• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.6
• /
• pp.929-938
• /
• 2023

ARM processors, utilized in mobile devices, have integrated the hardware isolation framework, TrustZone technology, to implement two execution environments: the trusted domain "Secure World" and the untrusted domain "Normal World". Rootkit is a type of malicious software that gains administrative access and hide its presence to create backdoors. Detecting the presence of a rootkit in a Secure World is difficult since processes running within the Secure World have no memory access restrictions and are isolated. This paper proposes a technique that leverages the hardware based PMU(Performance Monitoring Unit) to measure events of the Secure World rootkit and to detect the rootkit using deep learning.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.863-871
• /
• 2018

Existing vulnerability analysis tools are prone to missed detections, incorrect detections, and over-detection, which reduces accuracy. In this paper, cross-checking based on a vulnerability detection method using static and dynamic analysis is proposed, which develops and manages safe applications and can resolve and analyze these problems. Risks due to vulnerabilities are computed, and an intelligent vulnerability detection technique is used to improve accuracy and evaluate risks under the final version of the application. This helps the development and execution of safe applications. Through incorporation of tools that use static analysis and dynamic analysis techniques, our proposed technique overcomes weak points at each stage, and improves the accuracy of vulnerability detection. Existing vulnerability risk-evaluation systems only evaluate self-risks, whereas our proposed vulnerability risk-evaluation system reflects the vulnerability of self-risk and the detection accuracy in a complex fashion to evaluate relative. Our proposed technique compares and analyzes existing analysis tools, such as lists for detections and detection accuracy based on the top 10 items of SANS at CWE. Quantitative evaluation systems for existing vulnerability risks and the proposed application's vulnerability risks are compared and analyzed. We developed a prototype analysis tool using our technique to test the application's vulnerability detection ability, and to show that our proposed technique is superior to existing ones.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.5
• /
• pp.65-71
• /
• 2016

Bluetooth technology(BT) is a standard for short distance wireless communication and widely used to connect and control various electronic and telecommunication devices without wires, where CSR8670 chip is generally adopted. These BT devices are required to comply with BT specification and the equipments for conformance test are also important. However, the existing BT testing methods have inconvenience in that they are mostly time-consuming procedure due to not only repetitive execution for each evaluation element but also error-prone nature of manual experiments. This paper proposes an automated BT communication test method using CSR8670 chip, which solves the problems related to manual testing methods. The proposed method can reduce the development period of BT products and guarantee the quality improvement owing to the exact system error detection capability.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.215-219
• /
• 2014

C programming language has undefined behaviors, which cause unintended execution of a program. When a programmer adds sanity checks without caring about undefined behaviors, compilers may misunderstand and invalidate the sanity checks. Thus, we propose an automated system to detect invalidated sanity checks by marking sanity checks in source code and checking the marks in binary code.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.8 no.6
• /
• pp.347-357
• /
• 2013

Cyber-Physical system(CPS) is characterized by collaborating computational elements controlling physical entities. In CPS, human desire to acquire useful information and control devices anytime and anywhere automatically has increased the necessity of a high reliable system. However, the physical world where CPS is deployed has management complexity and maintenance cost of 'CPS', so that it is impossible to make reliable systems. Thus, this paper presents an 'Autonomic Control System towards High-reliable Cyber-Physical Systems' that comprise 8-steps including 'fault analysis', 'fault event analysis', 'fault modeling', 'fault state interpretation', 'fault strategy decision', 'fault detection', 'diagnosis&reasoning' and 'maneuver execution'. Through these activities, we fascinate to design and implement 'Autonomic control system' than before. As a proof of the approach, we used a ISR(Intelligent Service Robot) for case study. The experimental results show that it achieves to detect a fault event for autonomic control of 'CPS'.

• Journal of Korea Multimedia Society
• /
• v.18 no.7
• /
• pp.843-852
• /
• 2015

Binarization of document images is a critical pre-processing step required for character recognition. Even though various research efforts have been devoted, the quality of binarization results largely depends on the noise amount and condition of images. We propose a new binarization method that combines Maximally Stable External Region(MSER) with down-sampling. Particularly, we propose to apply different threshold values for character regions, which turns out to be effective in reducing noise. Through a set of experiments on test images, we confirmed that the proposed method was superior to existing methods in reducing noise, while the increase of execution time is limited.

• Journal of Institute of Control, Robotics and Systems
• /
• v.19 no.12
• /
• pp.1072-1080
• /
• 2013

In a the present day, many vision inspection techniques are used in productive industrial areas. In particular, in the semiconductor industry the vision inspection system for wafers is a very important system. Also, inspection techniques for semiconductor wafer production are required to ensure high precision and fast inspection. In order to achieve these objectives, parallel processing of the inspection algorithm is essentially needed. In this paper, we propose the GPU (Graphical Processing Unit)-based parallel processing algorithm for the fast inspection of semiconductor wafers. The proposed algorithm is implemented on GPU boards made by NVIDIA Company. The defect detection performance of the proposed algorithm implemented on the GPU is the same as if by a single CPU, but the execution time of the proposed method is about 210 times faster than the one with a single CPU.

• Journal of Information Technology Applications and Management
• /
• v.10 no.4
• /
• pp.135-147
• /
• 2003

With the development of multimedia and optical technologies, application systems with facial features hare been increased the interests of researchers, recently. The previous research efforts in face processing mainly use the frontal images in order to recognize human face visually and to extract the facial expression. However, applications, such as image database systems which support queries based on the facial direction and image arrangement systems which place facial images automatically on digital albums, deal with the directional characteristics of a face. In this paper, we propose a method to detect facial directions by using facial features. In the proposed method, the facial trapezoid is defined by detecting points for eyes and a lower lip. Then, the facial direction formula, which calculates the right and left facial direction, is defined by the statistical data about the ratio of the right and left area in facial trapezoids. The proposed method can give an accurate estimate of horizontal rotation of a face within an error tolerance of $\pm1.31$ degree and takes an average execution time of 3.16 sec.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.281-283
• /
• 2003

네트워크 환경이 발전함에 따라 엑티브엑스 컨트롤과 같은 이동 실행 코드들의 사용이 증가하고 있으며 동시에 사용자가 본래 의도했던 행위 대신에 로컬 자원에의 불법적인 접근 및 시스템 파괴와 같은 악성 행위로 인한 피해가 증가하고 있다. 이러한 악성실행코드들은 바이러스와 더불어 웹의 발전으로 광범위하게 확산될 것으로 예상되며 피해 규모도 바이러스에 버금갈 것으로 예상된다. 이에 본 논문에서는 기존에 알려진 악성실행코드뿐만 아니라 알려지지 않은 악성실행코드들에 의해 사용자 컴퓨터에서 발생할 수 있는 각종 악성행위를 탐지하고 그 행위를 차단하며 탐지된 정보를 신속히 공유함으로써 악성실행코드에 대한 대응력을 강화시킬 수 있는 실행시간 악성실행코드 탐지 시스템을 설계한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.772-775
• /
• 2004

After Morris' Internet Worm in 1988, the stack buffer overflow hacking became generally known to hackers and it has been used to attack systems and servers very frequently. Recently, many researches tried to prevent it, and several solutions were developed such as Libsafe and StackGuard; however, these solutions have a few problems. In this paper we present a new stack buffer overflow attack prevention technique that uses the system call monitoring mechanism and memory address where the system call is made.