• Title/Summary/Keyword: 메모리 참조 오류

Search Result 4, Processing Time 0.021 seconds

A Method of Detecting Pointer Access Error based on Disassembled Codes (역어셈블에 기반한 포인터 참조 오류 검출 방법)

  • Kim, Hyunsoo;Kim, Byeong Man;Huh, Nam Chul;Shin, Yoon Sik
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.20 no.5
    • /
    • pp.13-23
    • /
    • 2015
  • This thesis proposes a method for effectively detecting memory errors with low occurrence frequency that may occur depending on runtime situation by analyzing assembly codes obtained by disassembling an executable file. When applying the proposed method to various programs having no compilation error, a total of about 750 potential errors taken about 90 seconds are detected among 1 million lines of assembly codes corresponding to a total of about 10 thousand functions.

Design and Implementation of Retargetable Software Debugger based on GDB (GDB 기반의 재목적 소프트웨어 디버거 설계 및 구현)

  • Ji, Jung-Hoon;Lee, Gun-Woo;Woo, Gyun
    • Annual Conference of KIPS
    • /
    • 2007.11a
    • /
    • pp.538-541
    • /
    • 2007
  • 최근 SoC 기술이 발달하면서, 내장형 시스템을 위한 프로세서 개발이 활발해졌다. 새로운 프로세서가 개발되면, 운영체제 및 소프트웨어 개발을 위해 컴파일러 및 디버거가 필요하다. 컴파일러는 소스코드를 타겟 프로세서에서 실행 가능한 목적파일로 변환하고, 디버거는 프로그램의 개발에서 오류를 찾기 위한 도구로 소프트웨어 개발에 매우 중요한 도구들이다. 본 논문에서는 KAIST에서 개발하는 32bit 프로세서인 Core-A를 위한 소프트웨어 디버거를 설계 및 구현한다. Core-A용 디버거는 공개 소스 디버거 시스템인 GDB를 참조모델로 했으며, 레지스터와 메모리 맵과 같은 프로세서 종속적인 부분을 확장하고 외부 인터페이스 모듈과 같은 프로세스 독립적인 모듈은 재사용함으로써 개발기간을 단축시켰다. 그리고 Core-A용 디버거의 검증을 위해 상용 디버거 시스템인 ARM용 AXD 디버거와 비교 실험을 진행하였다.

A Structural Approach to On-line Signature Verification (구조적 접근방식의 온라인 자동 서명 겁증 기법)

  • Kim, Seong-Hoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.10 no.4 s.36
    • /
    • pp.385-396
    • /
    • 2005
  • In this paper, a new structural approach to on-line signature verification is presented. A primitive pattern is defined as a part segmented by a local minimal position of speed. And a structural description of signature is composed of subpatterns which are defined as such forms as rotation shape, cusp shape and bell shape, acquired by composition of the primitives regarding the directional changes. As the matching method to find identical parts between two signatures, a modified DP(dynamic programming) matching algorithm is presented. And also, variation and complexity of local parts are computed from the training samples, and reference model and decision boundary are derived from these. Error rate, execution time and memory usage are compared among the functional approach, the parametric approach and the proposed structural approach. It is found that the average error rate can be reduced from 14.2% to 4.05% when the local parts of a signature are weighted and the complexity is used as a factor of decision threshold. Though the error rate is similar to that of functional approaches. time consumption and memory usage of the proposed structural approach are shown to be very effective.

  • PDF

Security Verification of Korean Open Crypto Source Codes with Differential Fuzzing Analysis Method (차분 퍼징을 이용한 국내 공개 암호소스코드 안전성 검증)

  • Yoon, Hyung Joon;Seo, Seog Chung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.6
    • /
    • pp.1225-1236
    • /
    • 2020
  • Fuzzing is an automated software testing methodology that dynamically tests the security of software by inputting randomly generated input values outside of the expected range. KISA is releasing open source for standard cryptographic algorithms, and many crypto module developers are developing crypto modules using this source code. If there is a vulnerability in the open source code, the cryptographic library referring to it has a potential vulnerability, which may lead to a security accident that causes enormous losses in the future. Therefore, in this study, an appropriate security policy was established to verify the safety of block cipher source codes such as SEED, HIGHT, and ARIA, and the safety was verified using differential fuzzing. Finally, a total of 45 vulnerabilities were found in the memory bug items and error handling items, and a vulnerability improvement plan to solve them is proposed.