• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.37-41
• /
• 2019

Recently, due to the appearance of various types of malware, the existing static analysis exposes many limitations. Static analysis means analyzing the structure of a code or program with source code or object code without actually executing the (malicious) code. On the other hand, dynamic analysis in the field of information security generally refers to a form that directly executes and analyzes (malware) code, and compares and examines and analyzes the state before and after execution of (malware) code to grasp the execution flow of the program. However, dynamic analysis required analyzing huge amounts of data and logs, and it was difficult to actually store all execution flows. In this paper, we propose and implement a preprocessor architecture of a system that performs malware detection and real-time multi-dynamic analysis based on 2nd generation PT in Windows environment (Windows 10 R5 and above).

• Proceedings of the Computational Structural Engineering Institute Conference
• /
• 1991.10a
• /
• pp.81-89
• /
• 1991

Recently increasing number of highrise buildings are aseismically designed by dynamic analysis method. To perform comparative study on the results of seismic design by dynamic analysis method, five-to thirty-story building models of ductile moment resisting frames and braced frames are considered. Base shears of these models using the spectrum of equivalent static method in the current Korean code and the ones of dynamic analysis method in the UBC-88 code are compared. Based on this study design spectra to be used in the dynamic analysis in Korea are proposed and the results are compared.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.105-115
• /
• 2019

Recently, intelligent Android malicious codes have become difficult to detect malicious behavior by static analysis alone. Malicious code with SO file, dynamic loading, and string obfuscation are difficult to extract information about original code even with various tools for static analysis. There are many dynamic analysis methods to solve this problem, but dynamic analysis requires rooting or emulator environment. However, in the case of dynamic analysis, malicious code performs the rooting and the emulator detection to bypass the analysis environment. To solve this problem, this paper investigates a variety of root detection schemes and builds an environment for bypassing the rooting detection in real devices. In addition, SDK code hooking module for Android malicious code analysis is designed using Xposed, and intent tracking for code flow, dynamic loading file information, and various API information extraction are implemented. This work will contribute to the analysis of obfuscated information and behavior of Android Malware.

• International Journal of Advanced Culture Technology
• /
• v.9 no.4
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1689-1705
• /
• 2023

To deal with the potential XSS vulnerabilities in the source code of the power communication network, an XSS vulnerability detection method combining the static analysis method with the dynamic testing method is proposed. The static analysis method aims to analyze the structure and content of the source code. We construct a set of feature expressions to match malignant content and set a "variable conversion" method to analyze the data flow of the code that implements interactive functions. The static analysis method explores the vulnerabilities existing in the source code structure and code content. Dynamic testing aims to simulate network attacks to reflect whether there are vulnerabilities in web pages. We construct many attack vectors and implemented the test in the Selenium tool. Due to the combination of the two analysis methods, XSS vulnerability discovery research could be conducted from two aspects: "white-box testing" and "black-box testing". Tests show that this method can effectively detect XSS vulnerabilities in the source code of the power communication network.

• Proceedings of the KSME Conference
• /
• 2001.06b
• /
• pp.651-657
• /
• 2001

This article explains the theory of multiple mode/physical coordinate synthesis method in order to analyze the dynamic characteristics for an huge marine engine. The theory leads to make a simulation code. The natural frequencies obtained from the simulation code is compared to those from a commercial analysis software, ANSYS. The simulation code is well reviewed.

• Transactions of the Korean Society of Machine Tool Engineers
• /
• v.11 no.2
• /
• pp.80-86
• /
• 2002

Previous method of computer simulation to predict the dynamic response of a vehicle has been based on the assumption that vehicle structure is rigid. If the flexibility of the vehicle structure becomes too large to ignore, rigid body assumption will no longer give good estimation of the dynamic characteristics. Therefore, in order to predict more precise vehicle dynamic characteristics, flexible multi-body dynamic analysis of a vehicle is necessary. This paper investigates dynamic characteristics of vehicle systems with flexible frames numerically. Joint reaction forces, vertical accelerations, pitch accelerations are analyzed for the vehicle systems with various flexible frames using multi-body dynamic analysis code and finite element analysis code.

• Nuclear Engineering and Technology
• /
• v.51 no.5
• /
• pp.1231-1240
• /
• 2019

Unlike land-based nuclear power plants, a marine or floating reactor is affected by external forces due to ocean conditions. These external forces can cause additional accelerations and affect each system and equipment of the marine reactor. Therefore, in designing a marine reactor and evaluating its performance and stability, a thermal hydraulic safety analysis code is necessary to consider the thermal hydrodynamic effects of ship motion. MARS, which is a reactor system analysis code, includes a dynamic motion model that can simulate the thermal-hydraulic phenomena under three-dimensional motion by calculating the body force term included in the momentum equation. In this study, it was verified that the dynamic motion model can simulate fluid motion with reasonable accuracy using conceptual problems. In addition, two modifications were made to the dynamic motion model; first, a user-supplied table to simulate a realistic ship motion was implemented, and second, the flow regime map determination algorithm was improved by calculating the volume inclination information at every time step if the dynamic motion model was activated. With these modifications, MARS could simulate the thermal-hydraulic phenomena under ocean motion more realistically.

• Journal of KIISE:Software and Applications
• /
• v.37 no.10
• /
• pp.773-778
• /
• 2010

OWASP announced most of vulnerabilities result from the data injection by user in 2010 after 2007. Because the contaminated input data is determined at runtime, those data should be checked dynamically. To analyze data and its flow at runtime, dynamic analysis method usually inserts instrument into source code. Intermediate code insertion makes it difficult to manage and extend the code so that the instrument code would be spreaded out according to increase of analysis coverage and volume of code under analysis. In addition, the coupling gets strong between instrument modules and target modules. Therefore developers will struggle against modify or extend the analysis code as instrument. To solve these problem, this paper defines vulnerabilities as a concern using AOP, and suggest the flexible and extensible analysis method to insertion and deletion without increase of coupling.

• Proceedings of the Korea Committee for Ocean Resources and Engineering Conference
• /
• 2001.10a
• /
• pp.68-72
• /
• 2001

Two different methods of free span analysis of offshore pipelines by DnV codes were introduced and compared in order to calculate the allowable free span lengths of the offshore pipelines. The allowable span lengths of the offshore pipelines for installation, hydrotest and operation conditions by static and dynamic span analysis were determined. Static analysis was performed by ASME codes and dynamic span analysis was performed by both 1981 DnV code. Comparison of two codes were carried out. A new design procedure to calculate the allowable span lengths was developed with new DnV code.