• Nuclear Engineering and Technology
• /
• 제43권1호
• /
• pp.45-62
• /
• 2011

The Korean nuclear industry is developing a thermal-hydraulic analysis code for safety analysis of pressurized water reactors (PWRs). The new code is called the Safety and Performance Analysis Code for Nuclear Power Plants (SPACE). The SPACE code adopts advanced physical modeling of two-phase flows, mainly two-fluid three-field models which comprise gas, continuous liquid, and droplet fields and has the capability to simulate 3D effects by the use of structured and/or nonstructured meshes. The programming language for the SPACE code is C++ for object-oriented code architecture. The SPACE code will replace outdated vendor supplied codes and will be used for the safety analysis of operating PWRs and the design of advanced reactors. This paper describes the overall features of the SPACE code and shows the code assessment results for several conceptual and separate effect test problems.

• International Journal of Advanced Culture Technology
• /
• 제9권4호
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권9호
• /
• pp.3221-3242
• /
• 2021

The purpose of the study is to examine the current study trend of 'QR code' and suggest a direction for the future study of big data analysis: (1) Background: study trend of 'QR code' and analysis of the text by subject field and year; (2) Methodology: data scraping and collection, EXCEL summary, and preprocess and big data analysis by R x 64 4.0.2 program package; (3) the findings: first, the trend showed a continuous increase in 'QR code' studies in general and the findings were applied in various fields. Second, the analysis of frequent keywords showed somewhat different results by subject field and year, but the overall results were similar. Third, the visualization of the frequent keywords also showed similar results as that of frequent keyword analysis; and (4) the conclusions: in general, 'QR code' studies are used in various fields, and the trend is likely to increase in the future as well. And the findings of this study are a reflection that 'QR code' is an aspect of our social and cultural phenomena, so that it is necessary to think that 'QR code' is a tool and an application of information. An expansion of the scope of the analysis is expected to show us more meaningful indications on 'QR code' study trends and development potential.

• 정보보호학회논문지
• /
• 제32권2호
• /
• pp.171-179
• /
• 2022

자체 수정 코드(Self-Modifying-Code)란 실행 시간 동안 스스로 실행 코드를 변경하는 코드를 말한다. 이런 기법은 특히 악성코드가 정적 분석을 우회하는 데 악용된다. 따라서 이러한 악성코드를 효과적으로 검출하려면 자체 수정 코드를 파악하는 것이 중요하다. 그동안 동적 분석 방법으로 자체 수정 코드를 분석해왔으나 이는 시간과 비용이 많이 든다. 만약 정적 분석으로 자체 수정 코드를 검출할 수 있다면 악성코드 분석에 큰 도움이 될 것이다. 본 논문에서는 LLVM IR로 변환한 바이너리 실행 프로그램을 대상으로 자체 수정 코드를 탐지하는 정적 분석 방법을 제안하고, 자체 수정 코드 벤치마크를 만들어 이 방법을 적용했다. 본 논문의 실험 결과 벤치마크 프로그램을 컴파일로 변환한 최적화된 형태의 LLVM IR 프로그램에 대해서는 설계한 정적 분석 방법이 효과적이었다. 하지만 바이너리를 리프팅 변환한 비정형화된 LLVM IR 프로그램에 대해서는 자체 수정 코드를 검출하기 어려운 한계가 있었다. 이를 극복하기 위해 바이너리를 리프팅 하는 효과적인 방법이 필요하다.

• International Journal of Internet, Broadcasting and Communication
• /
• 제9권1호
• /
• pp.24-28
• /
• 2017

In the Internet of Things (IoT), resource-limited smart devices communicate with each other while performing sensing and computation tasks. Thus, these devices can be exposed to various attacks being launched and spread through network. For instance, attacker can reuse the codes of IoT devices for malicious activity executions. In the sense that attacker can craft malicious codes by skillfully reusing codes stored in IoT devices, code-reuse attacks are generally considered to be dangerous. Although a variety of schemes have been proposed to defend against code-reuse attacks, code randomization is regarded as a representative defense technique against code-reuse attacks. Indeed, many research have been done on code randomization technique, however, there are little work on analysis of the interactions between code randomization defenses and code-reuse attacks although it is imperative problem to be explored. To provide the better understanding of these interactions in IoT, we analyze how code randomization defends against code-reuse attacks in IoT and perform simulation on it. Both analysis and simulation results show that the more frequently code randomizations occur, the less frequently code-reuse attacks succeed.

• 한국안전학회지
• /
• 제27권6호
• /
• pp.192-204
• /
• 2012

For a severe accident of nuclear power plant, an approach to estimation of the radiological source term using a severe accident code(MELCOR) has been proposed. Although the MELCOR code has a capability to estimate the radiological source term, it has been hardly utilized for the radiological consequence analysis mainly due to a lack of understanding on the relevant function employed in MELCOR and severe accident phenomena. In order to estimate the severe accident source term to be linked with the radiological consequence analysis, this study proposes 4-step procedure: (1) selection of plant condition leading to a severe accident(i.e., accident sequence), (2) analysis of the relevant severe accident code, (3) investigation of the code analysis results and post-processing, and (4) generation of radiological source term information for the consequence analysis. The feasibility study of the present approach to an early containment failure sequence caused by a fast station blackout(SBO) of a reference plant (OPR-1000), showed that while the MELCOR code has an integrated capability for severe accident and source term analysis, it has a large degree of uncertainty in quantifying the radiological source term. Key insights obtained from the present study were: (1) key parameters employed in a typical code for the consequence analysis(i.e., MACCS) could be generated by MELCOR code; (2) the MELOCR code simulation for an assessment of the selected accident sequence has a large degree of uncertainty in determining the accident scenario and severe accident phenomena; and (3) the generation of source term information for the consequence analysis relies on an expert opinion in both areas of severe accident analysis and consequence analysis. Nevertheless, the MELCOR code had a great advantage in estimating the radiological source term such as reflection of the current state of art in the area of severe accident and radiological source term.

• Nuclear Engineering and Technology
• /
• 제55권1호
• /
• pp.131-143
• /
• 2023

Constitutive equations in a nuclear reactor safety analysis code are mostly empirical correlations developed from experiments, which always accompany uncertainties. The accuracy of the code can be improved by modifying the constitutive equations fitting wider range of data with less uncertainty. Thus, the sensitivity of the code with respect to the constitutive equations is evaluated quantitatively in the paper to understand the room for improvement of the code. A new methodology is proposed which first starts by dividing the thermal hydraulic conditions into multiple sub-regimes using self-organizing map (SOM) clustering method. The sensitivity analysis is then conducted by multiplying an arbitrary set of coefficients to the constitutive equations for each sub-divided thermal-hydraulic regime with SOM to observe how the code accuracy varies. The randomly chosen multiplier coefficient represents the uncertainty of the constitutive equations. Furthermore, the set with the smallest error with the selected experimental data can be obtained and can provide insight which direction should the constitutive equations be modified to improve the code accuracy. The newly proposed method is applied to a steady-state experiment and a transient experiment to illustrate how the method can provide insight to the code developer.

• 융합보안논문지
• /
• 제19권3호
• /
• pp.37-41
• /
• 2019

최근 다양한 형태의 악성코드 등장으로 인해 기존의 정적 분석은 많은 한계를 노출하고 있다. 정적분석은 (악성)코드를 실제로 실행하지 않고 원시 코드나 목적 코드를 가지고 코드나 프로그램의 구조를 분석하는 것을 의미한다. 한편 정보보안 분야에서의 동적 분석이란 일반적으로 (악성)코드를 직접 실행하여 분석하는 형태로 프로그램의 실행 플로우를 파악하기 위해 (악성)코드의 실행 전후 상태를 비교·조사하여 분석하는 형태를 의미한다. 그러나 동적 분석을 위해서는 막대한 양의 데이터와 로그를 분석해야 하며 모든 실행 플로우를 실제로 저장하기도 어려웠다. 본 논문에서는 윈도우 환경(윈도우 10 R5 이상)에서 2세대 PT를 기반으로 악성코드 탐지 및 실시간 다중 동적 분석을 수행하는 시스템의 전처리기 구조를 제안하였고 이를 구현하였다.

• 반도체디스플레이기술학회지
• /
• 제20권3호
• /
• pp.113-116
• /
• 2021

As artificial intelligence technologies, including deep learning, develop, these technologies are being introduced to code similarity analysis. In the traditional analysis method of calculating the graph edit distance (GED) after converting the source code into a control flow graph (CFG), there are studies that calculate the GED through a trained graph neural network (GNN) with the converted CFG, Methods for analyzing code similarity through CNN by imaging CFG are also being studied. In this paper, to determine which approach will be effective and efficient in researching code similarity analysis methods using artificial intelligence in the future, code similarity is measured through funcGNN, which measures code similarity using GNN, and Siamese Network, which is an image similarity analysis model. The accuracy was compared and analyzed. As a result of the analysis, the error rate (0.0458) of the Siamese network was bigger than that of the funcGNN (0.0362).

• 융합보안논문지
• /
• 제10권3호
• /
• pp.51-60
• /
• 2010

인터넷 기술의 급격한 발전으로 인한 편리함과 더불어 다양한 악성코드들이 제작되고 있다. 악성코드의 발생건수는 날이 갈수록 부지기수로 늘어나고 있으며, 변종 혹은 새로운 악성코드에 대한 유포는 매우 심각하여 악성코드에 대한 분석은 절실히 필요한 시점이다. 악성코드에 대한 판단기준을 설정할 필요가 있으며, 알고리즘을 이용한 악성코드 분류의 단점은 이미 발견된 악성코드에 대한 분류는 효율적이나 새롭게 생긴 악성코드나 변종된 악성코드에 대해서는 새로운 탐지가 어려운 단점이 있다. 이에 본 연구의 목적은 시각화 기법의 장점을 이용하여 기존의 다변량의 악성코드에 대한 측정 및 분석뿐만 아니라, 변종 혹은 새로운 악성코드에 대해서도 새로운 패턴 혹은 형태를 도출하여 새로운 악성코드와 변종들에 대해서 대처하는데 있다. 따라서 본 논문에서는 업체에서 제공되는 악성코드 속성을 시각화하여 분석하는 기법을 제안하고자 한다.