• Journal of Software Assessment and Valuation
• /
• v.15 no.2
• /
• pp.1-7
• /
• 2019

Program similarity analysis consists of substantial similarity and access. Substantial similarity is a judgment of how similarly the program source code is quantitatively. Access determines the degree of similarity by analyzing comments in the program or other contextual evidence. In the case of manuals, it may be the subject of legitimacy analysis. Manuals can be divided into three types as follows. First, a master manual is a document created during the development stage of a product. It is a user manual that contains all the functionality of the product and its derivatives. Second, the customer manual is a manual that is open only to the primary customer and orderer. Third, the user manual is a document that is applied to the final OEM production stage and is open to the end purchaser. In this paper, we compare the master manual seized from the suspect and the master manual provided by the suspect on the Internet. It then determines how similar this master manual is and includes the victim company's original and property values.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.321-330
• /
• 2015

There have been found many modified malwares which could avoid detection simply by replacing a sequence of characters or a part of code. Since the existing anti-virus program performs signature-based analysis, it is difficult to detect a malware which is slightly different from the well-known malware. This paper suggests a method of detecting modified malwares by extending a hash-value based code comparison. We generated hash values for individual functions and individual code blocks as well as the whole code, and thus use those values to find whether a pair of codes are similar in a certain degree. We also eliminated some numeric data such as constant and address before generating hash values to avoid incorrectness incurred from them. We found that the suggested method could effectively find inherent similarity between original malware and its derived ones.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.834-835
• /
• 2016

In recent years, advances in technology, IT is rapidly growing. Accordingly, real time image processing and multiple platforms, providing compatibility with OpenCV for image processing technology research on actively in progress. At present, different, comparing the images to determine the similarity is low, the system will match the rate of people using the analogue figures to determine the system is for the most part. In this paper, Template Matching of OpenCV and Feature Matching utilizing different images to determine the similarity between digital values for the system. A comparison of the features of a specific point on the screen the image to extract the same feature in a different size, you can compare the features of the target image recognized as compared to three historic castle in comparison, verification. This is the voice and image recognition and analysis, check the matching rate readings than in Zhengzhou treatment techniques are available. The future of forensic and other image processing technologies for OpenCV studies will be needed to feed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1325-1336
• /
• 2012

In the past about 10 different kinds of malicious code were found in one day on the average. However, the number of malicious codes that are found has rapidly increased reachingover 55,000 during the last 10 year. A large number of malicious codes, however, are not new kinds of malicious codes but most of them are new variants of the existing malicious codes as same functions are newly added into the existing malicious codes, or the existing malicious codes are modified to evade anti-virus detection. To deal with a lot of malicious codes including new malicious codes and variants of the existing malicious codes, we need to compare the malicious codes in the past and the similarity and classify the new malicious codes and the variants of the existing malicious codes. A former calculation method of the similarity on the existing malicious codes compare external factors of IPs, URLs, API, Strings, etc or source code levels. The former calculation method of the similarity takes time due to the number of malicious codes and comparable factors on the increase, and it leads to employing fuzzy hashing to reduce the amount of calculation. The existing fuzzy hashing, however, has some limitations, and it causes come problems to the former calculation of the similarity. Therefore, this research paper has suggested a new comparison method for malicious codes to improve performance of the calculation of the similarity using fuzzy hashing and also a classification method employing the new comparison method.

• Journal of Korea Multimedia Society
• /
• v.7 no.3
• /
• pp.427-437
• /
• 2004

Shape comparison between 3D models is essential for shape recognition, retrieval, classification, etc. In this paper, we propose a method for comparing 3D shapes, which is invariant under translation, rotation and scaling of models and is robust to non-uniformly distributed and incomplete data sets. first, a modal model is constructed from input data using vibration modes and then shape similarity is evaluated with modal strain energy. The proposed method provides global-to-local ordering of shape deformation using vibration modes ordered by frequency Thus, we evaluated similarity in terms of global properties of shape without being affected localised shape features using ordered shape representation and modal strain one energy.

• Journal of Pharmaceutical Investigation
• /
• v.33 no.3
• /
• pp.245-253
• /
• 2003

Dissolution profile comparsions can be done by virtue of the similarity factor $(f_2)$. It is a logarithmic reciprocal square root transformation of the sum of squared error of % dissolution differences between two profiles at several time points. It gives information on the degree of similarity between the two profiles: An $f_2$ value between 50 and 100 suggests the similarity/equivalence of the two dissolution curves being compared. The objective of this report was to provide a careful examination on the $f_2$ metrics in detail. It was shown that $f_2$ values exceeded 50, when relative differences in % dissolved between two products were less than 15% at all time points. The similarity factor value was also found to be greater than 50, in cases when absolute % dissolution differences were below 10% at all time points. Interestingly, the $f_2$ value was changed by the number of the time points selected for calculation. In particular, $f_2$ tended to have higher values, when the $f_2$ metrics used a large number of time points in which % dissolved reached plateau. Finally, since the similarity factor was a sample statistics, it was impossible to infer type I/II errors and sampling error. Despite certain limitations inherited in the $f_2$ metrics, it was easy and convenient to evaluate how similar the two dissolution profiles were.

• The Journal of the Korea Contents Association
• /
• v.14 no.10
• /
• pp.32-40
• /
• 2014

While there is a great demand for malware classification to reduce the time required in malware analysis and find a new type of malware, various similarity measurement methods of malware to classify a lot of malwares have been proposed. But, the existing methods to measure similarity just represented the classification results by them and have not carried out performance comparison with other methods. This is because an evaluation model to compare the performance of similarity measurement methods is non-existent. In this paper, we propose a new performance evaluation model on similarity measurement methods of malware by using two indicators: success rate and degree of confidence. In addition, we compare and evaluate the performance of existing similarity measurement methods by using these two indicators.

• International journal of advanced smart convergence
• /
• v.5 no.2
• /
• pp.53-58
• /
• 2016

With the growing use of big data and data mining, it serves to understand how such techniques can be used to understand various relationships in the healthcare field. This study uses hierarchical methods of data analysis to explore similarities in hospitalization across several New York state counties. The study utilized methods of measuring crowding distance of data for age-specific hospitalization period. Crowding distance is defined as the longest distance, or least similarity, between urban cities. It is expected that the city of Clinton have the greatest distance, while Albany the other cities are closer because they are connected by the shortest distance to each step. Similarities were stronger across hospital stays categorized by age. Hierarchical clustering can be applied to predict the similarity of data across the 10 cities of hospitalization with the measurement of crowding distance. In order to enhance the performance of hierarchical clustering, comparison can be made across congestion distance when crowding distance is applied first through the application of converting text to an attribute vector. Measurements of similarity between two objects are dependent on the measurement method used in clustering but is distinguished from the similarity of the distance; where the smaller the distance value the more similar two things are to one other. By applying this specific technique, it is found that the distance between crowding is reduced consistently in relationship to similarity between the data increases to enhance the performance of the experiments through the application of special techniques. Furthermore, through the similarity by city hospitalization period, when the construction of hospital wards in cities, by referring to results of experiments, or predict possible will land to the extent of the size of the hospital facilities hospital stay is expected to be useful in efficiently managing the patient in a similar area.

• Korean Institute of Interior Design Journal
• /
• v.24 no.2
• /
• pp.32-41
• /
• 2015

We live in the era of unlimited design competition. As the importance of design is increasing in all areas including marketing, each country does its best effort on design development. However, the preparation on protecting interior design rights by intellectual property laws(IPLs) has not been enough even though they occupy an important place in the design field. It is not quite easy to make a judgement on the similarity between two images having a single common factor because the factors which are composed of interior design have complicated interactive relations between them. From the IPLs point of view, designs with the similar overall appearance are decided to be similar. Objective evaluation criteria not only for designers but also for design examiners and judges are required in order to protect interior design by the IPLs. The objective of this study is the analysis of the possibility that a computer algorithm method can be useful to decide the similarity of interior design images. According to this study, it is realized that the Img2 which is one of content-based image retrieval computer programs can be utilized to measure the degree of the similarity. The simulation results of three descriptors(CEDD, FCTH, JCD) in the Img2 showed the high degree of similar patterns compared with the results of perceptual judgment by observers. In particular, it was verified that the Img2 has high availability on interior design images with a high score of similarity below 60 which are perceptually judged by observers.

• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.1-8
• /
• 2020

The similarity detection to plagiarism or duplication of computer programs requires a different type of analysis methods and tools according to the programming language used in the implementation and the sort of code to be analyzed. In recent years, the similarity appraisal for the object code in the embedded system, which requires a considerable resource along with a more complicated procedure and advanced skill compared to the source code, is increasing. In this study, we described a method for analyzing the similarity of functional units in the assembly language through the conversion of object code using the reverse engineering approach, such as the reverse assembly technique to the object code. The instruction and operand table for comparing the similarity is generated by using the syntax analysis of the code in assembly language, and a tool for detecting the similarity is designed.