• Proceedings of the IEEK Conference
• /
• 2003.07c
• /
• pp.2749-2752
• /
• 2003

Magnetocardiography is a very weak biomagnetic field generated from the heart. Since the magnitude of the biomagnetic field is in the order of a few pico Tesla, it is measured with a superconducting quantum interference device (SQUID). SQUID is a transducer converting magnetic flux to voltage, however, its range of linear conversion is very restricted. In order to overcome the narrow dynamic range. a flux locked loop is used to feedback the output field with opposite polarity to the input field so that the total Held becomes zero. This prevents the operating point of the SQUID from moving too far away from the null point thereby escape from the linear region. In this paper, an emulator for the SQUID sensor and feedback coil is proposed. Magnetic courting between the original field and the generated field by the feedback coil is emulated by electronic circuits. By using the emulator, FLL circuits are analyzed and optimized without SQUID sensors. The emulator may be used as a test signal for multi-channel gain calibration and system maintenance.

• Journal of Software Assessment and Valuation
• /
• v.17 no.1
• /
• pp.41-50
• /
• 2021

Many game and financial apps have emulator detection functionality to defend against dynamic reverse engineering attacks. However, existing Android emulator detection methods have limitations in detecting the latest mobile game emulators that are similar to actual devices. Therefore, in this paper, we propose a method to effectively detect Android emulators for mobile games based on Houdini module and strings of a library. The proposed method detects the two emulators, Nox and LD Player through specific strings included in libc.so of bionic, and an analysis of the system call execution process and memory mapping associated with the Houdini module.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1067-1075
• /
• 2015

With the recent increase of the number of mobile game users, the side effects such as the manipulation of game points, levels and game speed and payment fraud are emerging. Especially, the emulators which make it possible for mobile applications to run on PC is a great threat to mobile game security since debugging specific game application or automating the game playing can be done easier with them. Therefore, we research the efficient ways to detect widely used Android Emulators such as BlueStacks, GenyMotion, Andy, YouWave and ARC Welder from the perspective of client(app), game server and network to reduce threat to mobile game security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.105-115
• /
• 2019

Recently, intelligent Android malicious codes have become difficult to detect malicious behavior by static analysis alone. Malicious code with SO file, dynamic loading, and string obfuscation are difficult to extract information about original code even with various tools for static analysis. There are many dynamic analysis methods to solve this problem, but dynamic analysis requires rooting or emulator environment. However, in the case of dynamic analysis, malicious code performs the rooting and the emulator detection to bypass the analysis environment. To solve this problem, this paper investigates a variety of root detection schemes and builds an environment for bypassing the rooting detection in real devices. In addition, SDK code hooking module for Android malicious code analysis is designed using Xposed, and intent tracking for code flow, dynamic loading file information, and various API information extraction are implemented. This work will contribute to the analysis of obfuscated information and behavior of Android Malware.

• Journal of Astronomy and Space Sciences
• /
• v.25 no.3
• /
• pp.321-328
• /
• 2008

Software Test Bench should be simulated with maximum quality to real execution environment in order to verify the performance of software which is changed or newly developed. And especially faults detection and recovery are crucial function of the performance test environment. Simulated Software Test Bench based on processor emulator is attractive and can be available prior to hardware Software Test Bench if real time performance aspect is ignored. In this paper, the results of conceptual study for developing the simulated Software Test Bench are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.6
• /
• pp.41-56
• /
• 2007

In this paper, we propose a specification-based intrusion detection system for WIPI(Wireless Internet Platform for Interoperability). In proposing the system, we focused on providing lightweight code, supporting multiple languages and hardware independence. The proposed system is based on an algorithm which detects an intrusion to main API of WIPI-HAL(Handset Adaptation Layer) and defines the prototype of mIDS(mobile IDS) API group that it can be added on the HAL. Moreover, we prove apply possibility through a WIPI emulator using java library.

• The Transactions of the Korean Institute of Electrical Engineers
• /
• v.36 no.5
• /
• pp.367-376
• /
• 1987

In this paper we have disigned and implemented a real time ALE (adaptive line enhancer) using a high speed digital processor,NEC 7720. For the ALE system, we have employed an adaptive LMS(least mean square) algorithm proposed by Widrow and Hoff and a 32-order FIR(finite impulse response) filter. Extensive computer simulations have been performed to investigate the peformance of the ALE and to determine necessary parameters for hardware design. The developed software for an NEC 7720 was tested in real time operation using an NEC7720 hardware emulator. The ALE has been tested by sinusoidal waves and real CW (continuous wave) signals. It was found that the experimental results were well agreed with the computer simulation results. Thus it can be concluded that the ALE is useful for detection and enhancement of a sinusoidal signal which is corrupted by an additive Gaussian noise.

• Proceedings of the KIEE Conference
• /
• 2001.07d
• /
• pp.2219-2221
• /
• 2001

A communication protocol for automatic meter reading is designed for electronic power meter. Communicational functions and data structures are standardized and data reading software is developed according to the developed protocol. The communication protocol is designed with reference specifications, IEC 62056-31 and Distributed Network Protocol(DNP). For design, communicational functions and specifications of the industrial meters were analyzed for the purpose of developing a new one for KEPCO meters. The protocol is designed with 3 layer model, physical layers, data link layer and application layer. A documentation was completed with data gathering, data classification, authentication, error detection. An emulator system was made for testing the protocol. A meter reading software was developed using the protocol. Many different protocols and meter reading softwares are integrated into one with the developed protocol and software as KEPCO's standard.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.7
• /
• pp.1854-1873
• /
• 2012

Owing to its simplicity and flexibility, the session initiation protocol (SIP) has been widely adopted as a major session-management protocol for Internet telephony or Voice-over IP (VoIP) services. However, SIP has faced various types of security threats. Call-disruption attacks are some of the most severe threats they face, and can greatly inconvenience consumers. In this paper, we analyze such SIP call-disruption attacks, and propose a method for detecting and counteracting them by extending the SIP INFO method with authentication. Using the proposed method, both the target user and the SIP server can detect the existence of a call-disruption attack on a user and counteract the attack. We demonstrate the effectiveness of the proposed method from the viewpoint of computational complexity by configuring a test-bed with an Asterisk SIP proxy server and an SIP performance (SIPp) emulator.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.873-880
• /
• 2015

Since hardware-based kernel-integrity monitoring systems run in the environments that are isolated from the monitored OS, attackers in the monitored OS cannot undermine the security of monitoring systems. However, because the monitoring is performed by using physical addresses, the hardware-based monitoring systems are vulnerable to Address Translation Redirection Attack (ATRA) that manipulates virtual-to-physical memory translations. To ameliorate this problem, we propose a scheduler-based ATRA detection method. The method detects ATRA during the process scheduling by leveraging the fact that kernel scheduler engages every context switch of processes. We implemented a prototype on Android emulator and TizenTV, and verified that it successfully detected ATRA without incurring any significant performance loss.