• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.490-491
• /
• 2014

쿠쿠 샌드박스(Cuckoo Sandbox)는 가상머신을 이용해 악성코드를 자동으로 동적 분석할 수 있는 도구이다. 우선 악성코드의 MD5값을 이용하여 VirusTotal을 이용해 종류를 분류하고, 쿠쿠 샌드박스로 악성코드 동적을 분석하여 결과파일을 이용해 악성코드에서 호출한 API들에 대한 정보를 추출하고, 다양한 종류별 악성코드 그룹에 대해서 API빈도를 종합하고, 또한 다른 종류군의 악성코드 그룹과 API 빈도를 비교해 특정 종류의 악성코드 그룹에 대한 특징적인 API를 찾아내어 향후 이런 특징 API들을 이용해 악성코드의 종류를 자동으로 판정하기 위한 방법을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.04a
• /
• pp.429-430
• /
• 2014

쿠쿠 샌드박스(Cuckoo Sandbox)는 가상머신을 이용해 악성코드를 효율적으로 분석할 수 있는 도구이다. 가상머신에서 동작하기 때문에 악성코드에 거상머신 탐지기법(VM Detect)이 있다면, 분석을 하는데 어려움이 있다. 이러한 경우 악성코드를 분석하기 위해 실머신 기반에서 분석이 가능하도록 구현하고, 구현 과정에서 메모리 덤프(Memory Dump)문제가 존재한다. 이전 방식은 가상머신 소프트웨어들이 메모리 덤프 파일을 따로 만들고 해당 파일을 분석하였지만, 실머신에서는 메모리파일을 따로 가지지 않는다. 이러한 문제를 해결하기 위해 실머신에서는 어떻게 메모리덤프 문제를 해결할 수 있는지를 알아보고 덤프를 하였을 때, 가상머신과 실머신에서 어떤 차이점이 나타나는지 알아보고자 한다.

• Journal of the Korean Geotechnical Society
• /
• v.19 no.5
• /
• pp.253-261
• /
• 2003

Mechanical behavior of composition pound improved by sand compaction pile (SCP) with low replacement area ratio could be more significantly affected by mechanical interaction between sand piles and clays than that of clay ground improved by SD or SCP with high replacement area ratio. It is essential to elucidate the mechanical interaction in the improved clay ground, in order to accurately estimate behavior in reducing settlement of the improved ground and increasing strength of clays. In this paper, through a series of model tests of composition ground improved by SCP with low replacement area ratio, each mechanical behaviors of sand piles and clays in the composition ground during consolidation was elucidated, together with stress sharing behavior between sand piles and clays.

• Journal of the Korean Geotechnical Society
• /
• v.21 no.5
• /
• pp.45-50
• /
• 2005

Sand pile method, such as sand drain method and sand compaction pile method, has been popularly used as an improved method for soft clay grounds. The effect of accelerating consolidation of soft clay grounds has been evaluated with Barren's solution. The consolidation behavior of soft clay ground with sand piles strongly depends on both the nonlinear mechanical interaction between sand piles and surrounding clays and the degradation permeability of clays. In this paper a method of determining consolidation parameters of soft clay ground with sand drains by using Barren's solution was proposed through a series of numerical simulations. Through the method, the change in both volume compressibility and permeability during consolidation was reasonably evaluated.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.2
• /
• pp.87-94
• /
• 2017

Microsoft Office is an office suite of applications developed by Microsoft. Recently users with malicious intent customize Office files as a container of the Malware because MS Office is most commonly used word processing program. To attack target system, many of malicious office files using a variety of skills and techniques like macro function, hiding shell code inside unused area, etc. And, people usually use two techniques to detect these kinds of malware. These are Signature-based detection and Sandbox. However, there is some limits to what it can afford because of the increasing complexity of malwares. Therefore, this paper propose methods to detect malicious MS office files in Computer forensics' way. We checked Macros and potential problem area with structural analysis of the MS Office file for this purpose.

• Proceedings of the Korea Committee for Ocean Resources and Engineering Conference
• /
• 2004.11a
• /
• pp.51-56
• /
• 2004

The sand compaction pile (SCP) method, which forms a composite ground by driving sand piles into clay deposit, is the most commonly used soil improvement techniques in many countries for more than 30 years. Installation of sand compaction piles reduces the amount of consolidation settlement and increases the bearing capacity of soft clay deposit. In this paper, field survey conducted to investigated the consolidation behavior of the composite ground improved by SCPs. It is suggested that the measured consolidation velocity is later than design theory, however measured consolidation settlement is higher than design theory.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.1089-1092
• /
• 2002

인터넷의 급속한 성장으로 인하여 메일을 이용하는 사용자가 급격히 증가하고있다. 따라서 메일 서버를 운영하는 관리자는 메일 분석에 대한 전문적인 로그 분석 도구들을 점차 요구하게 되었다. 현재 시중에 샌드메일 로그 분석에 관한 여러 구현된 상용 제품들이 있으나 단순한 통계 정보만을 제공하거나 특정 제품에만 맞도록 구현되었다. 이 논문에서는 시스템 로그 파일만을 분석하여 메일에 대한 상세한 통계 정보를 제공하는 웹 기반의 메일 분석 도구의 전체 설계 구조 및 구현 결과에 대해서 살펴보고자 한다.

• Journal of Platform Technology
• /
• v.9 no.3
• /
• pp.3-17
• /
• 2021

Advanced persistent threat (APT) attacks are attacks aimed at a particular entity as a set of latent and persistent computer hacking processes. These APT attacks are usually carried out through various methods, including spam mail and disguised banner advertising. The same name is also used for files, since most of them are distributed via spam mail disguised as invoices, shipment documents, and purchase orders. In addition, such Infostealer attacks were the most frequently discovered malicious code in the first week of February 2021. CDR is a 'Content Disarm & Reconstruction' technology that can prevent the risk of malware infection by removing potential security threats from files and recombining them into safe files. Gartner, a global IT advisory organization, recommends CDR as a solution to attacks in the form of attachments. There is a program using CDR techniques released as open source is called 'Dangerzone'. The program supports the extension of most document files, but does not support the extension of HWP files that are widely used in Korea. In addition, Gmail blocks malicious URLs first, but it does not block malicious URLs in mail systems such as Naver and Daum, so malicious URLs can be easily distributed. Based on this problem, we developed a 'Dangerzone' program that supports the HWP extension to prevent APT attacks, and a Chrome extension that performs URL checking in Naver and Daum mail and blocking banner ads.

• Journal of the Korean GEO-environmental Society
• /
• v.5 no.1
• /
• pp.5-12
• /
• 2004

Soft foundation is extensively distributed in coastal areas including our local regions. Embankment load on such soft foundation causes displacement due to lack of base ground supports. Long-term consolidation can result in settlement and destruction of shear failure and structure. Therefore, a variety of vertical drain methods are applied to construction sites to prevent base from breaking and changing for secure construction. This study analyzed the patterns of changes displacement to determine efficient range of improvement since range of vertical drain material determines vertical and horizontal changes based on the width range of under ground improvement. Changes of intensity with distance from embankment edge were also analyzed in the field study of embankment slope.

• Journal of the Korean Geotechnical Society
• /
• v.19 no.5
• /
• pp.301-310
• /
• 2003

In order to design accurately sand compaction pile (SCP) method with low replacement area ratio, it is important to understand the mechanical interaction between sand piles and clays and its mechanism during consolidation process of the composition ground. In this paper, a series of numerical analyses on composition ground improved by SCP with low replacement area ratio were carried out, in order to investigate the mechanical interaction between sand piles and clays. The applicability of numerical analyses, in which an elasto-viscoplastic consolidation finite element method was applied, could be confirmed comparing with results of a series of model tests on consolidation behaviors of composition ground improved by SCP. And, through the results of the numerical analyses, each mechanical behavior of sand piles and clays in the composition ground during consolidation was elucidated, together with stress sharing mechanism between sand piles and clays.