• Journal of KIISE
• /
• v.44 no.10
• /
• pp.1019-1025
• /
• 2017

Binary similarity analysis is used in vulnerability analysis, malicious code analysis, and plagiarism detection. Proving that a function is equal to a well-known safe functions of different versions through similarity analysis can help to improve the efficiency of the binary code analysis of malicious behavior as well as the efficiency of vulnerability analysis. However, few studies have been carried out on similarity analysis of the same function of different versions. In this paper, we analyze the similarity of function units through various methods based on extractable function information from binary code, and find a way to analyze efficiently with less time. In particular, we perform a comparative analysis of the different versions of the OpenSSL library to determine the way in which similar functions are detected even when the versions differ.

• The Transactions of the Korean Institute of Electrical Engineers P
• /
• v.62 no.1
• /
• pp.30-35
• /
• 2013

Many function of railway signalling system which is in charge of most core function in a railway system are being operated by the software according to the development of computer technology. Accordingly, the source code testing to verify the safety of the railway signalling system software becomes to be more important, and related international standards highly recommend verifications on the source code also. For this reason, several related studies on vital source code verification were executed from several years ago in Korea. This paper performed tests through the application to railway signalling system being applied to the existing actual domestic railway sites through automated testing tools for coding rules of signalling system software and another signaling system software under development in Korea recently, and analyzed their results.

• Journal of the Semiconductor & Display Technology
• /
• v.20 no.3
• /
• pp.113-116
• /
• 2021

As artificial intelligence technologies, including deep learning, develop, these technologies are being introduced to code similarity analysis. In the traditional analysis method of calculating the graph edit distance (GED) after converting the source code into a control flow graph (CFG), there are studies that calculate the GED through a trained graph neural network (GNN) with the converted CFG, Methods for analyzing code similarity through CNN by imaging CFG are also being studied. In this paper, to determine which approach will be effective and efficient in researching code similarity analysis methods using artificial intelligence in the future, code similarity is measured through funcGNN, which measures code similarity using GNN, and Siamese Network, which is an image similarity analysis model. The accuracy was compared and analyzed. As a result of the analysis, the error rate (0.0458) of the Siamese network was bigger than that of the funcGNN (0.0362).

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11c
• /
• pp.2107-2110
• /
• 2002

소프트웨어를 설계, 구현하는데 있어서의 어려움이란 주변 환경이나 제반 기술 등과 같은 어려움도 있겠지만 실제 프로그래머가 작성하는 소스코드의 복잡성도 그 원인중의 하나라 할 수 있다. 이와 같은 문제의 해결을 위해서는 소스코드의 접근이나 이의 테스트를 위한 결합 등의 유연성이 높은 소프트웨어 기술이 필요한 실정이다. 이에 따라 AOP(Aspect-Oriented Programming) 기술을 이용하여 소스코드 자체의 접근 및 그의 처리를 용이하게 하여 복잡한 시스템의 개발이나 기존 시스템의 관리에 있어 효율을 높이고자 한다.

• International Journal of Advanced Culture Technology
• /
• v.8 no.2
• /
• pp.297-304
• /
• 2020

Recently, open source automatic machine learning solutions have been applied in many fields. To apply open source automated machine learning to real world problems, you need to write code with expertise in machine learning. Writing code without machine learning knowledge is challenging. To solve this problem, the automatic machine learning solutions provided by startups are made easy to use with a clean user interface. In this paper, we review automatic machine learning solutions of startups.

• Journal of Convergence Society for SMB
• /
• v.6 no.4
• /
• pp.137-150
• /
• 2016

Along with the rapid development of IT technology and business services, the effort to provide new services to the customers has been increasing, and also the improvement and enhancement of legacy systems are continuously occurring for rapid service delivery. In this situation, the quality assurance of the source code for the legacy system became a key technical elements that can quickly respond to the service needs. Refactoring is an engineering technique to ensure the quality for the legacy code, and essential for the improvement and extension of the legacy system in order to provide value-added services. This paper proposes some features of refactoring techniques through surveying and analyzing the existing refactoring techniques and tools to enhance source code quality. When service developers want to refactor the source code of the legacy system to enhance code quality, our proposed features may provide with the guidance on what to use any technique and tool in their work. This can improve the source code quality with correct refactoring and without trial and error, and will also enable rapid response to new services.

• Nuclear Engineering and Technology
• /
• v.21 no.2
• /
• pp.63-72
• /
• 1989

An analysis for the gamma radiation fields in the research reactor MAPLE-X10 facility has been peformed under the assumption of partial loss of reactor and service pool water to assess the safety from the view point of design. Four photon source terms considered in the analysis were calculated using the ORIGEN-S code. Gamma dose rate calculations over the reactor and service pools during the water-loss accident conditions were performed using QAD-CG code. MCNP code (Monte Carlo Neuron and Photon Transport code), also, was used to assess the scattered radiation fields away from the pools, which is appropriate for calculating the scattered photon dose rates outside of the solid angle subtended by the source and pool walls.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.5
• /
• pp.420-427
• /
• 2013

Recently, for secure software development, static analysis tools have been used mostly to analyze the source code of the software and identify software weaknesses caused of vulnerabilities. In order to select the optimal static analysis tool, both weaknesses rules and analysis capabilities of the tool are important factors. Therefore, in this paper we propose the test codes developed for evaluating the rules and analysis capabilities of the tools. The test codes to involve 43 weaknesses such as SQL injection etc. can be used to evaluate the adequacy of the rules and analysis capabilities of the tools.

• Journal of Communications and Networks
• /
• v.10 no.4
• /
• pp.384-395
• /
• 2008

Random network coding can be viewed as a single block code applied to all source packets. To manage the concomitant high coding complexity, source packets can be partitioned into generations; block coding is then performed on each set. To reach a better performance-complexity tradeoff, we propose a novel concatenated network code which mixes generations while retaining the desirable properties of generation-based coding. Focusing on the code's erasure performance, we show that the probability of successfully decoding a generation on erasure channels can increase substantially for any erasure rate. Using both analysis (for small networks) and simulations (for larger networks), we show how the code's parameters can be tuned to extract best performance. As a result, the probability of failing to decode a generation is reduced by nearly one order of magnitude.

• Nuclear Engineering and Technology
• /
• v.47 no.2
• /
• pp.212-218
• /
• 2015

We describe a comparative analysis of different tools used to assess safety-critical software used in nuclear power plants. To enhance the credibility of safety assessments and to optimize safety justification costs, $Electricit{\acute{e}}$ de France (EDF) investigates the use of methods and tools for source code semantic analysis, to obtain indisputable evidence and help assessors focus on the most critical issues. EDF has been using the PolySpace tool for more than 10 years. Currently, new industrial tools based on the same formal approach, Abstract Interpretation, are available. Practical experimentation with these new tools shows that the precision obtained on one of our shutdown systems software packages is substantially improved. In the first part of this article, we present the analysis principles of the tools used in our experimentation. In the second part, we present the main characteristics of protection-system software, and why these characteristics are well adapted for the new analysis tools. In the last part, we present an overview of the results and the limitations of the tools.