• Journal of Information Technology Services
• /
• v.5 no.3
• /
• pp.165-172
• /
• 2006

In this paper, we designed a new type of X-internet framework by using Flash component and server service API and analyzed its performance. Proposed X-internet framework uses Flash MX Professional 2004, Java, and software which opened middleware and database. Since proposed framework use the server service API that we developed in this paper and Flash player, this framework does not need server module. Proposed framework enables to obtain design with dynamic user interface compare to Web application and enables to reduce development time. In analytical results, it has been shown that proposed x-internet framework have efficient characteristics such as network traffic, low development cost and dynamic user interface implementation. Since proposed X-internet framework can operate in environment of current developer friendly, it is useful for development of various new application programs and we confirm it through Flash web mail implementation by using proposed x-internet framework.

• Korean Journal of Metals and Materials
• /
• v.48 no.1
• /
• pp.8-18
• /
• 2010

This study aimed at investigating quasi-static and dynamic torsional deformation behavior of three API X70 and X80 linepipe steels. Quasi-static and dynamic torsional tests were conducted on these steels. having different grain sizes and volume fractions of acicular ferrite and polygonal ferrite, using a torsional Kolsky bar. The test data were then compared via microstructures and adiabatic shear band formation,. The dynamic torsional test results indicated that the steels rolled in the single phase region had higher maximum shear stress than the steel rolled in the two phase region, because the microstructures of the steel rolled in the single phase region were composed mainly of acicular ferrites. In the X80 steel rolled in the single phase region, the increased dynamic torsional properties could be explained by a decrease in the overall effective grain size due to the presence of acicular ferrite having smaller effective grain size. The possibility of adiabatic shear band formation was analyzed from the energy required for void initiation and variation in effective grain size.

• Smart Media Journal
• /
• v.4 no.2
• /
• pp.34-45
• /
• 2015

The illegal copy of Windows software is one of the problems, because Windows is the most popular operating system in the country. The illegal copy can be infringe a software copyright, and software birthmark is one of solutions which is protecting software copyright. Software birthmark is a technique to distinguish software piracy using feature information from software. The type of software birthmark can be differentiated between static birthmark and dynamic birthmark through an extraction method. Static birthmark and dynamic birthmark have strengths and weaknesses. In this paper, we propose similarity measurement technique using dynamic birthmark based on API, and we explain extraction process of dynamic birthmark. In addition, we have verified that the proposed similarity measurement technique meet resilience and credibility through experiment. Furthermore, we saw that proposed measurement technique better than existing measurement technique.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.105-115
• /
• 2019

Recently, intelligent Android malicious codes have become difficult to detect malicious behavior by static analysis alone. Malicious code with SO file, dynamic loading, and string obfuscation are difficult to extract information about original code even with various tools for static analysis. There are many dynamic analysis methods to solve this problem, but dynamic analysis requires rooting or emulator environment. However, in the case of dynamic analysis, malicious code performs the rooting and the emulator detection to bypass the analysis environment. To solve this problem, this paper investigates a variety of root detection schemes and builds an environment for bypassing the rooting detection in real devices. In addition, SDK code hooking module for Android malicious code analysis is designed using Xposed, and intent tracking for code flow, dynamic loading file information, and various API information extraction are implemented. This work will contribute to the analysis of obfuscated information and behavior of Android Malware.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.264-267
• /
• 2018

본 연구에서는 API 호출을 은닉할 수 있는 새로운 유형의 유저모드 기반 루트킷으로 Cuckoo Sandbox를 회피하는 기법과 이를 탐지하기 위한 연구를 한다. Cuckoo Sandbox의 행위 분석을 회피하기 위해 잠재적으로 출현 가능한 은닉된 코드 이미지 기반의 신종 루트킷 원리를 연구하고 탐지하기 위한 방안을 함께 연구한다. 네이티브 API 호출 코드 영역을 프로세스 공간에 직접 적재하여 네이티브 API를 호출하는 기법은 Cuckoo Sandbox에서 여전히 잠재적으로 행위 분석 회피가 가능하다. 본 연구에서는 은닉된 외부주소 호출 코드 영역의 탐지를 위해 프로세스의 가상메모리 공간에서 실행 가능한 페이지 영역을 탐색 후 코사인 유사도 분석으로 이미지 탐지 실험을 하였으며, 코드 영역이 맵핑된 정렬 단위의 4가지 실험 조건에서 평균 83.5% 유사도 탐지 결과를 확인하였다.

• Journal of the Korean Geotechnical Society
• /
• v.18 no.1
• /
• pp.127-132
• /
• 2002

Shaking table tests are performed on model group piles to investigate the mechanics of dynamic pile-soil interaction, and to evaluate the dynamic group pile effect. Tests are executed on a single pile as well as group piles($3\times3$) by varying a pile spacing from 3D to 8D. A lumped mass is located on top of piles to simulate a superstructure. Dynamic p-y curves of the single pile and the group piles are obtained from the tests and compared with the backbone slopes of API cyclic p-y curves. From the comparisons, dynamic pile group effects are evaluated in terms of a pile spacing, a shaking frequency, and a shaking intensity.

• Journal of Digital Contents Society
• /
• v.6 no.3
• /
• pp.143-147
• /
• 2005

In this paper, we developed X-internet framework based on Flash and API for this framework. Proposed X-internet framework based on Flash enables to obtain design with dynamic user interface compare to web application and enables to reduce development time. Since this framework use the API that we developed in this study art flash player, this framework does not need server module. In analytical results, it has been shown that proposed x-internet framework have efficient characteristics such as network traffic, low development cost and dynamic user interface implementation. Since this X-internet framework can operate in environment of current developer friendly, it is useful for development of various new application programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.91-101
• /
• 2017

API call sequence analysis is a kind of analysis using API call information extracted in target program. Compared to other techniques, this is advantageous as it can characterize the behavior of the target. However, existing API call sequence analysis has an issue of identifying same characteristics to different function during the analysis. To resolve the identification issue and improve performance of analysis, this study includes the method of API abstraction technique in addition to existing analysis. From there on, similarity between target programs is computed and clustered into similar types by applying LSH to abstracted API call sequence from analyzed target. Thus, this study can attribute in improving the accuracy of the malware analysis based on discovered information on the types of malware identified.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.363-370
• /
• 2018

Ransomware detection has become a hot topic in computer security for protecting digital contents. Unfortunately, current signature-based and static detection models are often easily evadable by compress, and encryption. For overcoming the lack of these detection approach, we have proposed the dynamic ransomware detection system using data mining techniques such as RF, SVM, SL and NB algorithms. We monitor the actual behaviors of software to generate API calls flow graphs. Thereafter, data normalization and feature selection were applied to select informative features. We improved this analysis process. Finally, the data mining algorithms were used for building the detection model for judging whether the software is benign software or ransomware. We conduct our experiment using more suitable real ransomware samples. and it's results show that our proposed system can be more effective to improve the performance for ransomware detection.

• Proceedings of the KIEE Conference
• /
• 2008.10b
• /
• pp.219-220
• /
• 2008

본 논문에서는 Windows Embedded CE의 스트림 인터페이스 드라이버(Stream Interlace Driver)를 개발하는 새로운 방법을 제안하고자 한다. Windows Embedded CE 디바이스가 부팅되면서 스트림 인터페이스 드라이버는 디바이스 매니저에 의해 메모리로 로프(Load)되고 디바이스가 꺼질 때 메모리로부터 언로드(Unload)된다. 디바인스 드라이버를 변경하여 다시 적용한 후 결과를 확인하고자 할 때 OS 바이너리 이미지를 새로 생성한 후 이미지를 다시 다운로드 하거나 드라이버를 플랫폼 빌더에서 등록한 후 해당 디바이스를 재 부팅하고 Kernel Interlace Layer(KITL)를 사용하여 그 결과를 확인할 수 있다. OS 바이너리를 새로 만드는 경우 이미지 생성과 다운로드 시간이 많이 소요되고, KITL를 사용하는 경우 매번 부팅 하는 과정을 반복해야 하기 때문에 시간이 더 소요된다. 본 논문에서는 데스크탑에서 Remote API를 이용하고 Stream Device Driver를 디바이스에 전달한 후 그것을 Remote API를 사용하여 로드하고 언로드하는 구조를 제안한다.