• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1197-1207
• /
• 2018

PowerShell is command line shell and scripting language, built on the .NET framework, and it has several advantages as an attack tool, including built-in support for Windows, easy code concealment and persistence, and various pen-test frameworks. Accordingly, malwares using PowerShell are increasing rapidly, however, there is a limit to cope with the conventional malware detection technique. In this paper, we propose an improved monitoring method to observe commands executed in the PowerShell and a deep learning based malware classification model that extract features from commands using Convolutional Neural Network(CNN) and send them to Recurrent Neural Network(RNN) according to the order of execution. As a result of testing the proposed model with 5-fold cross validation using 1,916 PowerShell-based malwares collected at malware sharing site and 38,148 benign scripts disclosed by an obfuscation detection study, it shows that the model effectively detects malwares with about 97% True Positive Rate(TPR) and 1% False Positive Rate(FPR).

• Journal of KIISE:Software and Applications
• /
• v.33 no.4
• /
• pp.378-387
• /
• 2006

A programming model for ubiquitous sensor network (USN) applications based on Nano-Qplus is proposed. USN applications mean programs of nodes which are components of sensor network such as sensor, router, sink and actuator. Developers can automatically generate programs of USN applications by setting attributes values of nodes using a script after they model a sensor network. A script for setting attributes values of a node is proposed in this paper. The algorithm of automatic code generation is also described. Developers can easily implement USN applications even if they do not know details of low-level communication, data sharing, and collective operations because the applications are automatically generated from a script. They set only attributes values of nodes using the script. Efforts for USN applications development also are reduced because of automatic code generation. Furthermore, developers can correct errors of applications in the early stage of development through ear]y test based on rapid code generation.

• Journal of Platform Technology
• /
• v.8 no.4
• /
• pp.47-58
• /
• 2020

DO-330 Software Tool Qualification Considerations is a guideline for development of tools used to develop/verify software and hardware installed on aircraft. And among several processes, the verification process is very crucial as it occupies a large proportion for DO-330. Especially, in order to qualify tool with high safety level, test objectives must be performed with independence, accordingly, more time, cost, and manpower are required than other objectives. In addition, even if the test cases or test procedures are well defined, the higher the complexity of the test the higher probability of human error occurs. In this paper, we propose Script-based Test Automation Agent software structure for efficient DO-330 verification process of A661UAGEN tool developed by Hanwha Systems. Compared to the test performed manually by the test engineer, testing time of the Script-based Test Automation Agent is reduced by 87.5% and testing productivity is increased by 43.75%.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.360-363
• /
• 2022

According to the 2018 Kaggle ML & DS Survey, among the proportions of frameworks for machine learning and data science, TensorFlow and Keras each account for 41.82%. It was found to be 34.09%, and in the case of development programming, it is confirmed that about 82% use Python. A significant number of machine learning and deep learning structures utilize the Keras framework and Python, but in the case of Python, distribution and execution are limited to the Python script environment due to the script language, so it is judged that it is difficult to operate in various environments. This paper implemented a machine learning and deep learning system using C# and Keras running in Visual Studio 2019. Using the Mnist dataset, 100 tests were performed in Python 3.8,2 and C# .NET 5.0 environments, and the minimum time for Python was 1.86 seconds, the maximum time was 2.38 seconds, and the average time was 1.98 seconds. Time 1.78 seconds, maximum time 2.11 seconds, average time 1.85 seconds, total time 37.02 seconds. As a result of the experiment, the performance of C# improved by about 6% compared to Python, and it is expected that the utilization will be high because executable files can be extracted.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10b
• /
• pp.600-603
• /
• 2006

Java 플랫폼 기반의 스크립트 언어인 Groovy는 GroovyMarkup을 이용하여 컴포넌트 및 콘테이너, 객체가 중첩된 구조로 이루어져 있는 GUI 프로그램을 간결하고 쉽게 작성할 수 있다. 본 논문에서는 GroovyMarkup을 확장해 고성능의 GUI 프로그램을 구현할 수 있는 SWT Builder를 구현하였다. 본 논문에서 구현한 SWT Builder의 성능 및 기능 평가를 위해 기존에 구현된 SWT Builder, Swing Builder와 비교하여 실험하였다. 테스트 한 결과, 구현한 SWT Builder는 GUI 구성 시간에 있어 기존 SWT Builder보다 1.4배 더 빠른 속도를 가진다. 또한 기능 부분에서는 Factory 클래스 소스 코드의 자동 생성, 클래스 기능 문서 자동 생성 등 으로 프로그래머에게 더 많은 편의성을 제공한다.

• Proceedings of the KIEE Conference
• /
• 2000.07d
• /
• pp.2904-2906
• /
• 2000

본 논문에서는 반도체 제조 공정에서 장비와 호스트간에 통신을 할 수 있는 SECS(SEMI Equipment Communications Standard) 프로토를의 개발을 제안한다. SECS 프로토콜은 메시지 전송을 위한 헤더 부분을 정의하는 SECS-I 프로토콜과 메시지 내용을 정의하는 SECS-II 프로토콜로 나뉘어지는데, RS232 시리얼 통신을 하는 SECS-I 프로토콜 대신에 이더넷(ethernet)을 통해 TCP/IP 통신을 할 수 있는 HSMS 프로토콜을 구현하고자 한다. HSMS(High-speed SECS Message Services)프로토콜은 SECS-I과 마찬가지로 SECS-II 메시지 내용을 전송 할 수 있도록 10바이트 크기의 헤더로 정의된다. HSMS 프로토콜 통신은 TCP/IP를 기반으로 하기 때문에 SECS 메시지 전송을 위한 통신 선로를 설정하기 위해 소켓 API를 응용하고 항상 통신 대기상태를 유지하기 위해 데몬(daemon) 형태로 구성한다. 실제 메시지 내용을 정의하고 있는 SECS-II 프로토콜은 데이터 인덱스 테이블과 표준에 정의된 형식에 맞게 파일형태나 DLL(Dynamic Link Library)형태로 구성하고 프로세스 프로그램(process program)을 수행하기 위해 SECS 프로토콜 표준에서 정의하는 SML(SECS Message Language)형식으로 변환 할 수 있는 스크립트 변환기(script translator)를 구현한다. 또한 HSMS 프로토콜이 전송할 SECS-II 메시지를 저장하기 위한 파라미터를 정의하고 실제 통신을 위한 테스트 베드를 위한 응용 프로그램을 제작한다

• Journal of Software Assessment and Valuation
• /
• v.15 no.1
• /
• pp.1-9
• /
• 2019

We intend to collect and analyze traffic efficiently in order to detect copyright infringement that illegally share contents on Tor network. We have designed and implemented a Tor traffic collection system using multiple virtual machines. We use a number of virtual machines and Mini PCs as clients to connect to Tor network, and automate both the collection and refinement processes in the traffic collection server through script-based test client software. Through this system, only the necessary field data on Tor network can be stored in the database, and only 95% or more of recognition of Tor traffic is achieved.

• The KIPS Transactions:PartD
• /
• v.18D no.1
• /
• pp.35-44
• /
• 2011

Memory errors can cause not only program malfunctions but also even unexpected system halt. Though a programmer checks memory errors, some memory errors with low occurrence frequency are missed to detect. In this paper, we propose a method for effectively detecting such memory errors using instruction transition diagrams through analyzing assembly codes obtained by disassembling an executable file. Out of various memory errors, local memory return errors, null pointer access errors and uninitialized pointer access errors are targeted for detection. When applying the proposed method to various programs including well-known open source programs such as Apache web server and PHP script interpreter, some potential memory errors are detected.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.9
• /
• pp.144-150
• /
• 2020

This study examined the current status of ATE in the development stage of the domestic guided weapons field, including the re-establishment of automatic test equipment (ATE), and attempted to develop methods to verify the validity of ATE in the defense sector. This study includes methods for confirming the repeatability and reproducibility of newly manufactured or replaced ATE. An error injection test is required for validation in the development phase. And pre-inspection steps are required for validation. When developing ATE, the use of an international standard testing script language ensures efficient validation and SW reliability. This ensures interoperability between the main and test equipment, and the tester can secure a test system platform that supports standardized testing methods, which is considered to be effective in validating specific ATE for each weapon system.

• Journal of Korea Game Society
• /
• v.6 no.4
• /
• pp.39-45
• /
• 2006

In game developments, the design results are often modified not only in the design phase but also in the implementation and test phases. The results of game design are consisted of the results of game rule design and the results of game contend design. The results of game rule design should be correctly understood to all the participants, be efficiently managed by the given configuration controls, and be accurately verified. In this study, we carry out a survey of representation methods of game rules in game design. We have the comparison analysis of the written representation, the UML representation, the Petri net representation, and script-language representation methods about the suitability of the representation method for game rule designs. The comparison analysis is about the representation scope, the visual representation, the automated verification, and the configuration management. The analysis results show that the UML representation is the best method but it needs more convenient automated verification method.