• Journal of the Korea Society of Computer and Information
• /
• v.26 no.2
• /
• pp.79-88
• /
• 2021

In this paper, we propose a API Gateway technique for the expansion of human resource management module, one of the ERP functions. The institution has introduced ERP (Enterprise Resource Planning) based on its efforts to transform all human and physical resources into business competitiveness and its response to the digital knowledge informatization environment, and listed it as multiple success factors. Human resource management is one of the factors that have been dealt with. However, ERP's Human Resources Management Module remains in the role of functional personnel management. How to utilize human resources begins with navigating and recognizing human resources. The proposed API Gateway technique leverages blockchain networks to design and implement APIs for human resource sharing and navigation, including the possibility of extending ERP's human resource management module. Secondly, it was designed and implemented using a smart contract that behaves like an API for preventing information forgery. The proposed method will not only be used as a tool that can actively utilize human resources, but will also be a complete resource for utilizing big data technology.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.123-130
• /
• 2022

Recently, studies on the detection and classification of Android malware based on API Call sequence have been actively carried out. However, API Call sequence based malware classification has serious limitations such as excessive time and resource consumption in terms of malware analysis and learning model construction due to the vast amount of data and high-dimensional characteristic of features. In this study, we analyzed various classification models such as LightGBM, Random Forest, and k-Nearest Neighbors after significantly reducing the dimension of features using PCA(Principal Component Analysis) for CICAndMal2020 dataset containing vast API Call information. The experimental result shows that PCA significantly reduces the dimension of features while maintaining the characteristics of the original data and achieves efficient malware classification performance. Both binary classification and multi-class classification achieve higher levels of accuracy than previous studies, even if the data characteristics were reduced to less than 1% of the total size.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1043-1053
• /
• 2023

Malware analysts work diligently to analyze and counteract malware, while developers persistently devise evasion tactics, notably through packing and obfuscation techniques. Although previous works have proposed general unpacking approaches, they inadequately address techniques like OEP obfuscation and API obfuscation employed by modern packers, leading to occasional failures during the unpacking process. This paper examines the OEP and API obfuscation techniques utilized by various packers and introduces a system designed to automatically de-obfuscate them. The system analyzes the memory of packed programs, detects trampoline codes, and identifies obfuscated information, for program reconstruction. Experimental results demonstrate the effectiveness of our system in de-obfuscating programs that have undergone OEP and API obfuscation techniques.

• The Journal of Korean Association of Computer Education
• /
• v.6 no.3
• /
• pp.75-85
• /
• 2003

This study develops the System(MetaGene) to create meta-data for learning object based on SCORM including meta-data of Assets. SCO, Contents Aggregation and metadata of Contents Package. API function cocle is embeded in Learning Object for interfacing API adopter in LMS to support SCORM and for tracking on learning process based on data models. Also, the learning objects are packaged the PIF(Packaged Interchange File) to transmit with LMS. MetaGene is verified by $SCORM^{(TM)}$ Conformance TestSuite for meta-data of learning objects, manifest file of Contents Packaging.

• Journal of Korea Multimedia Society
• /
• v.6 no.2
• /
• pp.183-193
• /
• 2003

The importance of XML data and their database supports in a mobile terminal system is on the increase. It leads to active research for embedded XML database systems. In order to handle in documents, DOM API should be supported. The existing DOM API is not suitable for the embedded system with limited resource because the DOM tree requires a large space on main memory. Considering poor resource of embedded systems, we present persistent DOM which is implemented on Berkeley DB and DOMdbm which manages it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.897-909
• /
• 2014

With the development of the Internet, the number of cyber threats is continuously increasing and their techniques are also evolving for the purpose of attacking our crucial systems. Since attackers are able to easily make exploit codes, i.e., malware, using dedicated generation tools, the number of malware is rapidly increasing. However, it is not easy to analyze all of malware due to an extremely large number of malware. Because of this, many researchers have proposed the malware classification methods that aim to identify unforeseen malware from the well-known malware. The existing malware classification methods used malicious information obtained from the static and the dynamic malware analysis as the criterion of calculating the similarity between malwares. Also, most of them used API functions and their sequences that are divided into a certain length. Thus, the accuracy of the malware classification heavily depends on the length of divided API sequences. In this paper, we propose an extraction method of optimized API sequence length and combination that can be used for improving the performance of the malware classification.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.4
• /
• pp.869-876
• /
• 2011

Recently, use of Smartphones is growing at an extremely rapid pace. Many researchers have recognized the importance of developing Smartphones applications under these circumstances, and they have been conducted many studies to develop apps efficiently. The Smartphones middleware has become a focus of recent research to develop efficient Smartphones apps on a server-client environment in particular. In this study, for enhancing portability, expandability and convenience in the development of apps on the various platforms of Smartphones, We have proposed XML based Open API optimized in the Smartphones middleware. We also evaluated the performance, by applying it in Smartphone middleware environment.

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.61-70
• /
• 2007

In Windows operating system, CSPs(Cryptographic Service Providers) are provided for offering a easy and convenient way of using an various cryptographic algorithms to applications. The applications selectively communicate with various CSPs through a set of functions known as the Crypto API(Cryptographic Application Program Interface). During this process, a secure method, accessing data using a handle, is used in order to prevent analysis of the passing parameters to function between CryptoAPI and CSPs. In this paper, our experiment which is using a novel memory traceback method proves that still there is a vulnerability of private key and secret key disclosure in spite of the secure method above-mentioned.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1375-1382
• /
• 2019

The latest version of commercial protector, Themida, has been updated, it is impossible to apply a normalized unpacking mechanism from previous studies by disable the use of a virtual memory allocation that provides initial data to be tracked. In addition, compared to the previous version, which had many values that determined during execution and easy to track dynamically, it is difficult to track dynamically due to values determined at the time of applying the protector. We will look at how the latest version of Themida make it difficult to normalize the API wrapping process by adopted techniques and examine the possibilities of applying the unpacking techniques to further develop an automated unpacking system.