• The KIPS Transactions:PartA
• /
• v.16A no.6
• /
• pp.453-462
• /
• 2009

Studies on software plagiarism detection, prevention and judgement have become widespread due to the growing of interest and importance for the protection and authentication of software intellectual property. Many previous studies focused on comparing all pairs of submitted codes by using attribute counting, token pattern, program parse tree, and similarity measuring algorithm. It is important to provide a clear-cut model for distinguishing plagiarism and collaboration. This paper proposes a source code clustering algorithm using a probability model on extreme value distribution. First, we propose an asymmetric distance measure pdist($P_a$, $P_b$) to measure the similarity of $P_a$ and $P_b$ Then, we construct the Plagiarism Direction Graph (PDG) for a given program set using pdist($P_a$, $P_b$) as edge weights. And, we transform the PDG into a Gumbel Distance Graph (GDG) model, since we found that the pdist($P_a$, $P_b$) score distribution is similar to a well-known Gumbel distribution. Second, we newly define pseudo-plagiarism which is a sort of virtual plagiarism forced by a very strong functional requirement in the specification. We conducted experiments with 18 groups of programs (more than 700 source codes) collected from the ICPC (International Collegiate Programming Contest) and KOI (Korean Olympiad for Informatics) programming contests. The experiments showed that most plagiarized codes could be detected with high sensitivity and that our algorithm successfully separated real plagiarism from pseudo plagiarism.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.287-290
• /
• 2010

오늘날 모바일 시장을 중심으로 다양한 플랫폼이 등장하면서 모바일 어플리케이션 개발 시 여러 플랫폼을 고려해야 하는 부담이 증대되고 있다. 이러한 상황에서 Model-Driven Development(MDD) 는 멀티플랫폼에 대응하는 어플리케이션 개발의 효율성을 높여줄 수 있다. 하지만 이 기법을 이용하는 대다수의 연구 결과들은 해당 방법론을 통해 생성된 결과물의 질을 객관적으로 평가할 수 없고, 이 때문에 해당 방법론의 성능 평가가 힘들다. 본 연구에서는 대상 플랫폼들이 제공하는 API 를 분석한 결과에 근거하여 공통 요소를 추출하고 이를 이용하여 MDD 기반으로 개발을 진행할 수 있는 개발 프로세스를 소개하고, 이를 통해 생성된 소스 코드의 기능적 유사도 및 코드 생성률과 기능적 유사도를 평가할 수 있는 방법을 제안한다. 이 방법은 코드를 AST 로 바꾸고 API 맵핑 테이블에 근거하여 동일한 키워드로 변환하고 유사도를 측정하여 설계 시 의도한 기능이 얼마나 잘 코드로 생성되었는 지 평가할 수 있는 방법이다. 본 연구에서는 이 방법을 이용하여 생성된 코드의 기능적 유사도와 코드 생성률을 측정하였다.

• Journal of Software Assessment and Valuation
• /
• v.15 no.1
• /
• pp.55-62
• /
• 2019

The needs for small size and low power consumption of information devices is being implemented with SOC technology that implements the program on a single chip in Internet of Thing. Copyright disputes due to piracy are increasing in semiconductor chips as well, arising from disputes in the chip implementation of the design house and chip implementation by the illegal use of the source code. However, since the final chip implementation is made in the design house, it is difficult to protect the copyright. In this paper, we deal with the analysis method for extracting similarity and the criteria for setting similarity judgment in the dispute of source code written in HDL language. Especially, the chip which is manufactured based on the same specification will be divided into the same configuration and the code type.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.45-54
• /
• 2006

Nowadays, a lot of techniques have been applied for the detection of malicious behavior. However, the current techniques taken into practice are facing with the challenge of much variations of the original malicious behavior, and it is impossible to respond the new forms of behavior appropriately and timely. There are also some limitations can not be solved, such as the error affirmation (positive false) and mistaken obliquity (negative false). With the questions above, we suggest a new method here to improve the current situation. To detect the malicious code, we put forward dealing with the basic source code units through the conceptual graph. Basically, we use conceptual graph to define malicious behavior, and then we are able to compare the similarity relations of the malicious behavior by testing the formalized values which generated by the predefined graphs in the code. In this paper, we show how to make a conceptual graph and propose an efficient method for similarity measure to discern the malicious behavior. As a result of our experiment, we can get more efficient detection rate.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.11
• /
• pp.473-478
• /
• 2022

Evaluation learning based on code testing is becoming a popular solution in programming education via Online judge(OJ). In the recent past, many papers have been published on how to detect plagiarism through source code similarity analysis to support OJ. However, deep learning-based research to support automated tutoring is insufficient. In this paper, we propose Input & Output side FiLM models to predict whether the input code will pass or fail. By applying Feature-wise Linear Modulation(FiLM) technique to GRU, our model can learn combined information of Java byte codes and problem information that it tries to solve. On experimental design, a balanced sampling technique was applied to evenly distribute the data due to the occurrence of asymmetry in data collected by OJ. Among the proposed models, the Input Side FiLM model showed the highest performance of 73.63%. Based on result, it has been shown that students can check whether their codes will pass or fail before receiving the OJ evaluation which could provide basic feedback for improvements.

• Journal of KIISE
• /
• v.44 no.10
• /
• pp.1019-1025
• /
• 2017

Binary similarity analysis is used in vulnerability analysis, malicious code analysis, and plagiarism detection. Proving that a function is equal to a well-known safe functions of different versions through similarity analysis can help to improve the efficiency of the binary code analysis of malicious behavior as well as the efficiency of vulnerability analysis. However, few studies have been carried out on similarity analysis of the same function of different versions. In this paper, we analyze the similarity of function units through various methods based on extractable function information from binary code, and find a way to analyze efficiently with less time. In particular, we perform a comparative analysis of the different versions of the OpenSSL library to determine the way in which similar functions are detected even when the versions differ.

• KIPS Transactions on Software and Data Engineering
• /
• v.2 no.5
• /
• pp.319-328
• /
• 2013

Software maintainers try to comprehend software source code by intensively using source code identifiers. Thus, use of inconsistent identifiers throughout entire source code causes to increase cost of software maintenance. Although participants can adopt peer reviews to handle this problem, it might be impossible to go through entire source code if the volume of code is huge. This paper introduces an approach to automatically detecting inconsistent identifiers of Java source code. This approach consists of tokenizing and POS tagging all identifiers in the source code, classifying syntactic and semantic similar terms, and finally detecting inconsistent identifiers by applying proposed rules. In addition, we have developed tool support, named CodeAmigo, to support the proposed approach. We applied it to two popular Java based open source projects in order to show feasibility of the approach by computing precision.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07b
• /
• pp.916-918
• /
• 2005

표절이란 원본 자료의 출처를 밝히지 않고 사용하는 행위인데, 프로그램 표절은 표절로 의심되는 유사 소스코드를 말한다. 프로그램 표절을 검출하는 방법은 소스코드의 토큰 요약 후 비교하거나 단어와 키워드의 개수를 측정해 통계적으로 비교, 계산하거나 또는 프로그램의 구문구조를 비교하는 등 여러 접근 방법이 있다. 본 조사 보고서에서는 프로그램 표절 검출 방법 및 응용 도구에 대한 최근 연구 동향을 조사하여 정리하고 향후 발전 방향을 토론한다.

• Journal of The Korean Association of Information Education
• /
• v.11 no.1
• /
• pp.91-98
• /
• 2007

Plagiarism is a serious problem in school education due to current technologies such as the internet and word processors. This paper presents how to detect source code plagiarism using similarity based on string comparison methods. The main contribution is to use hierarchical agglomerative clustering technique to classify plagiarism groups, which are then visualized as a dendrogram. Graders can set an empirical threshold to the dendrogram to navigate plagiarism groups. We evaluated the performance of the presented method with a real world data. The result showed the usefulness and applicability of this method.

• Review of KIISC
• /
• v.21 no.7
• /
• pp.23-29
• /
• 2011

2010년에 최초로 발견된 스턱스넷(Stuxent)은 2011년 한해 동안 보안업계 사이에서 많은 논란이 되었다. 이는 악성코드가 사이버 무기가 될 수 있다는 가능성을 현실로 만들었고, 기술적으로도 현존하는 악성코드의 모든 기술이 포함 될 정도로 정교하고 복잡한 것으로 평가받고 있다. 특히 2011년에는 스턱스넷의 소스코드 일부가 공개되어 스턱스넷의 두 번째 버전으로 알려진 변형 Duqu가 나타나기도 하여 변형에 따른 공격 우려도 높아지고 있다. 이번 논문에서는 과거 발생한 스턱스넷을 알아보고 유사한 사이버 공격에 대비하기 위한 대응 방안도 함께 살펴 볼 예정이다.