• Journal of Platform Technology
• /
• v.11 no.2
• /
• pp.39-53
• /
• 2023

Non-installation program (hereinafter referred to as "portable program") is a program that can be used without an installation process, unlike general software. Since there is no separate installation process, portable programs have high mobility and are used in various ways. For example, when initial setup of multiple PCs is required, a portable program can be stored on one USB drive to perform initial setup. Alternatively, when a problem occurs with the PC and it is difficult to boot normally, Windows PE can be configured on the USB drive and portable programs can be stored for PC recovery. And the portable program does not directly affect PC settings, such as changing registry values, and does not leave a trace. This means that the portable program has high security. If a portable program is deleted after using it, it is difficult to analyze behavior in a general way. If a user used a portable program for malicious behavior, analysis in a general way has limitations in collecting evidence. Therefore, portable programs must have a new way of behavioral analysis that is different from ordinary installation software. In this paper, after installing the Windows 10 operating system on a virtual machine, we proceed with the scenario with a portable program of Opera and Notepad++. And we analyze this in various ways such as file analysis of the operating system and memory forensics, collect information such as program execution time and frequency, and conduct specific behavioral analysis of user.

• Nuclear Medicine and Molecular Imaging
• /
• v.43 no.5
• /
• pp.443-450
• /
• 2009

Purpose: Conventional image reconstruction uses simplified physical models of projection. However, real physics, for example 3D reconstruction, takes too long time to process all the data in clinic and is unable in a common reconstruction machine because of the large memory for complex physical models. We suggest the realistic distributed memory model of fast-reconstruction using parallel processing on personal computers to enable large-scale technologies. Materials and Methods: The preliminary tests for the possibility on virtual manchines and various performance test on commercial super computer, Tachyon were performed. Expectation maximization algorithm with common 2D projection and realistic 3D line of response were tested. Since the process time was getting slower (max 6 times) after a certain iteration, optimization for compiler was performed to maximize the efficiency of parallelization. Results: Parallel processing of a program on multiple computers was available on Linux with MPICH and NFS. We verified that differences between parallel processed image and single processed image at the same iterations were under the significant digits of floating point number, about 6 bit. Double processors showed good efficiency (1.96 times) of parallel computing. Delay phenomenon was solved by vectorization method using SSE. Conclusion: Through the study, realistic parallel computing system in clinic was established to be able to reconstruct by plenty of memory using the realistic physical models which was impossible to simplify.