• Journal of the Korean Institute of Telematics and Electronics
• /
• v.16 no.3
• /
• pp.36-48
• /
• 1979

HP 2100 S computer의 disc operating system 을 사용한 본cross-assembler는 alpha-minicomputer 의 assembly language program을 source 입력으로 하여 이 alpha-computer 에 의한 실행 (execution)을 목적으로 16진수 code의 등가 object program 을 출력토록 설계되어 있다.

• Journal of Internet Computing and Services
• /
• v.17 no.4
• /
• pp.51-60
• /
• 2016

Embedded software has requirements such as real-time and environment independency. The real-time requirement is affected from worst-case execution time of loaded tasks. Therefore, to guarantee real-time requirement, we need to determine a program's worst-case execution time using static analysis approach. However, the existing methods for worst-case execution time analysis do not consider the environment independency. Thus, in this paper, in order to provide environment independency, we propose a method for measuring task's execution time from the source codes. The proposed method measures the execution time through the control flow graph created from the source codes instead of the executable codes. However, the control flow graph created from the source code does not have information about execution time. Therefore, in order to provide this information, the proposed method identifies the relationships between statements in the source code and instructions in the executable code. By parameterizing those parts that are dependent on processors based on the relationships, it is possible to enhance the flexibility of the tool that measures the worst-case execution time.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1159-1168
• /
• 2012

Control Flow Integrity(CFI) and Control Flow Locking(CFL) prevent unintended execution of software and provide integrity in control flow. Attackers, however, can still hijack program controls since CFI and CFL does not support fine-granularity, context-sensitive protection. In this paper, we propose a new CFI scheme, Source-code CFI(SCFI), to overcome the problems. SCFI provides context-sensitive locking for control flow. Thus, the proposed approach protects software against the attacks on the previous CFI and CFL schemes and improves safety.

• Tunnel and Underground Space
• /
• v.30 no.6
• /
• pp.509-518
• /
• 2020

This study constructed a new simulation platform, including mesh generation process, numerical simulation, and post-processing for results analysis based on exploration data to perform real-scale numerical analysis considering the actual geological structure efficiently. To build the simulation platform, we applied for open-source programs. The source code is open to be available for code modification according to the researcher's needs and compatibility with various numerical simulation programs. First, a three-dimensional model(3D) is acquired based on the exploration data obtained using a drone. Then, the domain's mesh density was adjusted to an interpretable level using Blender, the free and open-source 3D creation suite. The next step is to create a 3D numerical model by creating a tetrahedral volume mesh inside the domain using Gmsh, a finite element mesh generation program. To use the mesh information obtained through Gmsh in a numerical simulation program, a converting process to conform to the program's mesh creation protocol is required. We applied a Python code for the procedure. After we completed the stability analysis, we have created various visualization of the study using ParaView, another open-source visualization and data analysis program. We successfully performed a preliminary stability analysis on the full-scale Dokdo model based on drone-acquired data to confirm the usefulness of the proposed platform. The proposed simulation platform in this study can be of various analysis processes in future research.

• The Transactions of the Korea Information Processing Society
• /
• v.2 no.4
• /
• pp.509-523
• /
• 1995

With the diversified and enlarged softwares, the issue of software maintenance became more complex and difficult consequently, the cost of software maintenance took up the highest portion in the software life cycle. At the same time, in order to develop or use software for general computers the development environment will be changed to incorporate user-friendly 4GL (Fourth generation Language). Therefore, it is required to take a closer look at the languages such as COBOL, C, FORTRAN, PASCAL which have source code comprised of 4GL and investigate the method of analysis and reuse for program understanding since a lot of research has been done with these languages in program maintenance. The purpose of this paper is to propose reverse engineering tool in 4GL and find an effective way of understanding and maintaining the program by transforming source code comprised of 4GL to meta language and designing and implementing Document Generator, Report Generator, Module Generator, Code Translator for program understanding.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.10
• /
• pp.129-139
• /
• 2013

Java bytecodes are executed not on target machine but on the Java virtual machines. Since this bytecodes use a higher level representation than binary code, it is possible to decompile most bytecodes back to Java source. Obfuscation is the technique of obscuring code and it makes program difficult to understand. However, most of the obfuscation techniques make the code size and the performance of obfuscated program bigger and slower than original program. In this paper, we proposed an effective Java obfuscation techniques using assignment statements merging that make the source program difficult to understand. The basic approach is to merge assignments statements to append side effects of statement. An additional benefit is that the size of the bytecode is reduced.

• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.45-52
• /
• 2020

Traditional methods of detecting security vulnerabilities in source-code require a lot of time and effort. If there is good data, the issue could be solved by using the data with machine learning. Thus, this paper proposes a source-code vulnerability detection method based on machine learning. Our method employs the code2vec model that has been used to propose the names of methods, and uses as a data set, Juliet Test Suite that is a collection of common security vulnerabilities. The evaluation shows that our method has high precision of 97.3% and recall rates of 98.6%. And the result of detecting vulnerabilities in open source project shows hopeful potential. In addition, it is expected that further progress can be made through studies covering with vulnerabilities and languages not addressed here.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.37-41
• /
• 2019

Recently, due to the appearance of various types of malware, the existing static analysis exposes many limitations. Static analysis means analyzing the structure of a code or program with source code or object code without actually executing the (malicious) code. On the other hand, dynamic analysis in the field of information security generally refers to a form that directly executes and analyzes (malware) code, and compares and examines and analyzes the state before and after execution of (malware) code to grasp the execution flow of the program. However, dynamic analysis required analyzing huge amounts of data and logs, and it was difficult to actually store all execution flows. In this paper, we propose and implement a preprocessor architecture of a system that performs malware detection and real-time multi-dynamic analysis based on 2nd generation PT in Windows environment (Windows 10 R5 and above).

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.915-934
• /
• 2020

Software refactoring is a process to restructure an existing software code while keeping its external behavior the same. Currently, various refactoring techniques are being used to develop more readable and less complex codes by improving the non-functional attributes of software. Refactoring can further improve code maintainability by applying various techniques to the source code, which in turn preserves the behavior of code. Refactoring facilitates bug removal and extends the capabilities of the program. In this paper, an exhaustive review is conducted regarding bad smells present in source code, applications of specific refactoring methods to remove that bad smell and its effect on software quality. A total of 68 studies belonging to 32 journals, 31 conferences, and 5 other sources that were published between the years 2001 and 2019 were shortlisted. The studies were analyzed based on of bad smells identified, refactoring techniques used, and their effects on software metrics. We found that "long method", "feature envy", and "data class" bad smells were identified or corrected in the majority of studies. "Feature envy" smell was detected in 36.66% of the total shortlisted studies. Extract class refactoring approach was used in 38.77% of the total studies, followed by the move method and extract method techniques that were used in 34.69% and 30.61% of the total studies, respectively. The effects of refactoring on complexity and coupling metrics of software were also analyzed in the majority of studies, i.e., 29 studies each. Interestingly, the majority of selected studies (41%) used large open source datasets written in Java language instead of proprietary software. At the end, this study provides future guidelines for conducting research in the field of code refactoring.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.6
• /
• pp.189-196
• /
• 2014

Though the plagiarism is illegal and should be avoided, it still occurs frequently. Particularly, the plagiarism of source codes is more frequently committed than others since it is much easier to copy them because of their digital nature. To prevent code plagiarism, there have been reported a variety of studies. However, previous studies for plagiarism detection techniques on source codes do not consider the data structures although a source code consists both of data structures and algorithms. In this paper, a plagiarism detection technique for source codes considering data structures is proposed. Specifically, the data structures of two source codes are represented as sets of trees and compared with each other using Hungarian Method. To show the usefulness of this technique, an experiment has been performed on 126 source codes submitted as homework results in an object-oriented programming course. When both the data structures and the algorithms of the source codes are considered, the precision and the F-measure score are improved 22.6% and 19.3%, respectively, than those of the case where only the algorithms are considered.