• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.147-155
• /
• 2010

It has been widely addressed that static analysis techniques can play important role in identifying potential security vulnerability reside in source code. This paper proposes the design and application of security metrics that use both vulnerability information extracted from the static analysis, and significant factors of information that software handles. The security metrics are useful for both developers and evaluators in that the metrics help them identity source code vulnerability in early stage of development. By effectively utilizing the security metrics, evaluators can check the level of source code security, and confirm the final code depending on the characteristics of the source code and the security level of information required.

• Journal of Advanced Navigation Technology
• /
• v.14 no.5
• /
• pp.618-624
• /
• 2010

This paper address the problem of tracking multiple objects encountered in many situations in developing condensation algorithms. The difficulty lies on the fact that the implementation of condensation algorithm is not easy for the general users. We propose an automatic code generation program for condensation algorithm using MATLAB tool. It will help for general user who is not familiar with condensation algorithm to apply easily for real system. The merit of this program is that a that a general industrial engineer can easily simulate the designed system and confirm the its performance on the fly.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.171-179
• /
• 2022

Self-Modifying-Code is a code that changes the code by itself during execution time. This technique is particularly abused by malicious code to bypass static analysis. Therefor, in order to effectively detect such malicious codes, it is important to identify self-modifying-codes. In the meantime, Self-modify-codes have been analyzed using dynamic analysis methods, but this is time-consuming and costly. If static analysis can detect self-modifying-code it will be of great help to malicious code analysis. In this paper, we propose a static analysis method to detect self-modified code for binary executable programs converted to LLVM IR and apply this method by making a self-modifying-code benchmark. As a result of the experiment in this paper, the designed static analysis method was effective for the standardized LLVM IR program that was compiled and converted to the benchmark program. However, there was a limitation in that it was difficult to detect the self-modifying-code for the unstructured LLVM IR program in which the binary was lifted and transformed. To overcome this, we need an effective way to lift the binary code.

• The Journal of the Korea Contents Association
• /
• v.8 no.1
• /
• pp.228-235
• /
• 2008

This paper proposes automatic generation method of proxy client code to automation of web service selection process through a monitoring agent. The technique of this paper help service consumer to provide source code of proxy client as it bring an attribute value of specific element of WSDL document using template rule. Namely, a XSLT script file provide code frame of dynamic invocation interface model. The automatic code generation technique need to solving starvation status of selection architecture. It is required to creating request HTTP message for every service on the result of search. The created proxy client program code generate dummy message about services. The proposed client code generation method show us a possibility of application in the automatic generation programming domain.

• Proceedings of the Korea Contents Association Conference
• /
• 2007.11a
• /
• pp.121-125
• /
• 2007

This paper proposes automatic generation method of proxy client code to automation of web service selection process through a monitoring agent. The technique of this paper help service consumer to provide source code of proxy client as it bring an attribute value of specific element of WSDL document using template rule. Namely, a XSLT script file provide code frame of dynamic invocation interface model. The automatic code generation technique need to solving starvation status of selection architecture. It is required to creating request HTTP message for every service on the result of search. The created proxy client program code generate dummy message about services. The proposed client code generation method show us a possibility of application in the automatic generation programming domain.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.753-756
• /
• 2012

The type of phishing changes rapidly and also threat model changes very fastly Accordingly, frauds develop new methods of attacks to avoid the counterparts. Recently, the type of phishing in internet banking is developing specifically. In this paper, to help encounter for it, we first review the meaning of phishing and the types of attacks in phishing in the second chapter,and in the third chapter, we will analyze phishing which is using malicious code in internet banking,and in the fourth chapter, we will describe the conclusion of this paper.

• Journal of Nuclear Fuel Cycle and Waste Technology(JNFCWT)
• /
• v.14 no.2
• /
• pp.189-200
• /
• 2016

The Republic of Tajikistan has ten former uranium mining sites. The total volume of all tailings is approximately 55 million tonnes, and the covered area is more than 200 hectares. The safe management of legacy uranium mining and tailing sites has become an issue of concern. Depending on the performance requirements and site-specific conditions (location in an arid, semiarid or humid region), a cover system for uranium tailings sites could be constructed using several material layers using both natural and man-made materials. The purpose of this study is to find a feasible cost-effective cover system design for the Degmay uranium tailings site which could provide a long period (100 years) of protection. The HELP computer code was used in the evaluation of potential Degmay cover system designs. As a result of this study, a cover system with 70 cm thick percolation layer, 30 cm thick drainage layer, geomembrane liner and 60 cm thick barrier soil layer is recommended because it minimizes cover thickness and would be the most cost-effective design.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.4
• /
• pp.23-28
• /
• 2013

In this paper, we propose a simple bidirectional transmission protocol using network coding and digital Fountain codes. In particular, in the proposed scheme, two sources use digital Fountain codes to transmit their message to each other with the help of relays. Then, relays use Fountain codes and network coding to forward the source messages to both sources. To evaluate performance of the proposed protocols, we present the average total throughput over Rayleigh fading channels via Various Monte-Carlo simulations. Results show that the proposed protocol outperforms the two-way relaying transmission protocol without using network coding technique at high SNR region.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.3
• /
• pp.437-444
• /
• 2014

In this paper, we introduce a Graph based Binary Code Execution Path Exploration Platform. In the graph, a node is defined as a conditional branch instruction, and an edge is defined as the other instructions. We implemented prototype of the proposed method and works well on real binary code. Experimental results show proposed method correctly explores execution path of target binary code. We expect our method can help Software Assurance, Secure Programming, and Malware Analysis more correct and efficient.

• KIPS Transactions on Computer and Communication Systems
• /
• v.9 no.11
• /
• pp.273-280
• /
• 2020

Automatic Static Analysis Tools help developers to quickly find potential defects in source code with less effort. However, the tools reports a large number of false positive warnings which do not have to fix. In our study, we proposed an artificial neural network-based warning classification method using topic models of source code blocks. We collect revisions for fixing bugs from software change management (SCM) system and extract code blocks modified by developers. In deep learning stage, topic distribution values of the code blocks and the binary data that present the warning removal in the blocks are used as input and target data in an simple artificial neural network, respectively. In our experimental results, our warning classification model based on neural network shows very high performance to predict label of warnings such as true or false positive.