• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.834-850
• /
• 2021

IT security companies have been releasing file system filter driver security solutions based on the whitelist, which are being used by several enterprises in the relevant industries. However, in February 2019, a whitelist vulnerability was discovered in Microsoft Edge browser, which allows malicious code to be executed unknown to users. If a hacker had inserted a program that executed malicious code into the whitelist, it would have resulted in considerable damage. File system filter driver security solutions based on the whitelist are discretionary access control (DAC) models. Hence, the whitelist is vulnerable because it only considers the target subject to be accessed, without taking into account the access rights of the file target object. In this study, we propose an industrial device security system for Windows to address this vulnerability, which improves the security of the security policy by determining not only the access rights of the subject but also those of the object through the application of the mandatory access control (MAC) policy in the Windows industrial operating system. The access control method does not base the security policy on the whitelist; instead, by investigating the setting of the security policy not only for the subject but also the object, we propose a method that provides improved stability, compared to the conventional whitelist method.

• Journal of KIISE:Databases
• /
• v.33 no.6
• /
• pp.590-599
• /
• 2006

Disordered streams cause two issues in processing sliding windows: i) how to place input tuples into a buffer in an increasing order efficiently and ii) how to determine a time point to process the windows from input tuples in the buffer. To address these issues, we propose a structure and method of operators for processing sliding windows. We first present a structure of the operators using an index to handle input tuples efficiently. Then, we propose a method to determine the time point to process the windows, which is called a mean-based estimation. In the proposed method, users can describe parameters required for estimation in a query specification, which provides a way for users to control the properties of query results such as the accuracy or the response time according to application requirements. Our experimental results show that the mean-based estimation provides better adaptivity and stability than the one used in the existing method.

• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.9-23
• /
• 2020

Microsoft's Windows system is widely used as an operating system for the desktops and enterprise servers of companies or organizations, and is a major target of cyber attacks. Microsoft provides various protection technologies and strives for defending the attacks through periodic security patches, however the threats such as DLL injection and process injection still exist. In this paper, we analyze 12 types of injection techniques in Microsoft Windows, and perform injection attack experiments on four application programs. Through the results of the experiments, we identify the risk of injection techniques, and verify the effectiveness of the mitigation technology for defending injection attacks provided by Microsoft. As a result of the experiments, we have found that the current applications are vulnerable to several injection techniques. Finally, we have presented the mitigation techniques for these injection attacks and analyzed their effectiveness.

• Journal of Korea Multimedia Society
• /
• v.19 no.2
• /
• pp.504-511
• /
• 2016

3D simulation programs or games on a smart phone and a personal computer have often employed 3D graphic processing techniques and 3D graphical views. However, the user interfaces in those 3D programs have sticked to take a typical 2D style user interface and thus the combination of a 2D user interface view and a 3D simulation view give us a mismatched sense. Since a 2D user interface has been based on the windows controls, it causes sometime DC conflicts between a simulation view and an interface view. Therefore, we will implement the UI developing tool which can be inserted into the pipeline structure for the development of a 3D simulation software and also follows the view-handler design pattern in Microsoft windows system. It will provide various graphical effects such as the deformation of UI depending on the view direction of simulation view and the sitting pose of user. This developing tool gives the natural user interface which heightens the sense of unity with a given 3D simulation view.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.05a
• /
• pp.273-276
• /
• 2003

In this study, Automatic Speech Recognition Application System is designed and implemented to realize transformation from present GUI-centered web services to VUI-centered web service. Due to ASP's restriction with web in speed and implantation, in this study, Automatic Speech Recognition Application System with Java beans Component Architecture is devised and studied. Also the voice web browsing which is able to transfer voice and graphic information simultaneously is studied using Remote AWT(Abstract Windows Toolkit).

• Convergence Security Journal
• /
• v.7 no.3
• /
• pp.61-70
• /
• 2007

In Windows operating system, CSPs(Cryptographic Service Providers) are provided for offering a easy and convenient way of using an various cryptographic algorithms to applications. The applications selectively communicate with various CSPs through a set of functions known as the Crypto API(Cryptographic Application Program Interface). During this process, a secure method, accessing data using a handle, is used in order to prevent analysis of the passing parameters to function between CryptoAPI and CSPs. In this paper, our experiment which is using a novel memory traceback method proves that still there is a vulnerability of private key and secret key disclosure in spite of the secure method above-mentioned.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.591-603
• /
• 2018

Windows Event Log is a format that records system log in Windows operating system and methodically manages information about system operation. An event can be caused by system itself or by user's specific actions, and some event logs can be used for corporate security audits, malware detection and so on. In this paper, we choose actions related to corporate security audit and malware detection (External storage connection, Application install, Shared folder usage, Printer usage, Remote connection/disconnection, File/Registry manipulation, Process creation, DNS query, Windows service, PC startup/shutdown, Log on/off, Power saving mode, Network connection/disconnection, Event log deletion and System time change), which can be detected through event log analysis and classify event IDs that occur in each situation. Also, the existing event log tools only include functions related to the EVTX file parse and it is difficult to track user's behavior when used in a forensic investigation. So we implemented new analysis tool in this study which parses EVTX files and user behaviors.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.8
• /
• pp.1553-1560
• /
• 2016

In this paper, we design a program that controls the execution permissions for the running application in the Windows system environment. It does not allow general users to execute the program converting the specific location information of the execution program, to any of the bit values with the formal structure information in window program. The converted bit value can be returned to the original bit value in the case of an authorized user, so that the original program can be normally performed. By doing so, it can be more safely used in the risk of reverse engineering for Windows executable program. We implemented the control program for the program execution authority we proposed in this paper, and the experiment was performed. At the results of experiments, it was confirmed that the control function to permit execution for the user program was working properly in the Windows environment.

• Journal of the Korean Wood Science and Technology
• /
• v.41 no.1
• /
• pp.77-86
• /
• 2013

This research was carried out to evaluate and raise the energy efficiency of wood frame house. The commercial solution program CE3 (Construction Energy Efficiency Evaluation) was used for simulating the energy consumption in the single-family wood frame house. The results showed that the annual heating energy demand of the house was 160 kWh per 1 $m^2$ floor area. In order to decrease the heating energy demand, the following energy efficiency methods were applied to the simulation : a) simplification of building shape, b) decrease of windows area, c) application of high performance windows (with low thermal transmittance) and d) application of heat recovery ventilator. In case of replacement of the windows with high performance one with thermal transmittance 1 $W/m^2{\cdot}K$, the lowest heating demand of 80 $kWh/m^2{\cdot}a$ was obtained. The best combination of methods, application of high performance windows and heat recovery ventilator, showed heating energy demand 34.5 $kWh/m^2{\cdot}a$.

• Proceedings of the KIEE Conference
• /
• 2007.11b
• /
• pp.288-290
• /
• 2007

This paper presents a visualization application using 3D-graphics for effective maintenance of power equipment. The maintenance algorithm implemented in the application is based on Condition-Based Maintenance (CBM) and Reliability -Centered Maintenance (RCM). The main frame of the developed application was made up based on Windows Application Programming Interface (API) and Microsoft Fundamental Classes (MFC). In order to develop the interactive 3D application, the WorldToolKit (WTK) library based on Open GL was used. Also Text-to-Speech (TTS) technology was used to enhance the efficiency of operators. The developed application can help the power system operators to intuitively recognize the present state and maintenance information of the equipment.