• Nuclear Engineering and Technology
• /
• v.43 no.1
• /
• pp.45-62
• /
• 2011

The Korean nuclear industry is developing a thermal-hydraulic analysis code for safety analysis of pressurized water reactors (PWRs). The new code is called the Safety and Performance Analysis Code for Nuclear Power Plants (SPACE). The SPACE code adopts advanced physical modeling of two-phase flows, mainly two-fluid three-field models which comprise gas, continuous liquid, and droplet fields and has the capability to simulate 3D effects by the use of structured and/or nonstructured meshes. The programming language for the SPACE code is C++ for object-oriented code architecture. The SPACE code will replace outdated vendor supplied codes and will be used for the safety analysis of operating PWRs and the design of advanced reactors. This paper describes the overall features of the SPACE code and shows the code assessment results for several conceptual and separate effect test problems.

• International Journal of Advanced Culture Technology
• /
• v.9 no.4
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.9
• /
• pp.3221-3242
• /
• 2021

The purpose of the study is to examine the current study trend of 'QR code' and suggest a direction for the future study of big data analysis: (1) Background: study trend of 'QR code' and analysis of the text by subject field and year; (2) Methodology: data scraping and collection, EXCEL summary, and preprocess and big data analysis by R x 64 4.0.2 program package; (3) the findings: first, the trend showed a continuous increase in 'QR code' studies in general and the findings were applied in various fields. Second, the analysis of frequent keywords showed somewhat different results by subject field and year, but the overall results were similar. Third, the visualization of the frequent keywords also showed similar results as that of frequent keyword analysis; and (4) the conclusions: in general, 'QR code' studies are used in various fields, and the trend is likely to increase in the future as well. And the findings of this study are a reflection that 'QR code' is an aspect of our social and cultural phenomena, so that it is necessary to think that 'QR code' is a tool and an application of information. An expansion of the scope of the analysis is expected to show us more meaningful indications on 'QR code' study trends and development potential.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.171-179
• /
• 2022

Self-Modifying-Code is a code that changes the code by itself during execution time. This technique is particularly abused by malicious code to bypass static analysis. Therefor, in order to effectively detect such malicious codes, it is important to identify self-modifying-codes. In the meantime, Self-modify-codes have been analyzed using dynamic analysis methods, but this is time-consuming and costly. If static analysis can detect self-modifying-code it will be of great help to malicious code analysis. In this paper, we propose a static analysis method to detect self-modified code for binary executable programs converted to LLVM IR and apply this method by making a self-modifying-code benchmark. As a result of the experiment in this paper, the designed static analysis method was effective for the standardized LLVM IR program that was compiled and converted to the benchmark program. However, there was a limitation in that it was difficult to detect the self-modifying-code for the unstructured LLVM IR program in which the binary was lifted and transformed. To overcome this, we need an effective way to lift the binary code.

• International Journal of Internet, Broadcasting and Communication
• /
• v.9 no.1
• /
• pp.24-28
• /
• 2017

In the Internet of Things (IoT), resource-limited smart devices communicate with each other while performing sensing and computation tasks. Thus, these devices can be exposed to various attacks being launched and spread through network. For instance, attacker can reuse the codes of IoT devices for malicious activity executions. In the sense that attacker can craft malicious codes by skillfully reusing codes stored in IoT devices, code-reuse attacks are generally considered to be dangerous. Although a variety of schemes have been proposed to defend against code-reuse attacks, code randomization is regarded as a representative defense technique against code-reuse attacks. Indeed, many research have been done on code randomization technique, however, there are little work on analysis of the interactions between code randomization defenses and code-reuse attacks although it is imperative problem to be explored. To provide the better understanding of these interactions in IoT, we analyze how code randomization defends against code-reuse attacks in IoT and perform simulation on it. Both analysis and simulation results show that the more frequently code randomizations occur, the less frequently code-reuse attacks succeed.

• Journal of the Korean Society of Safety
• /
• v.27 no.6
• /
• pp.192-204
• /
• 2012

For a severe accident of nuclear power plant, an approach to estimation of the radiological source term using a severe accident code(MELCOR) has been proposed. Although the MELCOR code has a capability to estimate the radiological source term, it has been hardly utilized for the radiological consequence analysis mainly due to a lack of understanding on the relevant function employed in MELCOR and severe accident phenomena. In order to estimate the severe accident source term to be linked with the radiological consequence analysis, this study proposes 4-step procedure: (1) selection of plant condition leading to a severe accident(i.e., accident sequence), (2) analysis of the relevant severe accident code, (3) investigation of the code analysis results and post-processing, and (4) generation of radiological source term information for the consequence analysis. The feasibility study of the present approach to an early containment failure sequence caused by a fast station blackout(SBO) of a reference plant (OPR-1000), showed that while the MELCOR code has an integrated capability for severe accident and source term analysis, it has a large degree of uncertainty in quantifying the radiological source term. Key insights obtained from the present study were: (1) key parameters employed in a typical code for the consequence analysis(i.e., MACCS) could be generated by MELCOR code; (2) the MELOCR code simulation for an assessment of the selected accident sequence has a large degree of uncertainty in determining the accident scenario and severe accident phenomena; and (3) the generation of source term information for the consequence analysis relies on an expert opinion in both areas of severe accident analysis and consequence analysis. Nevertheless, the MELCOR code had a great advantage in estimating the radiological source term such as reflection of the current state of art in the area of severe accident and radiological source term.

• Nuclear Engineering and Technology
• /
• v.55 no.1
• /
• pp.131-143
• /
• 2023

Constitutive equations in a nuclear reactor safety analysis code are mostly empirical correlations developed from experiments, which always accompany uncertainties. The accuracy of the code can be improved by modifying the constitutive equations fitting wider range of data with less uncertainty. Thus, the sensitivity of the code with respect to the constitutive equations is evaluated quantitatively in the paper to understand the room for improvement of the code. A new methodology is proposed which first starts by dividing the thermal hydraulic conditions into multiple sub-regimes using self-organizing map (SOM) clustering method. The sensitivity analysis is then conducted by multiplying an arbitrary set of coefficients to the constitutive equations for each sub-divided thermal-hydraulic regime with SOM to observe how the code accuracy varies. The randomly chosen multiplier coefficient represents the uncertainty of the constitutive equations. Furthermore, the set with the smallest error with the selected experimental data can be obtained and can provide insight which direction should the constitutive equations be modified to improve the code accuracy. The newly proposed method is applied to a steady-state experiment and a transient experiment to illustrate how the method can provide insight to the code developer.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.37-41
• /
• 2019

Recently, due to the appearance of various types of malware, the existing static analysis exposes many limitations. Static analysis means analyzing the structure of a code or program with source code or object code without actually executing the (malicious) code. On the other hand, dynamic analysis in the field of information security generally refers to a form that directly executes and analyzes (malware) code, and compares and examines and analyzes the state before and after execution of (malware) code to grasp the execution flow of the program. However, dynamic analysis required analyzing huge amounts of data and logs, and it was difficult to actually store all execution flows. In this paper, we propose and implement a preprocessor architecture of a system that performs malware detection and real-time multi-dynamic analysis based on 2nd generation PT in Windows environment (Windows 10 R5 and above).

• Journal of the Semiconductor & Display Technology
• /
• v.20 no.3
• /
• pp.113-116
• /
• 2021

As artificial intelligence technologies, including deep learning, develop, these technologies are being introduced to code similarity analysis. In the traditional analysis method of calculating the graph edit distance (GED) after converting the source code into a control flow graph (CFG), there are studies that calculate the GED through a trained graph neural network (GNN) with the converted CFG, Methods for analyzing code similarity through CNN by imaging CFG are also being studied. In this paper, to determine which approach will be effective and efficient in researching code similarity analysis methods using artificial intelligence in the future, code similarity is measured through funcGNN, which measures code similarity using GNN, and Siamese Network, which is an image similarity analysis model. The accuracy was compared and analyzed. As a result of the analysis, the error rate (0.0458) of the Siamese network was bigger than that of the funcGNN (0.0362).

• Convergence Security Journal
• /
• v.10 no.3
• /
• pp.51-60
• /
• 2010

The expansion of internet technology has made convenience. On the one hand various malicious code is produced. The number of malicious codes occurrence has dramadically increasing, and new or variant malicious code circulation very serious, So it is time to require analysis about malicious code. About malicious code require set criteria for judgment, malicious code taxonomy using Algorithm of weakness difficult to new or variant malicious code taxonomy but already discovered malicious code taxonomy is effective. Therefore this paper of object is various malicious code analysis besides new or variant malicious code type or form deduction using visualization of strong. Thus this paper proposes a malicious code analysis and grouping method using visualization.