembly. In addition, we examine vulnerability of existing web -assembly and analyze limitations according to existing safety verification method. Finally, we introduce web-assembly API based fuzzing method to overcome limitation of web-assembly safety verification method. This verifies the effectiveness of the proposed Fuzzing by detecting crashes that could not be detected by existing safety verification tools.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.869-882
• /
• 2012

With the growth of Web services and the development of web exploit toolkits, web-based malware has increased dramatically. Using Javascript Obfuscation, recent web-based malware hide a malicious URL and the exploit code. Thus, pattern matching for network intrusion detection systems has difficulty of detecting malware. Though various methods have proposed to detect Javascript malware on a users' web browser, the overall detection is needed to counter advanced attacks such as APTs(Advanced Persistent Treats), aimed at penetration into a certain an organization's intranet. To overcome the limitation of previous pattern matching for network intrusion detection systems, a novel deobfuscating method to handle obfuscated Javascript is needed. In this paper, we propose a framework for effective hidden malware detection through an automated deobfuscation regardless of advanced obfuscation techniques with overriding JavaScript functions and a separate JavaScript interpreter through to improve jsunpack-n.

• Journal of Satellite, Information and Communications
• /
• v.12 no.3
• /
• pp.108-113
• /
• 2017

The OBCP called 'operator on board' is that of a procedure to be executed on-board, which can be easily be loaded, executed, and also replaced, without modifying the remainder of the FSW. The use of OBCP enhances the on-board autonomy capabilities and increases the robustness to ground stations outages. The OBCP engine which is the core module of OBCP component in the FSW interprets and executes of the procedures based on script language written using a high-level language, possibly compiled, and it is relying on a virtual machine of the OBCP engine. FSW team in KARI has studied OBCP since 2010 as FSW team's internal projects, and made some OBCP engines such as Java KVM, RTCS/C and KKOMA on ERC32 processor target only for study. Recently we have been studying ESA's OBCP standard and implementing Lua and MicroPython on LEON2-FT/AT697F processor target as the OBCP engine. This paper presents the design and implementation of Lua for the OBCP engine on AT697F processor with VxWorks RTOS, and describes the evaluation result and performance of the OBCP engine.

• Journal of KIISE:Software and Applications
• /
• v.31 no.3
• /
• pp.255-266
• /
• 2004

In the Web-based information systems, separating the business process logic from the data and presentation logic brings about a wide range of advantages. However, this separation is not easily achieved; even the data logic may be not separated from the presentation layer. So, it requires to define an model for business processes, and then to map the model into the user's dynamic interface using the logic separating strategy. This paper presents a stylesheet method to recognize the process by extending XSLT (Extensible Stylesheet Language Transformations), in order to achieve the logic separation. To do this, it provides an specification of the business process, and a scheme that extracts business model factors and their interactions using a Petri-net notation to show the business model into the process point of view. This is an attempt to separate users' interaction from the business process, that is, dynamic components of interaction Web document from the process structure of Web applications. Our architecture consist mainly of an XSLT controller that is extended by a process control component. The XSLT controller is responsible for receiving the user requests and searching the relevant templet rule related to different user requests one by one. Separation of concerns facilities the development of service-oriented Web sites by making if modular. As a result, the development of service-oriented Web sites would be very easy, and can be changed without affecting the other modules, by virtue of the modularization concept. So, it is easy to develop and maintain the Web applications in independent manner.

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.1
• /
• pp.59-73
• /
• 2007

Although there exist many middlewares such as Havi, Jini, LonWorks, UPnP, and SLP, new middlewares specialized for diverse information appliances are expected to appear continuously as home networks evolve. In this paper, we examine an integrated architecture for supporting interoperability among heterogeneous middlewares under home network, we also propose and implement a scenario-based user-oriented integrated architecture for efficient home automation which is different from existing methods. HOMI(Homenetwork Middleware for Interoperability) architecture proposed in this paper provides interfaces that assist users with designing and modifying desirable scenarios using a script interpreter language HOMIL(HOMI Language). Different from an existing integrated middleware architecture, HOMI improves efficiency and convenience of interoperation between heterogeneous appliances for home automation allowing users to design and organize scenarios through these interfaces. HOMI classifies interoperation services into time contort, synchronization context, and asynchronization context and helps to execute next services considering contexts when a specific event occurs. Applying modified scenarios immediately to home network environment, HOMI provides users with seamless services without installing new applications, updating the server, or rebooting in order to adopt new scenarios. Lastly, distribution agents into several devices, we solved the overhead problem occurred in a centralized architecture for integrated middleware.