• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.404-406
• /
• 2003

C언어는 포인터형 변수를 제공하며 배열의 경계를 인식하지 않는다. 이러한 특성에서 기인한 버퍼넘침 (buffer overflew)은 널리 알려진 취약점으로서 보안침해 수단으로 널리 악용되고 있다. 이 문제를 해결하기 위한 한 방법으로 오용탐지기술은 버퍼넘침에 공통적으로 사용되는 시그너쳐(Signature)를 가지고 클라이언트(client)가 전송한 패킷을 검사함으로서 고전적인 버퍼넘침을 탐지하고 있다. 본 논문에서는 이러한 탐지 방법을 우회할 수 있는 보다 위협적이고 지능적인 보안침해 가능성을 제시한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2000.10a
• /
• pp.653-655
• /
• 2000

버퍼넘침(buffer overflow)은 특정 프로그램 언어에서 발생하는 배열의 경계파괴 현상을 말한다. 그 대표적인 언어로서 C/C++을 들 수 있는데, 이들 언어는 기본적으로 스트링(문자열)을 정의함에 있어서 크기속성을 배제하고 끝을 의미하는 종료문자(delimiter character, NULL)을 사용함으로써 배열(버퍼)의 경계침범 가능성을 허용하고 있다. 이때 스택영역에 할당된 버퍼가 넘침다면, 주변에 위치한 지역변수, 레지스터 보관, 복귀주소 등의 값이 변질되어 원래의 의도된 제어흐름을 보장할 수 없게 된다. 특히 복귀주소 부분을 의도적으로 침범하여 특정 값을 덮어쓸 수 있다면 해당 프로그램의 동작을 인위적으로, 그리고 자유롭게 변경할 수 있게 된다. 본 논문에서는 이와 같은 스택영역에서의 버퍼넘침을 사용한 제어흐름 변경 해킹기법의 과정을 현존하는 UNIX 시스템 및 C/C++ 언어를 이용하여 살펴보고 대응방향을 모색한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.129-132
• /
• 2000

버퍼넘침(buffer overflow)은 특정 프로그램 언어에서 발생하는 배열의 경계파괴 현상을 말한다. 그 대표적인 언어로서 C/C++을 들 수 있는데. 이들 언어는 기본적으로 스트링(문자열)을 정의함에 있어서 크기속성을 배제하고 끝을 의미하는 종료문자(delimiter character. NULL)를 사용함으로써 배열(버퍼)의 경계침범 가능성을 허용하고 있다. 이 때 스택영역에 할당된 버퍼가 넘친다면, 주변에 위치한 지역변수, 레지스터 보관, 복귀주소 둥의 값이 변질되어 원래의 의도된 제어흐름을 보장할 수 없게 된다. 특히 복귀주소 부분을 의도적으로 침범하여 특정 값을 덮어쓸 수 있다면 해당 프로그램의 동작을 인위적으로, 그리고 자유롭게 변경할 수 있게 된다. 본 논문에서는 이와 같은 스택영역에서의 버퍼넘침을 사용한 제어흐름 변경 해킹기법의 과정을 현존하는 UNIX 시스템 및 C/C++ 언어를 이용하여 살펴보고 대응방향을 모색한다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.7 no.6
• /
• pp.703-714
• /
• 2001

In C language, a local buffer overflow in stack can destroy control information stored near the buffer. In case the buffer overflow is used maliciously to overwrite the stored return address, the system is exposed to serious security vulnerabilities. This paper analyzes the process of buffer overflow hacking and methodologies to avoid the attacks in details. And it proposes a device of static buffer overflow detection by using function summary and tracking information flow of buffer domain at assembly source code level(SASS, Static Assembly Source code Scanner) and then show the feasibility and validity of it by implementing a prototype in Pentium based Linux environment.

• The KIPS Transactions:PartC
• /
• v.9C no.4
• /
• pp.453-458
• /
• 2002

Recently, the number of hacking, that use buffer overflow vulnerabilities, are increasing. Although the buffer overflow Problem has been known for a long time, for the following reasons, it continuos to present a serious security threat. There are three defense method of buffer overflow attack. First, allow overwrite but do not allow unauthorized change of control flow. Second, do not allow overwriting at all. Third, allow change of control flow, but prevents execution of injected code. This paper is for allowing overwrites but do not allow unauthorized change of control flow which is the solution of extending compiler. The previous defense method has two defects. First, a program company with overhead because it do much thing before than applying for the method In execution of process. Second, each time function returns, it store return address in reserved memory created by compiler. This cause waste of memory too much. The new proposed method is to extend compiler, by processing after compiling and linking time. To complement these defects, we can reduce things to do in execution time. By processing additional steps after compile/linking time and before execution time. We can reduce overhead.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.23 no.4
• /
• pp.940-949
• /
• 1998

The paper proposes an effective mechanism hiring the adaptive buffer control schemes on the mobile seceiver's side that can resolve the problems of delay spikes caused by the handover process onthe cell boundaries when they transmit real-time moving images through the high speed wireless channels. to confirm the effectiveness of the proposed schemes, we have modeled the characteristics of the random errors on the wireless channels, the burst errors and that of the transmission delay by the handover. We also compared the rate of the delay-adaptation of the receive buffers caused by the delay and delay spikes. the comparison was done by testing the suggested schemes against the existing schemes by applying tehm to the packet delay model. We also could identify the noticable reduction of the casesof buffer delay and overflow compared with the conventional schemes, by applying the suggested algorithm to the video image compressed by H.263.

• The KIPS Transactions:PartB
• /
• v.11B no.6
• /
• pp.625-632
• /
• 2004

Since the H.264 encoding adopts both forward prediction and hi-direction prediction modes and exploits Variable Length Coding(VLC), the amount of data generated from video encoder varies as Flaying time goes by. The fixed bit rate encoding system which has limited transmission channel capacity uses a buffer to control output bitstream It's necessary to control the bitstream to maintain within manageable range so as to protect buffer from overflow or underflow. With existing bit amount control algorithms, the $\lambda_{MODE}$ which is relationship between distortion value and quantization parameter often excesses normal value to end up with video error. This paper proposes an algorithm to protect buffer from overflow or underflow by introducing a new quantization parameter against distortion value of H.264 video data. The test results of 6 exemplary data show that the proposed algorithm has the same PSNR as and up to 8% reduced bit rate against existing algorithms.

• The KIPS Transactions:PartC
• /
• v.8C no.6
• /
• pp.693-702
• /
• 2001

One of the major characteristics of C language is that it allows us to use pointer type variables to access any area of virtual address space. So, we can read/write/execute from/to virtual memory area not controlled delicately by operating system. We can access such memory area by using format string and it can be a vulnerability of C language from the point of secure programming. In this paper, we analyze in detail the process of security attack based on format string and then exploit a new virus style attack which is stepwise and durable with some actual scenarios to warn the severity of it, and grope for some preliminary responding actions.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.2C
• /
• pp.315-323
• /
• 2004

In this paper we present a method to generate the bit stream of static video test patterns for testing the picture quality in DTV system. The proposed user-defined quantization table is suitable for the static video test pattern and for minimizing the deterioration of picture quality by quantization, the underflow or overflow of video buffer generated on the process of coding the static video test pattern is compensated by a adaptive zero stuffing algorithm so that optimal picture quality is implemented. Experimental result showed that the test pattern stream encoded by MPEG-2 software with the proposed algorithm had a stable bit rate and good video quality during the decoding process, which is about 3 dB higher than that of the conventional case.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.24 no.9B
• /
• pp.1742-1754
• /
• 1999

In this paper, we propose a rate control scheme, using histogram based rate-distortion (R-D) estimation, which produces a consistent picture quality between consecutive frames. The histogram based R-D estimation used in our rate control scheme offers a closed-form mathematical model that enable us to predict the bits and the distortion generated from an encoded frame at a given quantization parameter (QP) and vice versa. The most attractive feature of the R-D estimation is low complexity of computing the R-D data because its major operation is just to obtain a histogram or weighted histogram of DCT coefficients from an input picture. Furthermore, it is accurate enough to be applied to the practical video coding. Therefore, the proposed rate control scheme using this R-D estimation model is appropriate for the applications requiring low delay and low complexity, and controls the output bit-rate ad quality accurately. Our rate control scheme ensures that the video buffer do not underflow and overflow by satisfying the buffer constraint and, additionally, prevents quality difference between consecutive frames from exceeding certain level by adopting the distortion constraint. In addition, a consistent considering the maximum tolerance BER of the voice service. Also in Rician fading channel of K=6 and K=10, considering CLP=$10^{-3}$ as a criterion, it is observed that the performance improment of about 3.5 dB and 1.5 dB is obtained, respectively, in terms of $E_b$/$N_o$ by employing the concatenated FEC code with pilot symbols.