• Journal of Korea Multimedia Society
• /
• v.20 no.11
• /
• pp.1759-1767
• /
• 2017

Although Open API has been invigorated by advancements in the software industry, diverse types of malicious code have also increased. Thus, many studies have been carried out to discriminate the behaviors of malicious code based on API data, and to determine whether malicious code is included in a specific executable file. Existing methods detect malicious code by analyzing signature data, which requires a long time to detect mutated malicious code and has a high false detection rate. Accordingly, in this paper, we propose a method that analyzes and detects malicious code using association rule mining and an Naive Bayes classification. The proposed method reduces the false detection rate by mining the rules of malicious and normal code APIs in the PE file and grouping patterns using the DHP(Direct Hashing and Pruning) algorithm, and classifies malicious and normal files using the Naive Bayes.

• KIISE Transactions on Computing Practices
• /
• v.22 no.4
• /
• pp.170-177
• /
• 2016

Character encoding is a method for changing a document to a binary document file using the code table for storage in a computer. When people decode a binary document file in a computer to be read, they must know the code table applied to the file at the encoding stage in order to get the original document. Identifying the code table used for encoding the file is thus an essential part of decoding. In this paper, we propose a method for detecting the character code of the given binary document file automatically. The method uses many techniques to increase the detection rate, such as a character code range detection, escape character detection, character code characteristic detection, and commonly used word detection. The commonly used word detection method uses multiple word database, which means this method can achieve a much higher detection rate for multi-language files as compared with other methods. If the proportion of language is 20% less than in the document, the conventional method has about 50% encoding recognition. In the case of the proposed method, regardless of the proportion of language, there is up to 96% encoding recognition.

• Korean Journal of Environmental Agriculture
• /
• v.18 no.2
• /
• pp.154-163
• /
• 1999

A multiresidue method(MRM) for pesticides must be rapid and must test a wide variety of pesticides at relevant toxicological concentrations. In this study, three kinds of major analytical methods such as Korean Food Code Method, CDFA MRM, and Holstege's method are tested to compare the average recoveries, solvent consumption, and required time for the analysis of 18 organochlorines, 18 organophosphates, and 6 carbamates in spinach samples. Samples for pesticides analysis were extracted and cleaned up according to the respective methods and detected by gas chromatography with selective detectors, ECD and NPD, HPLC with postcolumn reaction system(PCRS). Average recovery of 42 pesticides by Korean Food Code method, CDFA method, and Holstege's method were 91.3%, 88.1%, 89.0%, respectively. Amount of solvent consumption and required time for the analysis of Korean Food Code method were from two and a half times to three times as much as those of another two methods. For the development and legal application of more rapid and effective MRMs, prolonged study is necessary.

• Journal of Internet Computing and Services
• /
• v.19 no.3
• /
• pp.15-23
• /
• 2018

A code reuse attack is an attack technique that can execute arbitrary code without injecting code directly into the stack by combining executable code fragments existing in program memory and executing them continuously. ROP(Return-Oriented Programming) attack is typical type of code reuse attack and serveral defense techniques have been proposed to deal with this. However, since existing methods use Rule-based method to detect attacks based on specific rules, there is a limitation that ROP attacks that do not correspond to previously defined rules can not be detected. In this paper, we introduce a method to detect ROP attack by learning command pattern used in ROP attack code using RNN(Recurrent Neural Network). We also show that the proposed method effectively detects ROP attacks by measuring False Positive Ratio, False Negative Ratio, and Accuracy for normal code and ROP attack code discrimination.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.10
• /
• pp.1759-1766
• /
• 2008

RFID middleware is the system software that converts EPC data collected from RFID reader devices into meaningful data, that users want, and transfers the result to the users with a variety of protocols. ALE specification, the RFID middleware specification proposed by EPCglobal that is a leading group of do facto international standards with respect to RFID, can handle only EPC code. Meanwhile, a new code system which is called KKR was proposed by NIDA in order to represent RFID tag data in a specific manner and cultivate the domestic RFID industry. In this case, the existing RFID middleware can not process KKR code system because of inherent attributes of the system. In this paper, we proposed a method of KKR code conversion to properly process KKR code in ALE middieware, implemented our method in real, and adopted it into existing ALE middleware. Also, we proposed a new URN format for RFID tag data to manipulate KKR code in ALE middleware. By using the proposed method, the existing ALE middleware conforming to international specification can handle KKR code effectively, and the integration among RFID middleware and legacy systems can be easily supported also.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.24 no.12A
• /
• pp.1960-1965
• /
• 1999

In this paper, we propose a new method of erased concatenated code with RS-convolutional code. In the method, we make use of erasure for undecoded information when we have some errors in RS decoding. For decoding with erasure, the method is processed inner decoding and outer decoding again. After the erasure decoding, if the decoding result is better than the previous one, then we use this result. If not, use the previous one. In this paper, we use concatenated RS(63,31)-convolutional(4.1/2) code. Simulation result is compared with calculation result for performance analysis. According to the result, the proposed method has better performance than the others without erasure such that 2dB when 0.5$\leq\rho\leq$1 and 4dB when $\rho\leq$0.3.

• Nuclear Engineering and Technology
• /
• v.49 no.5
• /
• pp.1100-1108
• /
• 2017

A thermal-hydraulic system code is an essential tool for the design and safety analysis of a nuclear power plant, and its accuracy quantification is very important for the code assessment and applications. The fast Fourier transform-based method (FFTBM) by signal mirroring (FFTBM-SM) has been used to quantify the accuracy of a system code by using a comparison of the experimental data and the calculated results. The method is an improved version of the FFTBM, and it is known that the FFTBM-SM judges the code accuracy in a more consistent and unbiased way. However, in some applications, unrealistic results have been obtained. In this study, it was found that accuracy quantification by FFTBM-SM is dependent on the frequency spectrum of the fast Fourier transform of experimental and error signals. The primary objective of this study is to reduce the frequency dependency of FFTBM-SM evaluation. For this, it was proposed to reduce the cut off frequency, which was introduced to cut off spurious contributions, in FFTBM-SM. A method to determine an appropriate cut off frequency was also proposed. The FFTBM-SM with the modified cut off frequency showed a significant improvement of the accuracy quantification.

• Proceedings of the Korean Society of Surveying, Geodesy, Photogrammetry, and Cartography Conference
• /
• 2004.11a
• /
• pp.29-32
• /
• 2004

Purpose of this study is to maximize inflection of code DGPS for LBS. Compare calibration method with pseudo range revision method for this and decides revision method. Also, examine variation that occur by inconsistency of satellite association of user and standard department for problem solution by satellite association. Model revision information through AR model who use RLSLF and minimises satellite association problem. I wish to do optimized code DGPS of digital map so that is possible through an experiment.

• Proceedings of the KSME Conference
• /
• 2001.06b
• /
• pp.651-657
• /
• 2001

This article explains the theory of multiple mode/physical coordinate synthesis method in order to analyze the dynamic characteristics for an huge marine engine. The theory leads to make a simulation code. The natural frequencies obtained from the simulation code is compared to those from a commercial analysis software, ANSYS. The simulation code is well reviewed.

• Journal of the Semiconductor & Display Technology
• /
• v.14 no.1
• /
• pp.51-53
• /
• 2015

H.264/AVC is international video coding standard, which shows improved code and efficiency than the existing video standards. H.264/AVC proposes data partitioning method that considerably to be an effective layering technique which separates important addressing data from the residual data. UEP(Unequal Error Protection) turbo code of H.264/AVC uses retransmission system to get the UEP effectively. However, Data partitioning system of H.264/AVC is inefficient method in turbo code of H.264/AVC. Based on this observation, we propose the new UEP turbo code algorithm that reconstructs input sequence of turbo code without retransmission system.