• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.16 no.3
• /
• pp.161-166
• /
• 2023

In recent years, new and variant hacking of binary codes has increased, and the limitations of techniques for detecting malicious codes in source programs and defending against attacks are often exposed. Advanced software security vulnerability detection technology using machine learning and deep learning technology for binary code and defense and response capabilities against attacks are required. In this paper, we propose a malware clustering method that groups malware based on the characteristics of the taint information after entering dynamic taint information by tracing the execution path of binary code. Malware vulnerability detection was applied to a three-layered Few-shot learning model, and F1-scores were calculated for each layer's CPU and GPU. We obtained 97~98% performance in the learning process and 80~81% detection performance in the test process.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.4
• /
• pp.513-519
• /
• 2015

Static analysis is one of the software source code analysis tools. 9 static analysis methods of three groups are recommended by international electro-technical commission about software safety related standard in IEC 62279. In this paper we choose the proper static analysis method from IEC 62279 about the train wayside communication system, Shorten the time of railway signalling software development using LDRA tools. And it wil be useful to improve the effective development of the safety-related software.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.1
• /
• pp.49-62
• /
• 1998

Softwares which have many functions to satisfy user's requirements is developing. But generally, users use partial functions of software. If we could construct software which leave useful functions and remove unuseful functions in software with many functions, we could enhance execution efficiency by reduction of program size and quality of software. There are 6 items in international standard ISO/IEC 9126 about quality of software. These are functionality, reliability, usability, efficiency, maintenance and portability. In this study, we proposed metrics for measurement of efficiency and simplification method for source code. And we described products evaluation result and indicated problem and progress method for practical development project about proposed efficiency metrics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.985-996
• /
• 2019

This paper analyzes the source code of FIPS-OpenSSL cryptographic module approved as FIPS cryptographic module in USA and shows how the selftest requirements are implemented as software cryptographic library with respect to pre-operational test and conditional tests. Even though FIPS-OpenSSL follows FIPS 140-2 standard, lots of security requirements are similar between FIPS 140-2 and Korean cryptographic module validation standards. Therefore, analysis from this paper contributes to help Korean cryptographic module vendors develop correct and secure selftest functions on their own cryptographic modules, which results in reducing the test period.

• Nuclear Engineering and Technology
• /
• v.54 no.4
• /
• pp.1516-1525
• /
• 2022

Interfacing the output of severe accident analysis with the input of radiological consequence analysis is an important and mandatory procedure at the beginning of Level 3 PSA. Such interfacing between the severe accident analysis code MELCOR and MACCS, one of the most commonly used consequence analysis codes, is relatively tractable since they share the same chemical groups, and the related interfacing software, MelMACCS, has already been developed. However, the linking between MAAP, another frequently used code for severe accident analyses, and MACCS has difficulties because MAAP employs a different chemical grouping method than MACCS historically did. More specifically, MAAP groups by chemical compound, while MACCS groups by chemical element. An appropriate interfacing method between MAAP and MACCS has therefore long been requested by users. This study suggests a way of extracting relevant information from MAAP results and providing proper source term information to MACCS by an appropriate treatment. Various parameters are covered in terms of magnitude and manner of release in this study, and special treatment is made for a bypass scenario. It is expected that the suggested approach will provide an important contribution as a guide to interface MAAP and MACCS when performing radiological consequence analyses.

• Nuclear Engineering and Technology
• /
• v.52 no.12
• /
• pp.2852-2859
• /
• 2020

This paper deals with the simulation-based design optimization and experimental validation of the characteristics of an in-core silver Self-Powered Neutron Detector (SPND). Optimized dimensions of the SPND are determined by combining Monte Carlo simulations and analytical methods. As a first step, the Monte Carlo transport code MCNPX is used to follow the trajectory and fate of the neutrons emitted from an external source. This simulation is able to seamlessly integrate various phenomena, including neutron slowing-down and shielding effects. Then, the expected number of beta particles and their energy spectrum following a neutron capture reaction in the silver emitter are fetched from the TENDEL database using the JANIS software interface and integrated with the data from the first step to yield the origin and spectrum of the source electrons. Eventually, the MCNPX transport code is used for the Monte Carlo calculation of the ballistic current of beta particles in the various regions of the SPND. Then, the output current and the maximum insulator thickness to avoid breakdown are determined. The optimum design of the SPND is then manufactured and experimental tests are conducted. The calculated design parameters of this detector have been found in good agreement with the obtained experimental results.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.10
• /
• pp.129-139
• /
• 2013

Java bytecodes are executed not on target machine but on the Java virtual machines. Since this bytecodes use a higher level representation than binary code, it is possible to decompile most bytecodes back to Java source. Obfuscation is the technique of obscuring code and it makes program difficult to understand. However, most of the obfuscation techniques make the code size and the performance of obfuscated program bigger and slower than original program. In this paper, we proposed an effective Java obfuscation techniques using assignment statements merging that make the source program difficult to understand. The basic approach is to merge assignments statements to append side effects of statement. An additional benefit is that the size of the bytecode is reduced.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.11
• /
• pp.473-478
• /
• 2022

Evaluation learning based on code testing is becoming a popular solution in programming education via Online judge(OJ). In the recent past, many papers have been published on how to detect plagiarism through source code similarity analysis to support OJ. However, deep learning-based research to support automated tutoring is insufficient. In this paper, we propose Input & Output side FiLM models to predict whether the input code will pass or fail. By applying Feature-wise Linear Modulation(FiLM) technique to GRU, our model can learn combined information of Java byte codes and problem information that it tries to solve. On experimental design, a balanced sampling technique was applied to evenly distribute the data due to the occurrence of asymmetry in data collected by OJ. Among the proposed models, the Input Side FiLM model showed the highest performance of 73.63%. Based on result, it has been shown that students can check whether their codes will pass or fail before receiving the OJ evaluation which could provide basic feedback for improvements.

• Journal of KIISE:Software and Applications
• /
• v.32 no.4
• /
• pp.290-299
• /
• 2005

Stealing the source code of a program is a serious problem not only in a moral sense but also in a legal sense. However, it is not clear whether the code of a program is copied from another or not. There was a program similarity checker detecting code-copy by comparing the syntax trees of programs. However this method has a limitation that it cannot detect the code-copy attacks when the attacker modifies the syntax of the program on purpose. We propose a program similarity check by program control graph, which reveals not only syntax information but also control dependancy. Our method can detect the code-copy attacks that do not change control dependancy Moreover, we define what code-copy means and establish the connection between code-copy and similarity of program control graph: we prove that two programs are related by copy congruence if and only if the program control graphs of these programs are equivalent. We implemented our method on a functional programming language, nML. The experimental results show us that the suggested method can detect code similarity that is not detected by the existing method.

• The KIPS Transactions:PartD
• /
• v.15D no.6
• /
• pp.825-840
• /
• 2008

Refactoring is a kind of software modification process that improves system qualities internally but maintains system functions externally. What should be improved on the existing source codes should take precedence over the others in such a modification process using this refactoring. Martin Fowler and Kent Beck proposed a method that identifies code smells for this purpose. Also, some studies on determining what refactoring will be applied to which targets through detecting code smells in codes were presented. However, these studies have a lot of disadvantages that show a lack of precise description for such code smells and detect limited code smells only. In addition, these studies showed other disadvantages that generate ambiguity in behavior preservation due to the fact that a description method of pre-conditions for the behavior preservation is included in a refactoring process or unformalized. Thus, our study represents a precise specification of code smells using OCL and proposes a framework that performs a refactoring process through the automatic detection of code smells using an OCL interpreter. Furthermore, we perform the automatic detection in which the code smells are be specified by using OCL to the java program and verify its applicability and effectivity through applying a refactoring process.