• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• The Journal of the Korea Contents Association
• /
• v.20 no.4
• /
• pp.14-24
• /
• 2020

This paper aims to establish an efficient national R&D Application Programming Interface (API) management system for national R&D data-driven management and explore the possibility of using operational data according to the recent global data openness and sharing policy. In accordance with the trend of opening and sharing of national R&D data, we plan to improve management efficiency by analyzing operational data of the national R&D API service. For this purpose, we standardized the parameters for the national R&D APIs that were distributed separately by integrating the individual APIs to build a national R&D API management system. The results of this study revealed that the service call traffic of the national R&D API has shown 554.5% growth in the year as compared to the year 2015 when the measurement started. In addition, this paper also evaluations the possibility of using operational data through data preparation, analysis, and prediction based on service operations management data in the actual operation of national R&D integrated API management system.

• Journal of KIISE
• /
• v.43 no.10
• /
• pp.1067-1072
• /
• 2016

Software birthmarks, which are unique characteristics of the software, are used to detect software plagiarism or software similarity. Generally, software birthmarks are divided into static birthmarks or dynamic birthmarks, which have evident pros and cons depending on the extraction method. In this paper, we propose a method for extracting the API sequence birthmarks using a dynamic analysis and similarity detection between the executable codes. Dynamic birthmarks based on API sequences extract API functions during the execution of programs. The extracted API sequences often include all the API functions called from the start to the end of the program. Meanwhile, our dynamic birthmark scheme extracts the API functions only called directly from the executable code. Then, it uses a sequence alignment algorithm to calculate the similarity metric effectively. We evaluate the birthmark with several open source software programs to verify its reliability and credibility. Our dynamic birthmark scheme based on the extracted API sequence can be utilized in a similarity test of executable codes.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.10
• /
• pp.7211-7218
• /
• 2015

Tens of thousands of malicious codes are generated on average in a day. New types of malicious codes are surging each year. Diverse methods are used to detect such codes including those based on signature, API flow, strings, etc. But most of them are limited in detecting new malicious codes due to bypass techniques. Therefore, a lot of researches have been performed for more efficient detection of malicious codes. Of them, visualization technique is one of the most actively researched areas these days. Since the method enables more intuitive recognition of malicious codes, it is useful in detecting and examining a large number of malicious codes efficiently. In this paper, we analyze the relationships between malicious codes and Native API functions. Also, by applying the word cloud with text mining technique, major Native APIs of malicious codes are visualized to assess their maliciousness. The proposed malicious code analysis method would be helpful in intuitively probing behaviors of malware.

• Korea Science and Art Forum
• /
• v.37 no.3
• /
• pp.135-145
• /
• 2019

IFC(Industry Foundation Classes) is used for information exchange in BIM-based collaboration process, and it does not secure reliability of information exchange results between fields due to structural limitations. In the end, it is a realistic problem that we have to use specialized BIM software by field, and we can not secure smooth interoperability in the process of information exchange and change. This study was conducted to find ways to secure the interoperability of BIM work between architecture and structure fields by utilizing Open Source provided by software developers to solve these problems. First, through expert survey and in-depth interview, information and improvement factors required in the process of collaboration between architecture and structure were derived. Second, in order to find a solution to the improvement factors, existing studies related to Open-API and domestic and overseas APIs were investigated and analyzed. Third, Ad-On was developed to secure interoperability by using Open API, mainly BIM S/W, which is mainly used in each field. As a result of the study, the possibility of securing interoperability through the management of the design change history between fields was confirmed by using API. It is judged that the application range of API will be expanded to the construction and maintenance field in the future. Therefore, in order to increase the usability for application diffusion, further research on interface improvement through user-centered verification is needed.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.2
• /
• pp.79-88
• /
• 2021

In this paper, we propose a API Gateway technique for the expansion of human resource management module, one of the ERP functions. The institution has introduced ERP (Enterprise Resource Planning) based on its efforts to transform all human and physical resources into business competitiveness and its response to the digital knowledge informatization environment, and listed it as multiple success factors. Human resource management is one of the factors that have been dealt with. However, ERP's Human Resources Management Module remains in the role of functional personnel management. How to utilize human resources begins with navigating and recognizing human resources. The proposed API Gateway technique leverages blockchain networks to design and implement APIs for human resource sharing and navigation, including the possibility of extending ERP's human resource management module. Secondly, it was designed and implemented using a smart contract that behaves like an API for preventing information forgery. The proposed method will not only be used as a tool that can actively utilize human resources, but will also be a complete resource for utilizing big data technology.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.11
• /
• pp.123-130
• /
• 2022

Recently, studies on the detection and classification of Android malware based on API Call sequence have been actively carried out. However, API Call sequence based malware classification has serious limitations such as excessive time and resource consumption in terms of malware analysis and learning model construction due to the vast amount of data and high-dimensional characteristic of features. In this study, we analyzed various classification models such as LightGBM, Random Forest, and k-Nearest Neighbors after significantly reducing the dimension of features using PCA(Principal Component Analysis) for CICAndMal2020 dataset containing vast API Call information. The experimental result shows that PCA significantly reduces the dimension of features while maintaining the characteristics of the original data and achieves efficient malware classification performance. Both binary classification and multi-class classification achieve higher levels of accuracy than previous studies, even if the data characteristics were reduced to less than 1% of the total size.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.1043-1053
• /
• 2023

Malware analysts work diligently to analyze and counteract malware, while developers persistently devise evasion tactics, notably through packing and obfuscation techniques. Although previous works have proposed general unpacking approaches, they inadequately address techniques like OEP obfuscation and API obfuscation employed by modern packers, leading to occasional failures during the unpacking process. This paper examines the OEP and API obfuscation techniques utilized by various packers and introduces a system designed to automatically de-obfuscate them. The system analyzes the memory of packed programs, detects trampoline codes, and identifies obfuscated information, for program reconstruction. Experimental results demonstrate the effectiveness of our system in de-obfuscating programs that have undergone OEP and API obfuscation techniques.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.621-624
• /
• 2002

최근 급속도로 발전하고 있는 생체인식 분야는 상업적인 활성화와 이에 따른 사용자의 신뢰성 확보를 위해 서로 다른 생체인식 제품들의 상호호환성과 상호연동성을 고려한 표준화된 생체인식 데이터 및 API에 대한 기술 개발을 하고 있으며, 이러한 생체 인식 기술의 표준화는 제품들의 호환성 측면에서 매우 중요하므로 생체 정보를 이용하는 모든 제품에 대하여 시스템과 소프트웨어에 대한 표준적합성 시험이 요구될 것이다. 이에 따라 본 연구에서는 생체인식시스템 응용 인터페이스 표준 규격인 BioAPI에 대하여 표준 적합성 시험도구를 개발하기 위하여 우선적으로 BioAPI 표준규격에서 명시하는 필수함수에 대한 표준적합성시험을 수행하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06d
• /
• pp.226-228
• /
• 2006

최근 정보통신 환경은 통신, 방송, 인터넷이 통합되는 디지털 융합 서비스 제공 형태로 급속히 변화하고 있다. 이에 따라 통신환경이 개방형 네트워크 형태의 광대역통합망으로 변화하였다. 이런 광대역 통합망에서는 Open API(Application Program Interface)에 의하여 third-party 애플리케이션의 제공을 가능하게 한다. Open API에는 대표적으로 Parlay API가 있으며 Parlay API와 웹 서비스를 접목시키고 한단계 더 추상화한 Parlay X API가 있다. 웹 서비스의 요소중의 하나인 UDDI는 웹 서비스를 쉽게 검색, 공유 및 재사용 할 수 있도록 하는 환경을 가져오게 된다. 본 논문에서는 웹서비스기반의 개방형서비스 게이트웨이를 위한 효율적인 UDDI 레지스트리 구축방안에 대해 제안하였다.