• Nuclear Engineering and Technology
• /
• v.19 no.4
• /
• pp.279-291
• /
• 1987

The event tree/fault tree techniques used in the current probabilistic risk assessment (PRA) of nuclear power plants are based on the binary and static description of the components and the system. While these techniques Bay be adequate in most of the safety studies, more advanced techniques, e.g., the Markov reliability analysis, are required to accurately study such problems as the plant availability assessments and technical specifications evaluations that are becoming increasingly important. This paper describes a Markov model for the Reactor Protection System of a pressurized water reactor and presents results of model evaluations for two testing policies in technical specifications.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.6
• /
• pp.724-731
• /
• 2018

Code obfuscation is a technology that makes programs difficult to understand for the purpose of interpreting programs or preventing forgery or tampering. Inverse reading is a technology that analyzes the meaning of origin through reverse engineering technology by receiving obfuscated programs as input. This paper is an analysis of obfuscation and reverse-toxicization technologies for binary code in a virtualized-based environment. Based on VMAttack, a detailed analysis of static code analysis, dynamic code analysis, and optimization techniques were analyzed specifically for obfuscation and reverse-dipidization techniques before obfuscating and reverse-dipulation techniques. Through this thesis, we expect to be able to carry out various research on virtualization and obfuscation. In particular, it is expected that research from stack-based virtual machines can be attempted by adding capabilities to enable them to run on register-based virtual machines.

• Journal of Energy Engineering
• /
• v.2 no.2
• /
• pp.225-230
• /
• 1993

Isothermal vapor-liquid equilibrium data have been measured for binary systems n-dodecane-1-defanol, n-doderane-1-dodecanol, and 1-decanoi-1-dodecanol at 140$^{\circ}C$ by using head space gas chromatography (H.S.G.C) as a static method. The activity coefficients, calculated taking into acount the nonideality of the liquid phase, were correlated with the conventional g$\^$E/ model, Margules, van Laar, Wilson, NRTL equations. These equilibrium data were thermodynamically consistent by Rrdlich- kister test, among these data, system n-dodecane-1-detanoi has minimum azeotrope.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.253-266
• /
• 2023

The Null Pointer Dereference vulnerability is a significant vulnerability that can cause severe attacks such as denial-of-service. Previous research has proposed methods for detecting vulnerabilities, but large and complex programs pose a challenge to their efficiency. In this paper, we present a lightweight tool for detecting specific functions in large binaryprograms through symbolizing variables and emulating program execution. The tool detects vulnerabilities through data dependency analysis and heuristics in each execution path. While our tool had an 8% higher false positive rate than the bap_toolkit, it detected all existing vulnerabilities in our dataset.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.615-619
• /
• 2012

Reverse engineering via static analysis is an essential step in software security and it focuses on reconstructing code structures and data abstractions. In particular, reverse engineering of data abstractions is critical to understand software but the previous scheme, VSA, is not suitable for applying to fragmented binaries. This paper proposes an enhanced method through dynamic region assignment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.45-55
• /
• 2019

DEX file and share objects (also known as the SO file) are important components that define the behaviors of an Android application. DEX file is implemented in Java code, whereas SO file under ELF file format is implemented in native code(C/C++). The two layers - Java and native can communicate with each other at runtime. Malicious applications have become more and more prevalent in mobile world, they are equipped with different evasion techniques to avoid being detected by anti-malware product. To avoid static analysis, some applications may perform malicious behavior in native code that is difficult to analyze. Existing researches fail to extract the call relationship which includes both Java code and native code, or can not analyze multi-DEX application. In this study, we design and implement a system that effectively extracts the call relationship between Java code and native code by analyzing DEX file and SO file of Android application.

• Smart Media Journal
• /
• v.7 no.1
• /
• pp.37-44
• /
• 2018

Utilizing sequence control and numerical computing, embedded devices are used in a variety of automated systems, including those at industrial sites, in accordance with their control program. Since embedded devices are used as a control system in corporate industrial complexes, nuclear power plants and public transport infrastructure nowadays, deliberate attacks on them can cause significant economic and social damages. Most attacks aimed at embedded devices are data-coded, code-modulated, and control-programmed. The control programs for industry-automated embedded devices are designed to represent circuit structures, unlike common programming languages, and most industrial automation control programs are designed with a graphical language, LAD, which is difficult to process static analysis. Because of these characteristics, the vulnerability analysis and security related studies for industry automation control programs have only progressed up to the formal verification, real-time monitoring levels. Furthermore, the static analysis of industrial automation control programs, which can detect vulnerabilities in advance and prepare for attacks, stays poorly researched. Therefore, this study suggests a method to present a discussion on an industry automation control program designed to represent the circuit structure to increase the efficiency of static analysis of embedded industrial automation programs. It also proposes a medium term translation technology exploiting LLVM IR to comprehensively analyze the industrial automation control programs of various manufacturers. By using LLVM IR, it is possible to perform integrated analysis on dynamic analysis. In this study, a prototype program that converts to a logical expression type of medium language was developed with regards to the S company's control program in order to verify our method.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.11
• /
• pp.273-280
• /
• 2020

Automatic Static Analysis Tools help developers to quickly find potential defects in source code with less effort. However, the tools reports a large number of false positive warnings which do not have to fix. In our study, we proposed an artificial neural network-based warning classification method using topic models of source code blocks. We collect revisions for fixing bugs from software change management (SCM) system and extract code blocks modified by developers. In deep learning stage, topic distribution values of the code blocks and the binary data that present the warning removal in the blocks are used as input and target data in an simple artificial neural network, respectively. In our experimental results, our warning classification model based on neural network shows very high performance to predict label of warnings such as true or false positive.

• Journal of KIISE
• /
• v.43 no.10
• /
• pp.1067-1072
• /
• 2016

Software birthmarks, which are unique characteristics of the software, are used to detect software plagiarism or software similarity. Generally, software birthmarks are divided into static birthmarks or dynamic birthmarks, which have evident pros and cons depending on the extraction method. In this paper, we propose a method for extracting the API sequence birthmarks using a dynamic analysis and similarity detection between the executable codes. Dynamic birthmarks based on API sequences extract API functions during the execution of programs. The extracted API sequences often include all the API functions called from the start to the end of the program. Meanwhile, our dynamic birthmark scheme extracts the API functions only called directly from the executable code. Then, it uses a sequence alignment algorithm to calculate the similarity metric effectively. We evaluate the birthmark with several open source software programs to verify its reliability and credibility. Our dynamic birthmark scheme based on the extracted API sequence can be utilized in a similarity test of executable codes.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.53-59
• /
• 2016

Recently, huge stream data have been generated in real time from various applications such as wireless sensor networks, Internet of Things services, and social network services. For this reason, to develop an efficient method have become one of significant issues in order to discover useful information from such data by processing and analyzing them and employing the information for better decision making. Since stream data are generated continuously and rapidly, there is a need to deal with them through the minimum access. In addition, an appropriate method is required to analyze stream data in resource limited environments where fast processing with low power consumption is necessary. To address this issue, the sliding window model has been proposed and researched. Meanwhile, one of data mining techniques for finding meaningful information from huge data, pattern mining extracts such information in pattern forms. Frequency-based traditional pattern mining can process only binary databases and treats items in the databases with the same importance. As a result, frequent pattern mining has a disadvantage that cannot reflect characteristics of real databases although it has played an essential role in the data mining field. From this aspect, high utility pattern mining has suggested for discovering more meaningful information from non-binary databases with the consideration of the characteristics and relative importance of items. General high utility pattern mining methods for static databases, however, are not suitable for handling stream data. To address this issue, sliding window based high utility pattern mining has been proposed for finding significant information from stream data in resource limited environments by considering their characteristics and processing them efficiently. In this paper, we conduct various experiments with datasets for performance evaluation of sliding window based high utility pattern mining algorithms and analyze experimental results, through which we study their characteristics and direction of improvement.