• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.67-77
• /
• 2017

A protector is a software for protecting core technologies by using compression and encryption. Nowadays malwares use the protector to conceal the malicious code from the analysis. For detailed analysis of packed program, unpacking the protector is a necessary procedure. Lately, most studies focused on finding OEP to unpack the program. However, in this case, it would be difficult to analyze the program because of the limits to remove protecting functions by finding OEP. In this paper, we studied about the protecting functions in the Themida and propose an unpacking technique for it.

• Journal of the Korean GEO-environmental Society
• /
• v.13 no.12
• /
• pp.81-89
• /
• 2012

The existing tunnel in urban area can be enlarged because of requirement of road-widening by traffic growth. The protector with rectangular cross section can be set up in the tunnel, which will be constructed for enlargement of width, to solve traffic jam around the tunnel. It is impossible to install the rockbolt in the lower area of tunnel due to a limited space between the protector and cutting surface. The objective of this study is to suggest the method of shotcrete thickness increase instead of rockbolt installation in the side wall of tunnel for the stability of tunnel. Numerical analysis was performed to evaluate displacement at the crown of tunnel, convergence of tunnel, and stress in shotcrete lining in 3-lane and 4-lane NATM tunnels enlarged from 2-lane conventional tunnel. There were three types of analysis condition, rockbolt installation, no rockbolt installation, and increase of shotcrete thickness without rockbolt in the side wall of tunnel. There was no difference on the displacement at the crown and the convergence of upper tunnel. In the lower tunnel, the convergence in case of no rockbolt installation was larger as maximum 1.3mm than that in case of rockbolt installation. The stress in shotcrete lining in case of no rockbolt installation was larger as maximum 1.3MPa than that in case of rockbolt installation. Numerical analysis was performed to compare the behavior of shotcrete with rockbolt with that of shotcrete, which its thickness was increased, without rockbolt. The shotcrete has an increase of 20%(250mm ${\rightarrow}$ 300mm, 4-lane tunnel)~25%(200mm ${\rightarrow}$ 250mm, 3-lane tunnel) in its thickness to reduce the stress in shotcrete lining. The behavior of shotcrete lining increased the shotcrete thickness by 20%~25% was similar to that of existing shotcrete lining with rockbolt.

• Language and Information
• /
• v.4 no.1
• /
• pp.141-155
• /
• 2000

• Proceedings of the Korean Society for Language and Information Conference
• /
• 2000.06a
• /
• pp.141-155
• /
• 2000

• Journal of Korean Tunnelling and Underground Space Association
• /
• v.13 no.3
• /
• pp.261-275
• /
• 2011

To maintain the traffic flow during tunnel expansion, cars must be protected from falling rocks during excavation and to do so, a protector has to be installed inside the tunnel before beginning the excavation. In Korea, tunnel expansion by blasting rather than by mechanical excavation has been widely achieved. For this reason, a series of numerical analysis were performed to analyze the characteristics of impact load according to material behaviour of blasted rock by using Explicit FEA program. From the numerical results, it is found that the impact loads when rock is assumed as an elastic-plastic material appear to be only 7~12% compared with that when it is elastic.

• Proceedings of the KIEE Conference
• /
• 2007.07a
• /
• pp.398-399
• /
• 2007

정보통신설비의 발달로 통신속도가 빨라지고 정보처리 용량도 증가하면서 통신설비가 과거에 비해 소형 분산 설치되어 뇌서지에 상대적으로 취약하게 되었으며 이로 인한 피해는 해마다 증가되는 경향이다. 통신설비의 장애는 정보전달의 기능을 상실함과 동시에 업무의 정지 및 통신네트워크의 정지로 이어져 사회적으로 커다란 문제를 야기하고 있다. 통신설비에 서지가 침입하는 경로는 여러 가지가 있으며 전원측으로 침입하는 이상전압의 종류로는 크게 낙뢰과전압, 스위칭과전압, 일시적 과전압으로 구분할 수 있으며 이로부터 통신설비를 보호하기 위하여 전원측에 서지프로텍터를 설치하고 있다. 본 논문에서는 저압선로에 서지프로텍터 설치시 적용방법에 대하여 설명한다.

• LP가스
• /
• s.78
• /
• pp.8-9
• /
• 2002

우리회는 지난 98년 산자부와 가스안전공사에 LPG용기의 재검사기한을 연장해달라고 건의한 바 있으며 가스안전공사가 두차례에 걸쳐 용기도색 부식여부, 프로텍터 및 스커트 손상여부 등 용기실태조사를 실시한 결과 20kg용기의 최초 재검사기한을 현행 3년에서 4년으로 연장해도 좋다는 내용으로 산자부에 개정을 요청한 바 있다. 최근 협회에서 산자부에 다시 건의한 내용ㅇ르 게재한다.

• Journal of the Korean Geotechnical Society
• /
• v.27 no.11
• /
• pp.47-54
• /
• 2011

In this paper, longitudinal behaviors of a tunnel with respect to various conditions are analyzed, and a new equation of longitudinal deformation curve during tunnel expansion is proposed. Finally, the range of protection by a protector is investigated using the proposed equation. To achieve the objectives, numerical analysis according to the ground and expansion conditions is performed. The results show that the range of protection, when a 2 traffic lane tunnel is expanded to 4 traffic lanes, should cover at least 24m to backward and 35m forward.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1375-1382
• /
• 2019

The latest version of commercial protector, Themida, has been updated, it is impossible to apply a normalized unpacking mechanism from previous studies by disable the use of a virtual memory allocation that provides initial data to be tracked. In addition, compared to the previous version, which had many values that determined during execution and easy to track dynamically, it is difficult to track dynamically due to values determined at the time of applying the protector. We will look at how the latest version of Themida make it difficult to normalize the API wrapping process by adopted techniques and examine the possibilities of applying the unpacking techniques to further develop an automated unpacking system.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.11
• /
• pp.297-304
• /
• 2021

Commercial obfuscation tools (protectors) aim to create difficulties in analyzing the operation process of software by applying obfuscation techniques and Anti-reversing techniques that delay and interrupt the analysis of programs in software reverse engineering process. In particular, in case of virtualization detection and anti-debugging functions, the analysis tool exits the normal execution flow and terminates the program. In this paper, we analyze Anti-reversing techniques of executables with Debugger Detection and Viralization Tools Detection options through VMProtect 3.5.0, one of the commercial obfuscation tools (protector), and address bypass methods using Pin. In addition, we predicted the location of the applied obfuscation technique by finding out a specific program termination routine through API analysis since there is a problem that the program is terminated by the Anti-VM technology and the Anti-DBI technology and drew up the algorithm flowchart for bypassing the Anti-reversing techniques. Considering compatibility problems and changes in techniques from differences in versions of the software used in experiment, it was confirmed that the bypass was successful by writing the pin automation bypass code in the latest version of the software (VMProtect, Windows, Pin) and conducting the experiment. By improving the proposed analysis method, it is possible to analyze the Anti-reversing method of the obfuscation tool for which the method is not presented so far and find a bypass method.