• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2576-2590
• /
• 2020

The fundamental reason why most SQL injection detection methods are difficult to use in practice is the low reusability of the implementation code. This paper presents a reusable SQL injection detection method for Java Web applications based on AOP (Aspect-Oriented Programming) and dynamic taint analysis, which encapsulates the dynamic taint analysis processes into different aspects and establishes aspect library to realize the large-grained reuse of the code for detecting SQL injection attacks. A metamodel of aspect library is proposed, and a management tool for the aspect library is implemented. Experiments show that this method can effectively detect 7 known types of SQL injection attack such as tautologies, logically incorrect queries, union query, piggy-backed queries, stored procedures, inference query, alternate encodings and so on, and support the large-grained reuse of the code for detecting SQL injection attacks.

• Journal of KIISE:Software and Applications
• /
• v.33 no.12
• /
• pp.1090-1102
• /
• 2006

This paper suggests a new algorithm for detecting the plagiarism among a set of source codes, constrained to be functionally equivalent, such are submitted for a programming assignment or for a programming contest problem. The typical algorithms largely exploited up to now are based on Greedy-String Tiling, which seeks for a perfect match of substrings, and analysis of similarity between strings based on the local alignment of the two strings. This paper introduces a new method for detecting the similar interval of the given programs based on an adaptive similarity matrix, each entry of which is the logarithm of the probabilities of the keywords based on the frequencies of them in the given set of programs. We experimented this method using a set of programs submitted for more than 10 real programming contests. According to the experimental results, we can find several advantages of this method compared to the previous one which uses fixed similarity matrix(+1 for match, -1 for mismatch, -2 for gap) and also can find that the adaptive similarity matrix can be used for detecting various plagiarism cases.

• The Journal of Korean Association of Computer Education
• /
• v.12 no.6
• /
• pp.1-9
• /
• 2009

Programming learning may help to enhance learners' complex problem solving abilities. However, it may cause excessive cognitive loads for learners. Therefore, selection of programming tools and design of teaching and learning strategies to minimize the learners' cognitive loads and to maximize the learning effects. A task centered Scratch programming learning program was developed to enhance problem solving abilities of middle school students. And then, we implemented the developed program in middle school programming classes and analysed the educational effects of the developed program. We found that the developed program was helpful in enhancing learners' problem solving abilities, especially in the element of 'troubleshooting', which explains ability of error detecting and correcting.

• International Journal of Aeronautical and Space Sciences
• /
• v.13 no.1
• /
• pp.99-105
• /
• 2012

Track-before-detect techniques based on dynamic programming have provided solutions for detecting targets from a sequence of images. In its application to airborne threat detection, dynamic programming solutions should take into account the distinguishable properties of objects in a collision course. This paper describes the development of a new track scoring function that accumulates scores for airborne targets in Bayesian framework. Numerical results show that the proposed scoring function has slightly better detection capabilities.

• Journal of Institute of Control, Robotics and Systems
• /
• v.11 no.5
• /
• pp.418-422
• /
• 2005

In this paper, a novel algorithm capable of detecting generic obstacles on a flat surface is proposed. The algorithm fundamentally exploits a distortion phenomena taken place in remapping process of original stereo images to a virtual top-view. Based on the distortion phenomena, we construct stereo polar histograms of edge maps, detect peaks on them, and search for matched peaks on both histograms using a Dynamic Programming (DP). Eventually, the searched corresponding peaks lead to estimate obstacles' positions. The advantages of the proposed algorithm are that it is not largely affected by an intensity difference between a pair of stereo images and does not depend on the typical stereo matching methodologies. Furthermore, the algorithm identifies the obstacles' positions quite robustly.

• Journal of Institute of Control, Robotics and Systems
• /
• v.17 no.3
• /
• pp.199-205
• /
• 2011

This paper presents an algorithm capable of detecting free space for the autonomous vehicle navigation. The algorithm consists of two main steps: 1) estimation of longitudinal profile of road, 2) detection of free space. The estimation of longitudinal profile of road is detection of v-line in v-disparity image which is corresponded to road slope, using v-disparity image and hough transform, Dijkstra algorithm. To detect free space, we detect u-line in u-disparity image which is a boundary line between free space and obstacle's region, using u-disparity image and dynamic programming. Free space is decided by detected v-line and u-line. The proposed algorithm is proven to be successful through experiments under various traffic scenarios.

• The Transactions of the Korea Information Processing Society
• /
• v.1 no.4
• /
• pp.438-451
• /
• 1994

A low complexity, fault detecting computer architecture for utilisation in programmable logic controllers is designed. The cyclic operating mode of PLCs and a specification level, graphical programming paradigm based on the interconnection of application oriented standard software function modules are architecturally supported. Thus, by design, there is no semantic gap between the programming and machine execution levels enabling the safety licensing of application software by an extremely simple, but rigorous method, viz, diverse back translation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.973-983
• /
• 2019

The importance of information security has been increasingly emphasized at the national, organizational, and individual levels due to the widespread adoption of software applications. High-safety software, which includes embedded software, should run without errors, similar to software used in the airline and nuclear energy sectors. Software development techniques in the above sectors are now being used to improve software security in other fields. Secure coding, in particular, is a concept encompassing defensive programming and is capable of improving software security. In this paper, we propose a software security vulnerability detection method using an improved coding standard searching technique. Public static analysis tools were used to assess software security and to classify the commands that induce vulnerability. Software security can be enhanced by detecting Application Programming Interfaces (APIs) and patterns that can induce vulnerability.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.2
• /
• pp.119-128
• /
• 2009

As use of web applications and web-based information systems increases, so web application attacks are increasing. Recently, XSRF(Gross Site Request Forgery) attacks among a variety of web attacks become important because victim's damage caused by such attacks can be severe. But adding security functions for preventing XSRF attacks to existing developed and running software systems could affect move dangerous and expensive to companies and organizations. We suggest effectively adding these security functions to legacy systems, could separate concerns using advantage of the modularity offered by AOP(Aspect-Oriented Programming) methodology. In this paper, we have presented approach for detecting and preventing XSRF in JEE systems using aspect of AOP.

• Journal of the Korea Society for Simulation
• /
• v.16 no.1
• /
• pp.21-29
• /
• 2007

In this paper, we present a method of detecting the boundary of the intima-media complex for automated measurement based on dynamic programming from carotid artery B-mode ultrasound images and then show the experimental results. We apply the dynamic programming for determining the optimal locations that a cost function is minimized. The cost function includes cost terms which are representing image features such as intensity, intensity gradient and geometrical continuity of the vessel interfaces. Moreover, we improve the boundary continuity by applying the B-spline to smooth the rough boundary due to noise such as speckle, dropout and weak edges. The proposed method has obtained more accurate reproducible results than conventional edge-detection by considering multiple image features and ensures efficient automated measurement by solving the problems of the inter- and intra-observer variability and its inefficiency due to manual measurement.