• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.4
• /
• pp.331-337
• /
• 2021

Owing to the limited development period and budget of the weapon system, many problems have arisen in the operation stage after mass production. Therefore, engineering changes are also increasing. On the other hand, an analysis of the cause of problems and improvement of the system equipment performed in engineering changes cannot be managed synthetically. Hence, important actual data can only be used once. In particular, unlike hardware where the shape of the equipment is changed or the part number is changed, the contents of software engineering changes are only partially included in the proposal. Moreover, only the extent to which the version of the source package and the executable file has been changed can be identified. Therefore, this paper proposes a method to build and utilize a database for cause analysis and improvement plan data of weapon-system software engineering changes and software technical support. The above utilization measure can contribute to the quality assurance of weapon-system software developed in the future by preemptively applying real-world data when developing similar weapon systems.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.22 no.4
• /
• pp.37-41
• /
• 2021

This paper presents a study to implement a touch screen capable of real-time response processing in a low-end embedded system. This was done by introducing an algorithm using an interpolation method to represent real-time response characteristics when a touch input is performed. In this experiment, we applied a linear interpolation algorithm that estimates random data by deriving a first-order polynomial from 2-point data. We also applied a Lagrange interpolation algorithm that estimates random data by deriving a quadratic polynomial from 3-point data. As a result of the experiment, it was found that the Lagrange interpolation method was more complicated than the linear interpolation method, and the processing speed was slow, so the text was not smooth. When using the linear interpolation method, it was confirmed that the speed displayed on a screen is 2.4 times faster than when using the Lagrange interpolation method. For real-time response characteristics, it was confirmed that smaller size of the executable file of the algorithm is more advantageous than the superiority of the algorithm itself. In conclusion, in order to secure real-time response characteristics in a low-end embedded system, it was confirmed that a relatively simple linear interpolation algorithm performs touch operations with better real-time response characteristics than the Lagrange interpolation method.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.6
• /
• pp.155-164
• /
• 2018

Many malicious programs have been compressed or encrypted using various commercial packers to prevent reverse engineering, So malicious code analysts must decompress or decrypt them first. The OEP (Original Entry Point) is the address of the first instruction executed after returning the encrypted or compressed executable file back to the original binary state. Several unpackers, including PinDemonium, execute the packed file and keep tracks of the addresses until the OEP appears and find the OEP among the addresses. However, instead of finding exact one OEP, unpackers provide a relatively large set of OEP candidates and sometimes OEP is missing among candidates. In other words, existing unpackers have difficulty in finding the correct OEP. We have developed new tool which provides fewer OEP candidate sets by adding two methods based on the property of the OEP. In this paper, we propose two methods to provide fewer OEP candidate sets by using the property that the function call sequence and parameters are same between packed program and original program. First way is based on a function call. Programs written in the C/C++ language are compiled to translate languages into binary code. Compiler-specific system functions are added to the compiled program. After examining these functions, we have added a method that we suggest to PinDemonium to detect the unpacking work by matching the patterns of system functions that are called in packed programs and unpacked programs. Second way is based on parameters. The parameters include not only the user-entered inputs, but also the system inputs. We have added a method that we suggest to PinDemonium to find the OEP using the system parameters of a particular function in stack memory. OEP detection experiments were performed on sample programs packed by 16 commercial packers. We can reduce the OEP candidate by more than 40% on average compared to PinDemonium except 2 commercial packers which are can not be executed due to the anti-debugging technique.