• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.10
• /
• pp.7211-7218
• /
• 2015

Tens of thousands of malicious codes are generated on average in a day. New types of malicious codes are surging each year. Diverse methods are used to detect such codes including those based on signature, API flow, strings, etc. But most of them are limited in detecting new malicious codes due to bypass techniques. Therefore, a lot of researches have been performed for more efficient detection of malicious codes. Of them, visualization technique is one of the most actively researched areas these days. Since the method enables more intuitive recognition of malicious codes, it is useful in detecting and examining a large number of malicious codes efficiently. In this paper, we analyze the relationships between malicious codes and Native API functions. Also, by applying the word cloud with text mining technique, major Native APIs of malicious codes are visualized to assess their maliciousness. The proposed malicious code analysis method would be helpful in intuitively probing behaviors of malware.

• Journal of Korea Game Society
• /
• v.14 no.5
• /
• pp.117-126
• /
• 2014

There are various kinds of applications if one can develop a remote execution system using for legacy 3D APIs. It can be used in implementing a cloud gaming service based on the real-time video streaming technology. Or, it can also be used in implementing a GPU virtualization for simultaneously rendering of many different 3D applications. The OpenGL API consists of independent global functions while the Direct3D API consists of Microsoft COM-based interfaces and their member functions, which makes the implementation of remote rendering system more difficult. The purpose of the paper is to show the applicability of the technology to any legacy 3D API by successfully designing and implementing a remote rendering system using the Direct3D API. It applies the implementation to a sample Direct3D application and also performs a few experimentations to show the technical feasibility.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.531-539
• /
• 2019

This paper proposes the training features for malware family analysis and analyzes the multi-classification performance of ensemble models. We construct training data by extracting API and DLL information from malware executables and use Random Forest and XGBoost algorithms which are based on decision tree. API, API-DLL, and DLL-CM features for malware detection and family classification are proposed by analyzing frequently used API and DLL information from malware and converting high-dimensional features to low-dimensional features. The proposed feature selection method provides the advantages of data dimension reduction and fast learning. In performance comparison, the malware detection rate is 93.0% for Random Forest, the accuracy of malware family dataset is 92.0% for XGBoost, and the false positive rate of malware family dataset including benign is about 3.5% for Random Forest and XGBoost.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.381-384
• /
• 2010

최근 휴대전화의 고성능화와 네트워크 인프라의 발달로 언제 어디서나 인터넷 접속이 가능한 유비쿼터스 환경이 조성됨에 따라 LBS 응용정보 서비스 산업이 크게 성장하고 있다. 본 논문에서는 방문자의 IP Address를 통해 사용자의 Geolocation 데이터를 획득하고 Google Map API를 사용하여 사용자의 현 위치와 주변의 편의시설 위치를 지도에 표시하며 편의시설 이용 정보를 공유할 수 있는 소셜 네트워킹 사이트를 설계하고 구현하였다.

• Journal of the HCI Society of Korea
• /
• v.1 no.2
• /
• pp.1-8
• /
• 2006

This paper presents a development of new haptic API (Application Programming Interface) that is called K-$Touch^{TM}$ haptic API. It is designed in order to allow users to interact with objects by kinesthetic and tactile modalities through haptic interfaces. The K-$Touch^{TM}$ API would serve two different types of users: high level programmers who need an easy to use haptic API for creating haptic applications and researchers in the haptic filed who need to experiment or develop with new devices and new algorithms while not wanting to re-write all the required code from scratch. Since the graphic hardware based kinesthetic rendering algorithm implemented in the K-$Touch^{TM}$ API is different from any other conventional kinesthetic algorithms, this API can provide users with haptic interaction for various data representations such as 2D, 2.5D depth(height field), 3D polygon, and volume data. In addition, this API supports kinesthetic and tactile interaction simultaneously in order to allow users with realistic haptic interaction. With a wide range of applicative characteristics, therefore, it is expected that the proposed K-$Touch^{TM}$ haptic API will assists to have deeper recognition of the environments, and enhance a sense of immersion in environments. Moreover, it will be useful development toolkit to investigate new devices and algorithms in the haptic research field.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1087-1097
• /
• 2017

As the penetration rate of smartphones increases, the number of malicious codes targeting smartphones is increasing. I 360 Security 's smartphone malware statistics show that malicious code increased 437 percent in the first quarter of 2016 compared to the fourth quarter of 2015. In particular, malicious applications, which are the main means of distributing malicious code on smartphones, are aimed at leakage of user information, data destruction, and money withdrawal. Often, it is operated by an API, which is an interface that allows you to control the functions provided by the operating system or programming language. In this paper, we propose a mechanism to detect malicious application based on the similarity of API pattern in normal application and malicious application by learning pattern of API in application derived from static analysis. In addition, we show a technique for improving the detection rate and detection rate for each label derived by using the corresponding mechanism for the sample data. In particular, in the case of the proposed mechanism, it is possible to detect when the API pattern of the new malicious application is similar to the previously learned patterns at a certain level. Future researches of various features of the application and applying them to this mechanism are expected to be able to detect new malicious applications of anti-malware system.

• Journal of KIISE
• /
• v.41 no.12
• /
• pp.1007-1012
• /
• 2014

Software birthmarks are used to detect software plagiarism. For binaries, however, only a few birthmarks have been developed. In this paper, we propose a static approach to generate API sequences along major paths, which are analyzed from control flow graphs of the binaries. Since our API sequences are extracted along the most plausible paths of the binary codes, they can represent actual API sequences produced from binary executions, but in a more concise form. Our similarity measures use the Smith-Waterman algorithm that is one of the popular sequence alignment algorithms for DNA sequence analysis. We evaluate our static path-based API sequence with multiple versions of five applications. Our experiment indicates that our proposed method provides a quite reliable similarity birthmark for binaries.

• Journal of KIISE:Computing Practices and Letters
• /
• v.13 no.2
• /
• pp.75-85
• /
• 2007

There are many embedded systems which store and play multimedia streams on optical media such as recordable cd and dvd. Some of those are PVRs, DVRs, and camcorders. In this paper we describe the design and implementation of a new, well structured, fully documented, operating system independent and open source optical media API which can be used in various applications and embedded systems. We also design an ISO-9660 compliant optical media layout, an API set and the scenario for real-time recording. To prove the usability, we develop a text application to replace well-known CD-burning software, cdrecord, and a graphic burning application. All the implementations are firstly done on Linux PC environment, and then ported to a commercial embedded system which uses pSOS as an operating system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.3
• /
• pp.499-510
• /
• 2012

An SNS(Social Network Service) is an online service that supports an effective way to share information over virtual communities. Recently, as SNSs such as Twitter, Facebook, and Me2day are getting bigger, the purposes of using popular SNSs are expanded to broadcastings, politics, marketings and so on. In this paper, we propose an API to integrate and manage open APIs for various SNSs, presenting a library as an implementation of the proposed API. Also, utilizing the developed library, a smartphone application is provided which supports integrated management of popular SNSs and personal schedules. Using the library, developers can reduce costs when they need to implement specific functions for managing various SNSs. With the developed application, we can read and write to/from the related SNSs on same screen, automatically reminding our schedule and sharing the schedule with friends over the SNSs.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.10
• /
• pp.2473-2481
• /
• 2014

The majority of next generation information systems will be working on portable mobile devices such as smartphones. REST Open API web services have quickly become popular among mobile application development. The use of REST web services are not only growing in popularity but totally changing the way of mobile applications development. This is because REST web services could be used in application development as a form of building blocks, which is completely independent, compatible, to any platforms. With this strength, REST web services encourage third party application to build add-on functionality. This research proposes the use of REST web service to replace the use of socket APIs into major internet communication APIs. To this end, this paper also provide performance evaluation of the REST web services compared to the conventional socket APIs, focusing on scalability by analytical and experimental evaluations. Finally, we summarize the possibility whether REST Open API web services have enough performance as future major internet communication primitive APIs.