• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10b
• /
• pp.1389-1392
• /
• 2000

본 논문은 프로시저 내에서 데이터 토큰들간의 정보흐름을 모델링 하기 위해서 정보 흐름 그래프(IFG : Information Flow Graph)라고 하는 프로그램 표현 도구를 개발하였다. IFG는 기존 제어 흐름 그래프와는 달리 프로그램 내에서 관심 있는 변수 값의 변화 과정을 쉽게 탐색할 수 있고, 정보 흐름의 미세 변화를 잘 표현할 수 있으므로, 프로그램에 대한 이해를 증진시킬 수 있다.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.44-53
• /
• 2015

Control flow information is useful in the analysis and comparison of programs. Virtualization-obfuscation hides control structures of the original program by transforming machine instructions into bytecode. Direct examination of the resulting binary reveals only the structure of the interpreter. Recovery of the original instructions requires knowledge of the virtual machine architecture, which is randomly generated and hidden. In this paper, we propose a method to reconstruct original control flow using only traces generated from the obfuscated binary. We consider traces as strings and find an automaton that represents the strings. State transitions in the automaton correspond to the control transfers in the original program. We have shown the effectiveness of our method with commercial obfuscators.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2023.11a
• /
• pp.1247-1249
• /
• 2023

스마트 컨트랙트는 블록체인 상에서 실행되는 프로그램으로 복잡한 비즈니스 논리를 처리할 수 있다. 그러나 블록체인의 무결성과 조건에 따라 실행되는 특성을 이용한 악의적 사용으로 인하여 블록체인 보안에서 시급한 문제가 되고있다. 따라서 스마트 컨트랙트 취약성 탐지문제는 최근 많은 연구가 이루어지고 있다. 그러나 기존 연구의 대부분이 단일 유형의 취약성 여부에 대한 탐지에만 초점이 맞춰져 있어 여러 유형의 취약성에 대한 동시 식별이 어렵다. 이 문제를 해결하고자 본 연구에서는 스마트 컨트랙트 소스코드 제어 흐름 그래프를 기반으로 그래프의 forward edge와 backward edge를 고려한 신경망으로 그래프 구조를 학습한 후 그래프 multi-label classification을 진행하여 다중 취약성을 탐지할 수 있는 모델을 제안한다.

• Journal of the Korea Society of Computer and Information
• /
• v.1 no.1
• /
• pp.147-158
• /
• 1996

This paper proposed a concurrency control structure based on specialized data flow graphs that was analysed a run-time concurrency control activity to be integrated with the task scheduler Data were viewed as flowing on the arcs from one node to another in a stream of discrete to tokens. The network that Is based upon the Entity-Relationship model, can be viewed a fixed problems used query tokens as a data flow graph. The performance was measured used in the various expriments compared the overall performance of the different concurrency control methods, DBFG (DataBase Flow graphs) scheduling had the knowledge to obtain better performance than 2PL in a distributed environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.04a
• /
• pp.424-427
• /
• 2009

소프트웨어 버스마크는 프로그램을 식별하는데 사용될 수 있는 프로그램의 고유한 특징을 말한다. 본 논문에서는 자바 메소드의 제어 흐름 그래프 유사도에 기반한 자바 버스마크를 제안한다. 제어 흐름 그래프 유사도는 노드의 유사도와 에지의 유사도로 나누어 계산하였다. 노드의 유사도는 인접 노드의 유사도를 함께 고려했으며, 에지 유사도는 이미 매칭된 노드들 사이의 거리를 측정하는 방법을 사용했다. 본 논문에서 제안한 버스마크를 평가하기 위해서 서로 다른 프로그램을 구별할 수 있는 신뢰도와 프로그램 최적화나 난독화에 견딜 수 있는 강인도에 대한 실험을 하였다. 실험 결과로부터 본 논문에서 제안하는 버스마크가 기존의 정적 버스마크보다 신뢰도가 높으면서도 난독화나 컴파일러 변경에 강인하다는 것을 확인하였다.

• The KIPS Transactions:PartD
• /
• v.15D no.2
• /
• pp.197-206
• /
• 2008

The CTOC framework was implemented to efficiently perform analysis and optimization of the Java bytecode that is often being used lately. In order to analyze and optimize the bytecode from the CTOC, the eCFG was first generated. Due to the bytecode characteristics of difficult analysis, the existing bytecode was expanded to be suitable for control flow analysis, and the control flow graph was drawn. We called eCFG(extended Control Flow Graph). Furthermore, the eCFG was converted into the SSA Form for a static analysis. Many loops were found in the conversion program. The previous CTOC performed conversion directly into the SSA Form without processing the loops. However, processing the loops prior to the SSA Form conversion allows more efficient generation of the SSA Form. This paper examines the process of finding the loops prior to converting the eCFG into the SSA Form in order to efficiently process the loops, and exhibits the procedures for generating the loop tree.

• The Journal of the Korea Contents Association
• /
• v.6 no.1
• /
• pp.160-169
• /
• 2006

This paper describes the data structure for program analysis and optimization of bytecode level. First we create an extended CFG(Control Flow Graph). Because of the special properties of bytecode, we must adaptively extend the existing control flow analysis techniques. We build basic blocks to create the CFG and create various data that can be used for optimization. The created CFG can be tested for comprehension and maintenance of Java bytecode, and can also be used for other analyses such as data flow analysis. This paper implements CTOC's CTOC-BR(CTOC-Bytecode tRanslator) for control flow analysis of bytecode level. CTOC(Classes To Optimized Classes) is a Java bytecode framework for optimization and analysis. This paper covers the first part of the CTOC framework. CTOC-BR is a tool that converts the bytecode into tree form for easy optimization and analysis of bytecode in CTOC.

• The Journal of the Korea Contents Association
• /
• v.10 no.5
• /
• pp.70-79
• /
• 2010

We perform static program analysis for the binary code. The reason you want to analyze at the level of binary code, installed on your local computer, run the executable file without source code. And the reason we want to perform static analysis, static program analysis is to understand what actions to perform on your local computer. In this paper, execution flow graph representing information such as the execution order among functions and the flow of control is generated. Using graph, User can find execution flow of binary file and calls of insecure functions at the same time, and the graph should facilitate the analysis of binary files. In addition, program to be run is ensured the safety by providing an automated way to search the flow of execution, and program to be downloaded and installed from outside is determined whether safe before running.

• The KIPS Transactions:PartA
• /
• v.9A no.3
• /
• pp.351-362
• /
• 2002

Along with an asynchronous finite state machine, in short AFSM, a signal transition graph, in short STG, is one of the most widely used behavioral description languages for asynchronous controllers. Unfortunately, STGs are not user-friendly, and thus it is very unwieldy and time consuming for system designers to conceive and describe manually the behaviors of a number of asynchronous controllers which constitute an asynchronous control unit for a target system in the form of STGs. In this paper, we suggest an automatic STG derivation method through a process-oriented method. Since the suggested method considers special properties of STG-based asynchronous logic synthesis very carefully, asynchronous controllers which are synthesized from STGs derived through the suggested method are superior in aspects of area, synthesis time, performance and implementability compared to those obtained through previous methods.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.1
• /
• pp.153-160
• /
• 2008

This paper shows the maximum data flow utilizing the Weight Bipartite Graph Matching system. The Weight Bipartite Graph Matching system sets the data transmission as edges and guides the maximum data flow on the set server and the client. The proposed Weight Bipartite Graph Matching system implements the multi-user interface video conference system. By sending max data to the server and having the client receive the max data, the non-continuance of the motion image frame, the bottleneck phenomenon, and the broken images are prevented due to the excellent capacity. The experiment shows a two-times better excellency than that of the previous flow control.