• Proceedings of the Korea Contents Association Conference
• /
• 2006.11a
• /
• pp.796-800
• /
• 2006

In this paper, we developed an e-loaming contents for C programming language using Linux and open source software, not using commercial integrated development tool like Microsoft's Visual Studio. In most programming language courses, students study or practice the programming language by editing source code compiling and running the executable code by commercial software like Visual Studio which installed on each PC. This way of learning has some difficulties in total cost of purchasing software and using other PCs which donot have proper software installed. To overcome this situation and enable loaming anywhere, with any device, at anytime, we propose a way of utilizing Linux and open source software in Web-based learning environment. In this environment students can input their source code on the form of broweser and get the result instantly from the server.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1159-1168
• /
• 2012

Control Flow Integrity(CFI) and Control Flow Locking(CFL) prevent unintended execution of software and provide integrity in control flow. Attackers, however, can still hijack program controls since CFI and CFL does not support fine-granularity, context-sensitive protection. In this paper, we propose a new CFI scheme, Source-code CFI(SCFI), to overcome the problems. SCFI provides context-sensitive locking for control flow. Thus, the proposed approach protects software against the attacks on the previous CFI and CFL schemes and improves safety.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.2
• /
• pp.218-226
• /
• 2023

In Korea, we still use function point based cost estimations for software size and cost of a project. The current problem is that we make difficultly calculating function points with requirements and also have less accurate. That is, it is difficult for non-experts to analyze requirements and calculate function point values with them, and even experts often derive different function points. In addition, all stakeholders strongly make the validity and accuracy of the function point values of the project before /after the development is completed. There are methods for performing function point analysis using source code [1][2][3][4] and some researchers [5][6][7] attempt empirical verification of function points about the estimated cost. There is no research on automatic cost validation with source code after the final development is completed. In this paper, we propose automatically how to calculate Function Points based on natural language requirements before development and prove FP calculation based on the final source code after development. We expect validation by comparing the function scores calculated by forward engineering and reverse engineering methods.

• Journal of Software Assessment and Valuation
• /
• v.17 no.1
• /
• pp.31-40
• /
• 2021

Plagiarism refers to the act of using the original data as if it were one's own without revealing the source. The plagiarism of source code causes a variety of problems, including legal disputes. Plagiarism in software projects is usually determined by measuring similarity by comparing every pair of source code within two projects. However, blindly comparing every pair has been a huge computational burden, causing a major factor of not using tools of better accuracy. If we can only compare pairs that are probable to be clones, eliminating pairs that are impossible to be clones, we can concentrate more on improving the accuracy of detection. In this paper, we propose a method of selecting highly probable candidates of clone pairs by pre-classifying suspected source-codes using a machine-learning model called code2vec.

• Journal of the Korea Convergence Society
• /
• v.12 no.9
• /
• pp.11-19
• /
• 2021

A software system is required to change during its life cycle due to various requirements such as adding functionalities, fixing bugs, and adjusting to new computing environments. Such program code modification should be considered as carefully as a new system development becase unexpected software errors could be introduced. In addition, when reusing open source programs, we can expect higher quality software if code changes of the open source program are predicted in advance. This paper proposes a Convolutional Neural Network (CNN)-based deep learning model to predict source code changes. In this paper, the prediction of code changes is considered as a kind of a binary classification problem in deep learning and labeled datasets are used for supervised learning. Java projects and code change logs are collected from GitHub for training and testing datasets. Software metrics are computed from the collected Java source code and they are used as input data for the proposed model to detect code changes. The performance of the proposed model has been measured by using evaluation metrics such as precision, recall, F1-score, and accuracy. The experimental results show the proposed CNN model has achieved 95% in terms of F1-Score and outperformed the multilayer percept-based DNN model whose F1-Score is 92%.

• Journal of KIISE:Software and Applications
• /
• v.35 no.2
• /
• pp.59-69
• /
• 2008

Automatic obfuscation is known to be the most viable method for preventing reverse engineering intentional1y making code more difficult to understand for security purposes. In this paper, we study and implement an obfuscation method for protecting MS Visual C++ programs against attack on the intellectual property in software like reverse engineering attack. That is, the paper describes the implementation of a code obfuscator, a tool which converts a Visual C++ source program into an equivalent one that is much harder to understand. We have used ANTLR parser generator for handling Visual C++ sources, and implemented some obfuscating transformations such as 'Remove comments', 'Scramble identifiers', 'Split variables', 'Fold array', 'Insert class', 'Extend loop condition', 'Add redundant operands', and 'Insert dead code'. We have also evaluated the performance and effectiveness of the obfuscator in terms of potency, resilience, and cost. When the obfuscated source code has been compared with the original source code, it has enough effectiveness for software protection though it incurs some run-time overheads.

• Asia pacific journal of information systems
• /
• v.30 no.3
• /
• pp.457-496
• /
• 2020

This study aims to extensively analyze the performance of various Machine Learning (ML) techniques for predicting version to version change-proneness of source code Java files. 17 object-oriented metrics have been utilized in this work for predicting change-prone files using 31 ML techniques and the framework proposed has been implemented on various consecutive releases of two Java-based software projects available as plug-ins. 10-fold and inter-release validation methods have been employed to validate the models and statistical tests provide supplementary information regarding the reliability and significance of the results. The results of experiments conducted in this article indicate that the ML techniques perform differently under the different validation settings. The results also confirm the proficiency of the selected ML techniques in lieu of developing change-proneness prediction models which could aid the software engineers in the initial stages of software development for classifying change-prone Java files of a software, in turn aiding in the trend estimation of change-proneness over future versions.

• International Journal of Control, Automation, and Systems
• /
• v.6 no.6
• /
• pp.809-817
• /
• 2008

Program plagiarism is widespread due to intelligent software and the global Internet environment. Consequently the detection of plagiarized source code and software is becoming important especially in academic field. Though numerous studies have been reported for detecting plagiarized pairs of codes, we cannot find any profound work on understanding the underlying mechanisms of plagiarism. In this paper, we study the evolutionary process of source codes regarding that the plagiarism procedure can be considered as evolutionary steps of source codes. The final goal of our paper is to reconstruct a tree depicting the evolution process in the source code. To this end, we extend the well-known bioinformatics approach, a local alignment approach, to detect a region of similar code with an adaptive scoring matrix. The asymmetric code similarity based on the local alignment can be considered as one of the main contribution of this paper. The phylogenetic tree or evolution tree of source codes can be reconstructed using this asymmetric measure. To show the effectiveness and efficiency of the phylogeny construction algorithm, we conducted experiments with more than 100 real source codes which were obtained from East-Asia ICPC(International Collegiate Programming Contest). Our experiments showed that the proposed algorithm is quite successful in reconstructing the evolutionary direction, which enables us to identify plagiarized codes more accurately and reliably. Also, the phylogeny construction algorithm is successfully implemented on top of the plagiarism detection system of an automatic program evaluation system.

• KIISE Transactions on Computing Practices
• /
• v.21 no.2
• /
• pp.148-153
• /
• 2015

In our domestic software industries, it is focused on such a high quality development/ testing process, maturity measurement, and so on. But the real industrial fields are still working on a code-centric development. Most of the existing legacy systems did not keep the design and highly increased the code complexity with more patching of the original codes. To solve this problem, we adopt a code visualization technique which is important to reduce the code complexity among modules. To do this, we suggest a tool chaining method based on the existing open source software tools, which extends NIPA's Software Visualization techniques applied to procedural languages. In addition, it should be refactored to fix bad couplings of the quality measurement indicators within the code visualization. As a result, we can apply reverse engineering to the legacy code, that is, from programming via model to architecture, and then make high quality software with this approach.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.48-60
• /
• 2024

With the exponential growth of satellite data utilization, machine learning has become pivotal in enhancing innovation and cybersecurity in satellite systems. This paper investigates the role of machine learning techniques in identifying and mitigating vulnerabilities and code smells within satellite software. We explore satellite system architecture and survey applications like vulnerability analysis, source code refactoring, and security flaw detection, emphasizing feature extraction methodologies such as Abstract Syntax Trees (AST) and Control Flow Graphs (CFG). We present practical examples of feature extraction and training models using machine learning techniques like Random Forests, Support Vector Machines, and Gradient Boosting. Additionally, we review open-access satellite datasets and address prevalent code smells through systematic refactoring solutions. By integrating continuous code review and refactoring into satellite software development, this research aims to improve maintainability, scalability, and cybersecurity, providing novel insights for the advancement of satellite software development and security. The value of this paper lies in its focus on addressing the identification of vulnerabilities and resolution of code smells in satellite software. In terms of the authors' contributions, we detail methods for applying machine learning to identify potential vulnerabilities and code smells in satellite software. Furthermore, the study presents techniques for feature extraction and model training, utilizing Abstract Syntax Trees (AST) and Control Flow Graphs (CFG) to extract relevant features for machine learning training. Regarding the results, we discuss the analysis of vulnerabilities, the identification of code smells, maintenance, and security enhancement through practical examples. This underscores the significant improvement in the maintainability and scalability of satellite software through continuous code review and refactoring.