• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1331-1345
• /
• 2017

Binary instrumentation has been developed for monitoring and debugging executables without their source codes. Previous efforts on the binary instrumentation are mainly focused on its capability and accuracy, but not on efficiency for practical application. In particular, criteria and measurement methodologies for evaluating and comparing the efficiency of binary investigation tools and algorithms do not estimated yet. In this paper, we propose the instrumentation primitives which are a unit functionality and measurement methodology. Through the empirical experiments by adopting the proposed methodology on DynamoRIO and Pin, we show the feasibility of the proposal.

• Journal of Internet Computing and Services
• /
• v.12 no.5
• /
• pp.63-72
• /
• 2011

Binary translation is a kind of the emulation method which converts a binary code compiled on the particular instruction set architecture to the new binary code that can be run on another one. It has been mostly used for migrating legacy systems to new architecture. In recent, binary translation is used for instrumenting programs without modifying source code, because it enables inserting additional codes dynamically, For general application, there already exists some instrumentation software using binary translation, such as dynamic binary analyzers and virtual machine monitors. On the other hand, in order to be benefited from binary translation in kernel-level, a few issues, which include system performance, memory management, privileged instructions, and synchronization, should be treated. These matters are derived from the structure of the kernel, and the difference between the kernel and user-level application. In this paper, we present a scheme to apply binary translation and dynamic instrumentation on kernel. We implement it on Linux kernel and demonstrate that kernel-level binary translation adds an insignificant overhead to performance of the system.

• 제어로봇시스템학회:학술대회논문집
• /
• 2004.08a
• /
• pp.252-255
• /
• 2004

This paper presents a new technique to generate the 1-bit signal by decoding Pulse Width Modulation (PWM) signal to a binary file before programming onto the ROM. Since each PWM signal requires only 1-bit digital signal, PWM signal and other forms of digital signal related to multi-bit can be simply generated. The results demonstrate that using this new technique to generate the PWM signal can simplify the process and hardware complication. Moreover, the signal's data and frequency can be easily modified by programming the data onto the ROM and using the counter, respectively, which can reduce the size of the circuit and make the PCB easier.

• Journal of KIISE
• /
• v.41 no.11
• /
• pp.892-899
• /
• 2014

Dynamic binary instrumentation is a code insertion technique for debugging a program without scattering its execution flow, while the program is running. Most dynamic instrumentations are implemented using dynamic binary translation techniques. Existing studies translated program codes dynamically by parsing the machine code stream to intermediate representation (IR) and then applying compilation techniques for IRs. However, they have high overhead during translation, which is a major cause of difficulty in applying the dynamic binary translation technique to the program which requires high responsiveness. In this paper, we introduce a light-weight dynamic binary instrumentation framework based on a novel dynamic binary translation technique which has low overhead while translating the program code. In order to reduce the translation overhead, our approach adopts a tabular-based address translation and exploits a translation bypassing scheme, which stores the translated address of a frequently called library function in advance. It then accesses the translated address and executes function codes without code translation when calling the function. Our experiment results demonstrated that the proposed approach outperforms the prior dynamic binary translation techniques from 2% up to 65%.

• Journal of KIISE:Computer Systems and Theory
• /
• v.37 no.5
• /
• pp.304-313
• /
• 2010

There are several methods for malware analyses. However, it is difficult to detect malware exactly with existing detection methods. Especially, malware with strong anti-debugging facilities can detect analyzer and disturb their analyses. Furthermore, it takes too much time to analyze malware. In order to resolve these problems of current analyzers, more improved analysis scheme is required. This paper suggests a dynamic binary instrumentation which supports the instruction analysis and the memory access tracing. Additionally, by supporting the API call tracing with the DLL loading analysis, our system establishes the foundation for analyzing various executable codes. Based on Xen, full-virtualization environment is built using Intel's VT technology. Windows XP can be used as a guest. We analyze representative malware using several functions of our system, and show the accuracy and efficiency enhancements in binary analyses capability of our system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1197-1199
• /
• 2010

본 논문에서는 동적 인스트러멘테이션을 적용한 동적 바이너리 분석 툴들에 대해 비교 분석을 수행하였다. 비교 분석은 각 툴들에서 공통의 항목에 맞는 특성 값들을 도출하여 비교함으로써 동일한 상황에서 툴들의 특장점을 확인할 수 있고, 각 특징에 따른 기술적인 배경을 뒷받침하여 더 나은 동적 분석 툴을 만들 수 있는 발판을 마련하였다. 이를 위해 DynamoRIO, DynInst, Pin, Valgrind의 4가지 동적 분석 툴을 지원 가능 플랫폼, 실행 메카니즘의 컨셉, 인스트러멘테이션 가능 범위, 성능, 라이선스와 관련된 입수 가능성의 5가지 주요 항목으로 비교 분석을 수행하였다.

• Proceedings of the KIEE Conference
• /
• 1989.07a
• /
• pp.166-169
• /
• 1989

A study for the recognition of the Korean characters by a neural network is presented. To reduce the dimension of the input image data, DC components are extracted from each input image and used as input to the neural net. A multi-layer perceptron with one hidden layer was trained with back-error propagation training algorithm. Its performance is tested for 24 ${\times}$ 24 binary images of Korean characters and the results of several experiments are presented.

• ETRI Journal
• /
• v.28 no.5
• /
• pp.615-620
• /
• 2006

In this paper, we discuss the quantification of Mach-Zehnder interferometer (MZI) thermal stabilization which is needed in optical phase shaped binary transmission (PSBT) links. Considering the thermo-optic and thermal expansion effects, we revisit the analytical expression for the thermal drift (GHz/$^{\circ}C$) of the MZI center frequency (denoted here by the 'MZI spectral drift'). An MZI is then used in an experimental transmission system using the optical PSBT format. We study the effect of spectral MZI drift by using a thermally stabilized interferometer and applying a frequency shift to the optical carrier. By using the thermal drift coefficient of the MZI, we find that to ensure low bit error rate fluctuations due to the MZI drift, the thermal stabilization of the device must have an accuracy of $0.5^{\circ}C$.

• 제어로봇시스템학회:학술대회논문집
• /
• 2003.10a
• /
• pp.2274-2277
• /
• 2003

A cylindrical permanent magnet inside the four-phase permanent magnet (PM) stepping motor is employed as the rotor. The stator has four teeth around, which its coils are wound. The mode of excitation can be classified into 3 modes: single-phase excitation, two-phase excitation and ministep excitation. The ministep drive is a method to subdivide one step into several small steps by means of electronics. The paper presents the programmable ministep technique drive. This technique decodes the results obtained from the counter to locate the data in Read Only Memory (ROM). The Sinusoidal Pulse Width Modulation (SPWM) is transformed to binary file and saved to the ROM. The experiment is performed with the four-phase PM stepping motor and drives from a two-phase programmable sinusoidal ministep signal, instead of square wave. The results show that the performances of the proposed programmable ministep technique drive have high efficiency, smooth step motion, and high speed response. Moreover, the resolution of sinusoidal ministep signal can be controlled by the input frequency (f command).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.753-762
• /
• 2021

WebAssembly(WASM) is a low-level instruction format that can be run in a web environment. Since WASM has a excellent performance, various web applications use webassembly. However, according to our security analysis WASM has a security pitfall related to control flow integrity (CFI) for indirect calls. To address the problem in this paper we propose a new code instrumentation scheme to protect indirect calls, named WACFI. Specifically WACFI enhances a CFI technique for indirect call in WASM based on source code anlysis and binary instrumentation. To test the feasibility of WACFI, we applied WACFI to a sound-encoding application. According to our experimental results WACFI only adds 2.75% overhead on the execution time while protecting indirect calls safely.