• The KIPS Transactions:PartD
• /
• v.15D no.1
• /
• pp.61-72
• /
• 2008

One of the most significant tasks of software development project is to know how much it will be the software development cost in the early stage of software development cycle. The software development environment and technology are changing very rapidly. For accuracy, we should apply those to the software cost estimation. And it is important that we select the suitable adjustment factor and the value of a suitable adjustment factor. For that, this paper have applied the method of AHP. And we have also analyzed the sensitivity of the adjustment factor which is influenced by decision metrics. In conclusion, the value of the application type adjustment factor is responded more sensitively to the data complexity and the control complexity than processing complexity. And the value of the language adjustment factor is responded more sensitively to the supplying manpower and the time of the coding than the time of the debugging. In the future, we will research the selection of an additional adjustment factor and a suitable value of the adjustment factor which are influenced by the environment and the technology of the domestic software development. And then, in the language adjustment factor, we will try to calculate the value about the individual programming language.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.5
• /
• pp.335-340
• /
• 2013

This paper has designed and realized educational ZigBee equipment befitting to the USN environment. In addition, this study has enabled users to exercise operation process for software technology education and to propose software design methods in the process in the USN environment through practice equipment for ZigBee education. As for the development environment of system, Atmega128 process of Atmel is used for CPU; AVR compiler for the debugging environment; C language for firmware development language; and C++ for application program. The system operation process is initiated by coordinator's sensing information reading order from the hyper terminal through a server through the Internet or directly connected; and then delivering it to a terminating device by using ZigBee technology. The terminating device delivers various sensing information to the coordinator which delivers it to a server through the Internet or to a HYPER terminal directly connected to the coordinator. As for the educational course, it is about practices on such ZigBee operation process and relevant programing skills. Regarding it, the communication between coordinator and terminating device is designed by utilizing physical layer of ZigBee protocol, MAC layer and network layer while the communication between server and coordinator is designed by proposing an independent protocol on TCP/IP socket and the protocol processing procedure during sensing data delivery is verified by interpretation.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.8
• /
• pp.317-322
• /
• 2019

Programming judge systems for programming training support are typically built on the Web, where the examiners uploads a programming problem, which the student reads and submits an answer to the problem. The judge system executes the submitted answer of source code to provide feedback such as pass, failure, and error messages. Students who receive the feedback except for the pass continues debugging the source code until they are judged to pass. We developed an online judge system to support programming training and analyzed answers submitted by the students and found that many of the students who were not judged to pass that test did not know exactly where they were wrong but continued to solve the problem. The current judge system generally feeds runtime error messages back to students. However, with only runtime error message, it is difficult for student who train to find the wrong part of the answer. Therefore, in this paper, we propose a system that provides the feedback of programming failure by analyzing the control flow of the test cases used in the source code submitted by the student. The proposed system helps students find the wrong parts more quickly by feeding back the paths where faults in the control flow may exist. In addition, we show that this system is applicable to the answer source code that the actual student submitted.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.4
• /
• pp.827-839
• /
• 2012

A cell phone is very close to the user and therefore should be considered in digital forensic investigation. Recently, the proportion of smartphone owners is increasing dramatically. Unlike the feature phone, users can utilize various mobile application in smartphone because it has high-performance operating system (e.g., Android, iOS). As acquisition and analysis of user data in smartphone are more important in digital forensic purposes, smartphone forensics has been studied actively. There are two way to do smartphone forensics. The first way is to extract user's data using the backup and debugging function of smartphones. The second way is to get root permission, and acquire the image of flash memory. And then, it is possible to reconstruct the filesystem, such as YAFFS, EXT, RFS, HFS+ and analyze it. However, this methods are not suitable to recovery and analyze deleted data from smartphones. This paper introduces analysis techniques for fragmented flash memory pages in smartphones. Especially, this paper demonstrates analysis techniques on the image that reconstruction of filesystem is impossible because the spare area of flash memory pages does not exist and the pages in unallocated area of filesystem.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.11
• /
• pp.297-304
• /
• 2021

Commercial obfuscation tools (protectors) aim to create difficulties in analyzing the operation process of software by applying obfuscation techniques and Anti-reversing techniques that delay and interrupt the analysis of programs in software reverse engineering process. In particular, in case of virtualization detection and anti-debugging functions, the analysis tool exits the normal execution flow and terminates the program. In this paper, we analyze Anti-reversing techniques of executables with Debugger Detection and Viralization Tools Detection options through VMProtect 3.5.0, one of the commercial obfuscation tools (protector), and address bypass methods using Pin. In addition, we predicted the location of the applied obfuscation technique by finding out a specific program termination routine through API analysis since there is a problem that the program is terminated by the Anti-VM technology and the Anti-DBI technology and drew up the algorithm flowchart for bypassing the Anti-reversing techniques. Considering compatibility problems and changes in techniques from differences in versions of the software used in experiment, it was confirmed that the bypass was successful by writing the pin automation bypass code in the latest version of the software (VMProtect, Windows, Pin) and conducting the experiment. By improving the proposed analysis method, it is possible to analyze the Anti-reversing method of the obfuscation tool for which the method is not presented so far and find a bypass method.

• The Transactions of the Korea Information Processing Society
• /
• v.5 no.10
• /
• pp.2575-2583
• /
• 1998

The productionof the highly relible softwae systems and theirs performance evaluation hae become important interests in the software industry. The software evaluation has been mainly carried out in ternns of both reliability and performance of software system. Software reliability is the probability that no software error occurs for a fixed time interval during software testing phase. These theoretical software reliability models are sometimes unsuitable for the practical testing phase in which a software error at a certain testing stage occurs by causes of the imperfect debugging, abnornal software correction, and so on. Such a certatin software testing stage needs to be considered as an outlying stage. And we can assume that the software reliability does not improve by means of muisance factor in this outlying testing stage. In this paper, we discuss Bavesian software reliability growth modeling and estimation procedure in the presence of an imidentitied outlying software testing stage by the modification of Jehnski Moranda. Also we derive the Bayes estimaters of the software reliability panmeters by the assumption of prior information under the squared error los function. In addition, we evaluate the proposed software reliability growth model with an unidentified outlying stage in an exchangeable model according to the values of nuisance paramether using the accuracy, bias, trend, noise metries as the quantilative evaluation criteria through the compater simulation.

• Journal of IKEEE
• /
• v.18 no.4
• /
• pp.552-558
• /
• 2014

This paper suggests how to design a ZigBee-chip-based communication module to remotely measure radiation level. The suggested communication module consists of two control processors for the chip as generally required to configure a ZigBee system, and one chip module to configure a ZigBee RF device. The ZigBee-chip-based communication module for remote radiation measurement consists of a wireless communication controller; sensor and high-voltage generator; charger and power supply circuit; wired communication part; and RF circuit and antenna. The wireless communication controller is to control wireless communication for ZigBee and to measure radiation level remotely. The sensor and high-voltage generator generates 500 V in two consecutive series to amplify and filter pulses of radiation detected by G-M Tube. The charger and power supply circuit part is to charge lithium-ion battery and supply power to one-chip processors. The wired communication part serves as a RS-485/422 interface to enable USB interface and wired remote communication for interfacing with PC and debugging. RF circuit and antenna applies an RLC passive component for chip antenna to configure BALUN and antenna impedance matching circuit, allowing wireless communication. After configuring the ZigBee-chip-based communication module, tests were conducted to measure radiation level remotely: data were successfully transmitted in 10-meter and 100-meter distances, measuring radiation level in a remote condition. The communication module allows an environment where radiation level can be remotely measured in an economically beneficial way as it not only consumes less electricity but also costs less. By securing linearity of a radiation measuring device and by minimizing the device itself, it is possible to set up an environment where radiation can be measured in a reliable manner, and radiation level is monitored real-time.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.6
• /
• pp.155-164
• /
• 2018

Many malicious programs have been compressed or encrypted using various commercial packers to prevent reverse engineering, So malicious code analysts must decompress or decrypt them first. The OEP (Original Entry Point) is the address of the first instruction executed after returning the encrypted or compressed executable file back to the original binary state. Several unpackers, including PinDemonium, execute the packed file and keep tracks of the addresses until the OEP appears and find the OEP among the addresses. However, instead of finding exact one OEP, unpackers provide a relatively large set of OEP candidates and sometimes OEP is missing among candidates. In other words, existing unpackers have difficulty in finding the correct OEP. We have developed new tool which provides fewer OEP candidate sets by adding two methods based on the property of the OEP. In this paper, we propose two methods to provide fewer OEP candidate sets by using the property that the function call sequence and parameters are same between packed program and original program. First way is based on a function call. Programs written in the C/C++ language are compiled to translate languages into binary code. Compiler-specific system functions are added to the compiled program. After examining these functions, we have added a method that we suggest to PinDemonium to detect the unpacking work by matching the patterns of system functions that are called in packed programs and unpacked programs. Second way is based on parameters. The parameters include not only the user-entered inputs, but also the system inputs. We have added a method that we suggest to PinDemonium to find the OEP using the system parameters of a particular function in stack memory. OEP detection experiments were performed on sample programs packed by 16 commercial packers. We can reduce the OEP candidate by more than 40% on average compared to PinDemonium except 2 commercial packers which are can not be executed due to the anti-debugging technique.