• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.701-713
• /
• 2021

Race Condition is a vulnerability in which two or more processes input or manipulate a common resource at the same time, resulting in unintended results. This vulnerability can lead to problems such as denial of service, elevation of privilege. When a vulnerability occurs in software, the relevant information is documented, but often the cause of the vulnerability or the source code is not disclosed. In this case, analysis at the binary level is necessary to detect the vulnerability. This paper aims to detect the Time-Of-Check Time-Of-Use (TOCTOU) Race Condition vulnerability of UNIX kernel-based File System at the binary level. So far, various detection techniques of static/dynamic analysis techniques have been studied for the vulnerability. Existing vulnerability detection tools using static analysis detect through source code analysis, and there are currently few studies conducted at the binary level. In this paper, we propose a method for detecting TOCTOU Race Condition in File System based on Control Flow Graph and Call Graph through Binary Analysis Platform (BAP), a binary static analysis tool.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.17 no.1
• /
• pp.26-31
• /
• 2007

In this study, A BED(Binary ECG description) based binary ECG conversion system is that supports the conversion of a binary ECG format into XML-based HL7 aECG for interoperability of ECG. HL7 aECG is a XML based standard lot interoperability of ECG waveform. However, it is difficult for beginners to write the BED document of binary BED conversion system in XML. We implement a BED Studio on the Java Servlet engine that allows beginners to write BED documents more easily. Our system consists of three parts: Visual Editor, Text Editor, and Format Checking Viewer. Format Checking Viewer support users to detect the format errors in the XML files, so-called BED documents, that describe the data format of the targer binary ECG file in the BED-based binary ECG conversion system, so may reduce the format errors in BED documents.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.75-84
• /
• 2015

In an "NTFS Index Record Data Hiding" method messages are hidden by using file names. Windows NTFS file naming convention has some forbidden ASCII characters for a file name. When inputting Hangul with the Roman alphabet, if the forbidden characters for the file name and binary data are used, the codes are convert to a designated unicode point to avoid a file creation error due to unsuitable characters. In this paper, the problem of a file creation error due to non-admittable characters for the file name is fixed, which is used in the index record data hiding method. Using Hangul with Roman alphabet the characters cause a file creation error are converted to an arbitrary unicode point except Hangul and Roman alphabet area. When it comes to binary data, all 256 codes are converted to designated unicode area except an extended unicode(surrogate pairs) and ASCII code area. The results of the two cases, i.e. the Hangul with Roman alphabet case and the binary case, show the applicability of the proposed method.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10d
• /
• pp.608-612
• /
• 2007

FOTA는 무선기능이 장착된 Mobile Device에 새로운 Software에 대한 알림기능이 도착하면, Software가 탐재된 서버에 접속하여 Software를 Download 받고, 그 Download한 Software를 Upgrade 하는 기능을 말한다. FOTA 기능을 장착하기 위해서 Mobile Device는 Delta Package의 사이즈를 최소화하기 위한 특별한 Binary 구조를 가지는데 두 Binary의 차이를 압축한 것을 Delta Package라고 부르며, Binary 사이에 Upgrade를 위한 여분의 Gap을 두어, 향후 수정된 내용이 있을 때, 수정사항을 공간 내에 포함할 수 있도록 한다. 바이너리를 구성하는 Object들이 Image내에 어떤 위치에 포함될 것인지를 결정하는 Scatter Loader에 따라, Binary의 구조 및 확장성, Delta의 크기를 결정하게 되는데, 이것은 Object의 Type이나 Scatter Loading File내에서 명시한 순서와는 관계가 없고, Execution Region의 분할 개수를 늘릴수록, 각 Object의 Dependency 별로 묶을수록 Delta Size가 작아지는 것을 알게 되었다. 이 논문에서는 위에서 제시한 조건이 Delta Size에 미치는 원인에 대해 분석하고, Scatter Loading File을 최적화시킬 수 있는 방안에 대해서 연구한다.

• Proceedings of the IEEK Conference
• /
• 1998.06a
• /
• pp.729-732
• /
• 1998

ITU-T recommends T.120 for multimedia conferencing data protocols. In this paper, generic model of application protocols is shown for guaranteeting internetworking between application protocols in application users. And using generic conference control and multipoint communication service, multipoint binary file transfer application protocol is shown throughout application protocol generic model on public session environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1485-1494
• /
• 2015

Traditionally, data hiding has been done mainly in such a way that insert the data into the large-capacity multimedia files. However, the document files of the previous versions of Microsoft Office 2003 have been used as cover files as their structure are so similar to a File System that it is easy to hide data in them. If you open a compound-document file which has a secret message hidden in it with MS Office application, it is hard for users who don't know whether a secret message is hidden in the compound-document file to detect the secret message. This paper presents an analysis of Compound-File Binary Format features exploited in order to hide data and algorithms to detect the data hidden with these exploits. Studying methods used to hide data in unused area, unallocated area, reserved area and inserted streams led us to develop an algorithm to aid in the detection and examination of hidden data.

• KIISE Transactions on Computing Practices
• /
• v.22 no.4
• /
• pp.170-177
• /
• 2016

Character encoding is a method for changing a document to a binary document file using the code table for storage in a computer. When people decode a binary document file in a computer to be read, they must know the code table applied to the file at the encoding stage in order to get the original document. Identifying the code table used for encoding the file is thus an essential part of decoding. In this paper, we propose a method for detecting the character code of the given binary document file automatically. The method uses many techniques to increase the detection rate, such as a character code range detection, escape character detection, character code characteristic detection, and commonly used word detection. The commonly used word detection method uses multiple word database, which means this method can achieve a much higher detection rate for multi-language files as compared with other methods. If the proportion of language is 20% less than in the document, the conventional method has about 50% encoding recognition. In the case of the proposed method, regardless of the proportion of language, there is up to 96% encoding recognition.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.1
• /
• pp.23-28
• /
• 2012

The performance improvement of the secondary storage is very slow compared to the main memory and processor. The data is loaded from secondary storage to memory for the execution of an application. At this time, there is a bottleneck. In this paper, we propose an Executable Compression Method to speed up the initial loading time of application. and we examined the performance. So we implemented the two applications. The one is a compressor for Execution Binary File. and The other is a decoder of Executable Compressed application file on the Embedded System. Using the test binary files, we performed the speed test in the six files. At the result, one result showed that the performance was decreased. but others had a increased performance. the average increasing rate was almost 29% at the initial loading time. The level of compression had different characteristics of the file. And the performance level was dependent on the file compressed size and uncompress time. so the optimized compression algorithm will be needed to apply the execution binary file.

• Journal of Platform Technology
• /
• v.10 no.4
• /
• pp.11-24
• /
• 2022

The tool for developing airborne software requires the same level of safety as airborne software because the tool whose output is part of the airborne software and thus could insert an error into the airborne software. This paper describes how to ensure the reliability of the tool output that becomes a part of the airborne software by validating of the input and output files of the tool when generating the ARINC 661 standard UA definition file and the CDS configuration file through the A661UAGEN tool of Hanwha Systems. We present the method to validate XML data structure and contents with an XML schema definition, which is an input of the A661UAGEN tool. And the method to validate the output binary data by using mask data for the corresponding data structure and valid value, which is the output of the A661UAGEN tool, was presented. As such, validation of the input and output of the tool improves the reliability of binary DFs and CDs integrated into the airborne software, allowing airborne software developers to utilize the tool to ensure safety in developing the OFP.

• Transactions of the Korean Society of Mechanical Engineers A
• /
• v.30 no.5 s.248
• /
• pp.488-495
• /
• 2006

The demand for the use of 3D CAD data over the Internet environment has been increased. However, transmission of 3D CAD data has delayed the communication effectiveness because of the CAD data size. Lightweight CAD file design methodology is required for rapid transmission in the distributed environment. In this paper, to derive lightweight CAD files from commercial CAD systems, a file translation system producing a native file is constructed first by using the InterOp and API of the ACIS kernel. Using the B-rep model and mesh data extracted from the native file, the lightweight CAD file with topological information is constructed as a binary file. Since the lightweight CAD file retains topological information, it is applied to the dimensional verification, digital mock-ups and visualization of CAD files. Effectiveness of the proposed lightweight CAD file is confirmed through various case studies.