• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.691-705
• /
• 2012

Buffer overflow vulnerability is the most representative one that an attack method and its countermeasure is frequently developed and changed. This vulnerability is still one of the most critical threat since it was firstly introduced in middle of 1990s. Shellcode is a machine code which can be used in buffer overflow attack. Attackers make the shellcode for their own purposes and insert it into target host's memory space, then manipulate EIP(Extended Instruction Pointer) to intercept control flow of the target host system. Therefore, a lot of research to defend have been studied, and attackers also have done many research to bypass security measures designed for the shellcode defense. In this paper, we investigate shellcode defense and attack techniques briefly and we propose our new methodology which can hide shellcode in the 24bit BMP image. With this proposed technique, we can easily hide any shellcode executable and we can bypass the current detection and prevention techniques.

• International journal of advanced smart convergence
• /
• v.8 no.4
• /
• pp.47-57
• /
• 2019

We examine the weaknesses of the existing OOXML-based MS-Word file structure, and analyze how data concealment and forgery are performed in MS-Word digital documents. In case of forgery by including hidden information in MS-Word digital document, there is no difference in opening the file with the MS-Word Processor. However, the computer system may be malfunctioned by malware or shell code hidden in the digital document. If a malicious image file or ZIP file is hidden in the document by using the structural vulnerability of the MS-Word document, it may be infected by ransomware that encrypts the entire file on the disk even if the MS-Word file is normally executed. Therefore, it is necessary to analyze forgery and alteration of digital document through internal structure analysis of MS-Word file. In this paper, we designed and implemented a mechanism to detect this efficiently and automatic detection software, and presented a method to proactively respond to attacks such as ransomware exploiting MS-Word security vulnerabilities.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.15 no.3
• /
• pp.272-287
• /
• 2012

The optimal use of sonar systems for detection is a practical problem in a given ocean environment. In order to quantify the mission achievability in general, measure of effectiveness(MOE) is defined for specific missions. In this paper, using the specific MOE for detection, which is represented as cumulative detection probability(CDP), an integrated software package named as Optimal Acoustic Search Path Planning(OASPP) is developed. For a given ocean environment and sonar systems, the discrete observations for detection probability(PD) are used to calculate CDP incorporating sonar and environmental parameters. Also, counter-detection probability is considered for vulnerability analysis for a given scenario. Through modeling and simulation for a simple case for which an intuitive solution is known, the developed code is verified.

• Structural Engineering and Mechanics
• /
• v.7 no.1
• /
• pp.1-18
• /
• 1999

Seismic evaluation of a 32-story reinforced concrete framed tube building is performed by checking damageability, safety, and toughness limit states. The evaluation is based on Standard 2800 (Iranian seismic code) which recommends equivalent lateral static force, modal superposition, or time history dynamic analysis methods to be applied. A three dimensional linearly elastic model checked by ambient vibration test results is used for the evaluation. Accelerograms of three earthquakes as well as linearly elastic design response spectra are used for dynamic analysis. Damageability is checked by considering story drift ratios. Safety is evaluated by comparing demands and capacities at the story and element force levels. Finally, toughness is studied in terms of curvature ductility of members. The paper explains the methodology selected and various aspects in detail.

• International journal of advanced smart convergence
• /
• v.9 no.2
• /
• pp.157-163
• /
• 2020

Recently the blockchain technology has been actively studied due to its great potentiality. The smart contract is a key mechanism of the blockchain system. Due to the short history of the smart contract, many issues have not been solved yet. One main issue is vulnerability and another main issue is cost optimization. While the vulnerability of smart contract has been actively studied, the cost optimization has been rarely studied. In this paper, we propose two cost optimization methods for smart contracts running on the blockchain system. Triggering a function in a smart contract program code may require costs and it is repeated continuously. So the minimization of costs required to trigger a function of smart contract while maintaining the performance equally is very important. The proposed two methods minimize the usage of expensive permanent variables deployed on the blockchain system. We apply the proposed two methods to three prevalent blockchain platforms: Ethereum, Klaytn and Tron. Evaluation experiments verify that the proposed scheme significantly reduces the costs of functions in the smart contract written with Solidity.

• Journal of Internet Computing and Services
• /
• v.12 no.5
• /
• pp.39-46
• /
• 2011

The user authentication on the security applications is one of the most important process. Because character based password is commonly used for user authentication, it is most important to protect the keyboard. Due to the reason, several software solutions for keyboard security have been applied to critical sites. This paper introduces vulnerabilities to the commonly used USB keyboard, implements a sample code using the vulnerabilities and evaluates the possibility for the keyboard data to be stolen in the guarded environment. Through the comparison of the result, a countermeasure to the vulnerabilities is proposed.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.2
• /
• pp.275-285
• /
• 2019

Web-assemblies are a new binary standard designed to improve the performance of Web browser JavaScript. Web-assemblies are becoming a new web standard that can run at near native speed with efficient execution, concise representation, and code written in multiple languages. However, current Web-assembly vulnerability verification is limited to the Web assembly interpreter language, and vulnerability verification of Web-assembly binary itself is insufficient. Therefore, it is necessary to verify the safety of the web assembly itself. In this paper, we analyze how to operate the web assembly and verify the safety of the current web-assembly. In addition, we examine vulnerability of existing web -assembly and analyze limitations according to existing safety verification method. Finally, we introduce web-assembly API based fuzzing method to overcome limitation of web-assembly safety verification method. This verifies the effectiveness of the proposed Fuzzing by detecting crashes that could not be detected by existing safety verification tools.

• Journal of Internet Computing and Services
• /
• v.20 no.4
• /
• pp.13-19
• /
• 2019

In order to register an application with Apple's App Store, it must pass a rigorous verification process through the Apple verification center. That's why spyware applications are difficult to get into the App Store. However, malicious code can also be executed through normal application vulnerabilities. To prevent such attacks, research is needed to detect and analyze early to patch potential vulnerabilities in applications. To prove a potential vulnerability, it is necessary to identify the root cause of the vulnerability and analyze the exploitability. A tool for analyzing iOS applications is the debugger named LLDB, which is built into Xcode, the development tool. There are various functions in the LLDB, and these functions are also available as APIs and are also available in Python. Therefore, in this paper, we propose a method to efficiently analyze potential vulnerabilities of iOS application by using LLDB API.

• Journal of Software Engineering Society
• /
• v.28 no.1
• /
• pp.13-22
• /
• 2019

To enhance effective and efficient applications of automated security vulnerability checkers in highly competitive and fast-evolving IT industry, this paper studies a comprehensive set of security bug checkers in open-source static analysis frameworks and how they can be utilized for source code inspections according to the security vulnerability inspection guidelines by MOIS. This paper clarifies the relationship be tween all 42 inspection criteria in the MOIS guideline and total 323 security bug checkers in 4 popular open-source static analysis frameworks for Java web applications. Based on the result, this paper also discuss the current challenges and issues in the MOIS guideline, the comparison among the four security bug checker frameworks, and also the ideas to improve the security inspection methodologies using the MOIS guideline and open-source static security bug checkers.