• Journal of the Korea Society of Computer and Information
• /
• v.16 no.6
• /
• pp.51-59
• /
• 2011

In domestic, the binary code analysis technology is insufficient. In general, an executable file that is installed on your computer without the source code into an executable binary files is given only the most dangerous, or because it is unknown if the action is to occur. In this paper, static program analysis at the binary level to perform the design and implementation framework. In this paper, we create a control flow graph. We use the graph of the function call and determine whether dangerous. Through Framework, analysis of binary files is easy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.171-179
• /
• 2022

Self-Modifying-Code is a code that changes the code by itself during execution time. This technique is particularly abused by malicious code to bypass static analysis. Therefor, in order to effectively detect such malicious codes, it is important to identify self-modifying-codes. In the meantime, Self-modify-codes have been analyzed using dynamic analysis methods, but this is time-consuming and costly. If static analysis can detect self-modifying-code it will be of great help to malicious code analysis. In this paper, we propose a static analysis method to detect self-modified code for binary executable programs converted to LLVM IR and apply this method by making a self-modifying-code benchmark. As a result of the experiment in this paper, the designed static analysis method was effective for the standardized LLVM IR program that was compiled and converted to the benchmark program. However, there was a limitation in that it was difficult to detect the self-modifying-code for the unstructured LLVM IR program in which the binary was lifted and transformed. To overcome this, we need an effective way to lift the binary code.

• The Journal of the Korea Contents Association
• /
• v.10 no.5
• /
• pp.70-79
• /
• 2010

We perform static program analysis for the binary code. The reason you want to analyze at the level of binary code, installed on your local computer, run the executable file without source code. And the reason we want to perform static analysis, static program analysis is to understand what actions to perform on your local computer. In this paper, execution flow graph representing information such as the execution order among functions and the flow of control is generated. Using graph, User can find execution flow of binary file and calls of insecure functions at the same time, and the graph should facilitate the analysis of binary files. In addition, program to be run is ensured the safety by providing an automated way to search the flow of execution, and program to be downloaded and installed from outside is determined whether safe before running.

• Journal of KIISE
• /
• v.44 no.10
• /
• pp.1019-1025
• /
• 2017

Binary similarity analysis is used in vulnerability analysis, malicious code analysis, and plagiarism detection. Proving that a function is equal to a well-known safe functions of different versions through similarity analysis can help to improve the efficiency of the binary code analysis of malicious behavior as well as the efficiency of vulnerability analysis. However, few studies have been carried out on similarity analysis of the same function of different versions. In this paper, we analyze the similarity of function units through various methods based on extractable function information from binary code, and find a way to analyze efficiently with less time. In particular, we perform a comparative analysis of the different versions of the OpenSSL library to determine the way in which similar functions are detected even when the versions differ.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.21 no.10
• /
• pp.2653-2659
• /
• 1996

In this paper, DC-free and minimum bandwidth binary line codes with look-up table are proposed and their performances are analyzed. As results of performance analysis, the proposed codes are shown to have spectral nulls at DC and Nyquist frequency. Among the proposed codes, binary line codes of which both codeword digital sum and alternating digital sum are zero have lower code rate but better spectral characteristics. Furthermore, binary line codes which consist of all codewords including those with nonzero digital sum and alternating digital sum have worese spectral characteristics but higher code rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.437-444
• /
• 2014

In this paper, we introduce a Graph based Binary Code Execution Path Exploration Platform. In the graph, a node is defined as a conditional branch instruction, and an edge is defined as the other instructions. We implemented prototype of the proposed method and works well on real binary code. Experimental results show proposed method correctly explores execution path of target binary code. We expect our method can help Software Assurance, Secure Programming, and Malware Analysis more correct and efficient.

• Journal of Satellite, Information and Communications
• /
• v.9 no.2
• /
• pp.110-113
• /
• 2014

In this paper, we address a problem of finding the optimum inner and outer code rates for a concatenated code in Gaussian binary symmetric channels. Clearly, as the inner code rate decreases, the error detection capability of the inner code increases. However, decreasing the inner code rate implies a decrease in error-correction capability of the outer code when overall code rate is fixed. With this notion in mind, we examine the optimum distribution of redundancy on the outer and inner codes to achieve a maximum performance gain in the concatenated coding scheme. Our analysis shows that the maximum coding gain can be obtained when the inner code rate is maximized and the outer code rate is minimized under the constraint of total code rate is fixed.

• Journal of the Korean Institute of Telematics and Electronics A
• /
• v.29A no.8
• /
• pp.10-17
• /
• 1992

A new line code design technique based on the BUDA(Binary Unit DSV and ASV) concept is introduced. The new line code called MB34 and designed by this new technique is of the minimum bandwidth, dc-free, and runlength limited. To confirm the performance of the new code, its power spectrum and eye pattern are obtained, wherein spectral nulls at dc(f=0) and Nyguist frequency (f=1/2Ts) are clearly identified. It is also discussed how the transmission errors can be detected by monitoring the DSV, the ASV, and the runlength.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.17 no.9
• /
• pp.963-971
• /
• 1992

A (4,6) block binary line code is proposed. In addition to being de-free and runlength-limited, the new code called MB46 is strictly bandwidth-limited to the Nyquist frequency, thus achieving improved bandwidth efficiency over previously known binary line code. A technique specially employed in the design of the code is described in depth, and some performance measures including the eye pattern and the power spectrum are presented as obtained by simulation.

• 한국ITS학회:학술대회논문집
• /
• 2008.11a
• /
• pp.351-354
• /
• 2008