• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.07a
• /
• pp.215-218
• /
• 2021

심캐시(Shimcache, AppCompatCache) 파일은 Windows 운영체제에서 응용 어플리케이션 간의 운영체제 버전 호환성 이슈를 관리하는 파일이다. 호환성 문제가 발생한 응용 어플리케이션에 대한 정보가 심캐시에 기록되며 프리패치 (Prefetch) 파일이나 레지스트리의 UserAssist 키 등과 같이 응용 어플리케이션의 실행 흔적을 기록한다는 점에서 포렌식적 관점에서 중요한 아티팩트이다. 본 논문에서는 심캐시의 구조를 분석하여 심캐시 파일을 통해 얻을 수 있는 응용 어플리케이션의 정보를 소개하고, 기존 툴 상용도구의 개선을 통해 완전 삭제 등 안티 포렌식 도구의 실행 흔적을 탐지하는 방법을 제시한다.

• Korean Journal of Remote Sensing
• /
• v.27 no.1
• /
• pp.33-41
• /
• 2011

In the information communication technology, it is world-widely apparent that trend movement from internet web to smartphone app by users demand and developers environment. So it needs kinds of appropriate technological responses from geo-spatial domain regarding this trend. However, most cases in the smartphone app are the map service and location recognition service, and uses of geo-spatial contents are somewhat on the limited level or on the prototype developing stage. In this study, app for extraction of corner point features using geo-spatial imagery and their linkage to database system are developed. Corner extraction is based on Harris algorithm, and all processing modules in database server, application server, and client interface composing app are designed and implemented based on open source. Extracted corner points are applied LOD(Level of Details) process to optimize on display panel. Additional useful function is provided that geo-spatial imagery can be superimposed with the digital map in the same area. It is expected that this app can be utilized to automatic establishment of POI (Point of Interests) or point-based land change detection purposes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.4
• /
• pp.700-708
• /
• 2015

A software birthmark is the set of characteristics of a program which can be used to identify the program. Many researchers have studied on detecting theft of java programs using some birthmarks. In case of Android apps, code obfuscation techniques are used to protect the apps against reverse-engineering and tampering. However, attackers can also use the obfuscation techniques in order to conceal a stolen program. A birthmark (feature) of an app can be alterable by code obfuscations. Therefore, it is necessary to detect Android app theft based on the birthmark which is resilient to code obfuscation. In this paper, we propose an effective Android app birthmark and app theft detection through the proposed birthmark. By analyzing some obfuscation tools, we have first selected parameter and the return types of methods as an adequate birthmark. Then, we have measured similarity of target apps using the birthmarks extracted from the apps, where some target apps are not obfuscated and the others obfuscated. The measurement results show that our proposed birthmark is effective for detecting Android app theft even though the apps are obfuscated.

• Korean Journal of Veterinary Service
• /
• v.36 no.2
• /
• pp.139-145
• /
• 2013

Porcine respiratory disease complex (PRDC) continues to be a significant economic problem to the swine industry. In order to elucidate the etiology of PRDC including porcine circovirus type 2 (PCV2), porcine reproductive and respiratory disease syndrome virus (PRRSV), swine influenza virus (SIV), Mycoplasma hyopneumoniae (MH), Pasteurella multocida (PM) and Actinobacillus pleuropneumoniae (APP) in Namwon, the 455 lung samples were randomly collected from slaughtered pigs, examined gross lesions indicative of respiratory disease of lung and classified the lung lesion according to the severity of lung lesions. Two hundred pigs lung tissues with pneumonic lesions were examined for pathogen by PCR. As a result, the numbers of pneumonic lesions were 357 (78.5%), mean pneumonic score ($mean{\pm}SD$) was $2.03{\pm}0.90$ and the highest gross lesion according to stages was 1 (11~20%). In detection of pathogens, PCV2, PRRSV, SIV, MH, APP and PM were positive in 76.5%, 5.0%, 6.0%, 9.0%, 4.5% and 6.0%, respectively and PCV2-MH was the most detected causative pathogens of PRDC in co-infection. In the serological test for PRRSV, PCV2, MH, APP2, APP5, HP and PM, showed high antibody positive rates 93% or more.

• Journal of the Korea Convergence Society
• /
• v.8 no.4
• /
• pp.25-36
• /
• 2017

As smartphone users have increased in recent years, various applications have been developed and used especially for Android-based mobile devices. However, malicious applications developed by attackers for malicious purposes are also distributed through 3rd party open markets, and damage such as leakage of personal information or financial information of users in mobile terminals is continuously increasing. Therefore, to prevent this, a method is needed to distinguish malicious apps from normal apps for Android-based mobile terminal users. In this paper, we analyze the existing researches that detect malicious apps by extracting the system call events that occur when the app is executed. Based on this, we propose a technique to identify malicious apps by analyzing the sequence similarity of kernel layer events occurring in the process of running an app on commercial Android mobile devices.

• Journal of Internet of Things and Convergence
• /
• v.6 no.4
• /
• pp.65-72
• /
• 2020

In this paper, we developed a web-based DApp system based on a private blockchain by applying machine learning techniques to automatically identify Android malicious apps that are continuously increasing rapidly. The optimal machine learning model that provides 96.2587% accuracy for Android malicious app identification was selected to the authorized experimental data, and automatic identification results for Android malicious apps were recorded/managed in the Hyperledger Fabric blockchain system. In addition, a web-based DApp system was developed so that users who have been granted the proper authority can use the blockchain system. Therefore, it is possible to further improve the security in the Android mobile app usage environment through the development of the machine learning-based Android malicious app identification block chain DApp system presented. In the future, it is expected to be able to develop enhanced security services that combine machine learning and blockchain for general-purpose data.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.435-447
• /
• 2013

If we use a smartphone to analyze and detect falling, it is a huge advantage that the person with a sensor attached to one's body is free from awareness of difference and limitation of space, unlike attaching sensors on certain fixed areas. In this paper, we suggested effective posture analysis of smartphone users, and fall detecting system. Suggested algorithm enables to detect falling accurately by using the fact that instantaneous change of acceleration sensor is different according to user's posture. Since mobile applications working on smart phones are low in compatibility according to mobile platforms, it is a constraint that new development is needed which is suitable for sensor equipment's characteristics. In this paper, we suggested posture analysis algorithm using smartphones to solve the problems related to user's inconvenience and limitation of development according to sensor equipment's characteristics. Also, we developed fall detection system with the suggested algorithm, using hybrid mobile application which is not limited to platform.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.319-326
• /
• 2004

To help network intrusion detection systems(NIDSs) keep up with the demands of today's networks, that we the increasing network throughput and amount of attacks, a radical new approach in hardware and software system architecture is required. In this paper, we propose a Network Processor(NP) based In-Line mode NIDS that supports the packet payload inspection detecting the malicious behaviors, as well as the packet filtering and the traffic metering. In particular, we separate the filtering and metering functions from the deep packet inspection function using two-level searching scheme, thus the complicated and time-consuming operation of the deep packet inspection function does not hinder or flop the basic operations of the In-line mode system. From a proto-type NP-based NIDS implemented at a PC platform with an x86 processor running Linux, two Gigabit Ethernet ports, and 2.5Gbps Agere PayloadPlus(APP) NP solution, the experiment results show that our proposed scheme can reliably filter and meter the full traffic of two gigabit ports at the first level even though it can inspect the packet payload up to 320 Mbps in real-time at the second level, which can be compared to the performance of general-purpose processor based Inspection. However, the simulation results show that the deep packet searching is also possible up to 2Gbps in wire speed when we adopt 10Gbps APP solution.

• Bulletin of the Korean Chemical Society
• /
• v.32 no.6
• /
• pp.1975-1979
• /
• 2011

The modification of a gas diffusion layer (GDL), a vital component in polymer electrolyte fuel cells, is described here for use in the electrochemical detection of antibody-antigen biosensors. Compared to other substrates (gold foil and graphite), mouse anti-rHBsAg monoclonal antibody immobilized on gold-coated GDL (G-GDL) detected analytes of goat anti-mouse IgG antibody-ALP using a relatively low potential (-0.0021 V vs. Ag/AgCl 3 M NaCl), indicating that undesired by-reactions during electrochemical sensing should be avoided with G-GDL. The dependency of the signal against the concentration of analytes was observed, demonstrating the possibility of quantitative electrochemical biosensors based on G-GDL substrates. When a sandwich method was employed, target antigens of rHBsAg with a concentration as low as 500 ng/mL were clearly measured. The detection limit of rHBsAg was significantly improved to 10 ng/mL when higher concentrations of the 4-aminophenylphosphate monosodium salt (APP) acting on substrates were used for generating a redox-active product. Additionally, it was shown that a BSA blocking layer was essential in improving the detection limit in the G-GDL biosensor.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.1
• /
• pp.54-60
• /
• 2021

AR (Augmented Reality) is a technology that provides virtual content to the real world and provides additional information to objects in real-time through 3D content. In the past, a high-performance device was required to experience AR, but it was possible to implement AR more easily by improving mobile performance and mounting various sensors such as ToF (Time-of-Flight). Also, the importance of mobile augmented reality is growing with the commercialization of high-speed wireless Internet such as 5G. Thus, this paper proposes a system that can provide AR services via GNN (Graph Neural Network) using cameras and sensors on mobile devices. ToF of mobile devices is used to capture depth maps. A 3D point cloud was created using RGB images to distinguish specific colors of objects. Point clouds created with RGB images and Depth Map perform downsampling for smooth communication between mobile and server. Point clouds sent to the server are used for 3D object detection. The detection process determines the class of objects and uses one point in the 3D bounding box as an anchor point. AR contents are provided through app and web through class and anchor of the detected object.