• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.2
• /
• pp.53-59
• /
• 2020

Malicious file upload attacks mean that the attacker to upload or transfer files of dangerous types that can be automatically processed within the web server's environment. Uploaded file content can include exploits, malware and malicious scripts. An attacker can user malicious content to manipulate the application behavior. As a method of detecting a malicious file upload attack, it is generally used to find a file type by detecting a file extension or a signature of the file. However, this type of file type detection has the disadvantage that it can not detect files that are not encoded with a specific program, such as PHP files. Therefore, in this paper, research was conducted on how to detect and block any program by using essential commands or variable names used in the corresponding program when writing a specific program. The performance evaluation results show that it detected specific files effectively using the suggested method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.319-323
• /
• 2023

In intra-process isolation, file descriptors work as another attack vector from the memory corruption attacks. The attacker can read or write by corrupting file descriptors so they can escape the isolation. In this paper, we propose new lightweight capability-based access control system on file descriptor using ARM's hardware extension, PA(Pointer Authentication). Our system was implemented on Linux kernel module, only shows 5% overhead to control the access on the file descriptor.

• Journal of the Semiconductor & Display Technology
• /
• v.8 no.1
• /
• pp.39-42
• /
• 2009

In this paper an attempt for realizing a storage system which works as a part of human brain has been discussed. The system is expected to be able to coordinate with human brain. And current storage may have inherent problem due to an intrinsic attribute of storage, exclusiveness. Directory structure in it must be a source of confusion, if it used out side of the range of limitation. Adapting multidimensional annotation of file name extension and directory-less file system, a new storage system able to associate and coordinate with human brain may be available near future. This paper showed that the limitation of current storage system clearly exists, because of human brain limitation to memorize directory name.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.251-258
• /
• 2017

Most malware, including Ransomware, is built for the Windows operating system. This is because it is more harmful to target an operating system with a high share. But in recent years, MacOS's operating system share has steadily increased. As people become more and more used, the number of malicious code running on the MacOS operating system is increasing. Ransomware has been known to Korea since 2015, and damage cases are gradually increasing. MacOS is no longer free from Ransomware, as Ransomware for MacOS was discovered in March 2016. In order to cope with future Ransomware, this paper used Ransomware's modified file extension to detect Ransomware. We have studied how to detect and block Ransomware processes by distinguishing between extensions changed by the user and extensions changed by the Ransomware process.

• Journal of Agricultural Extension & Community Development
• /
• v.7 no.2
• /
• pp.289-293
• /
• 2000

The way society works in the 21st century differs from that of 20th century, since the people are brought-up to speed regarding current technologies. The www.aflos.pe.kr site and direct e-mailing system were very useful in delivering floricultural information to extension educators, producers, and variety of individuals. The author’s one year experience indicated that extension educators and farmers are receptive to internet technologies, and extension educators have increased the knowledge base of their clientele by responding through direct e-mails. The internet and direct e-mailing systems were popular and powerful way of transferring floricultural information, especially agricultural extension manpower were limited because of localization of extension educators by changing national status to local governments and decreased number of extension educators through government restructuring. The direct e-mailing to approximately 503 individuals resulted about $1{\sim}3%$ responses and the number of phone calls, however virus protection software for e-mail, internet, file servers and desktops to provide the integrated real-time detection of viruses were needed. For more effective operation of direct e-mailing in the future, more specified target groups and specialized organization such as perennials, bulbs, flowering potted plants. and cut flowers. At the same time, things that have worked for last century should not be replaced with new technology, specifically, the value in one-on-one meetings should not be replaced, but rather serve as a supplement.

• Proceedings of the Korea Contents Association Conference
• /
• 2009.05a
• /
• pp.510-514
• /
• 2009

This program was developed in Visual C + +, the Windows operating system has security features within the files and directories. File and directory security, encryption / decryption operations yirueojimyeo file security can be round, to know the value of the key and security password I need to know the directory is designed to be decrypted. In addition, ECB, CBC algorithm and 3DES, SEED algorithms and methods, and encryption. De0 can not run that created the file extension, as has been developed to allow for double security.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.43 no.2 s.308
• /
• pp.1-11
• /
• 2006

In this paper, we propose a new register file architecture called the Register File Extension for Multi-words or Long-word Operation (RFEMLO) to accelerate both symmetric and asymmetric cryptographic algorithms. Based on the idea that most of cryptographic algorithms heavily use multi-words or long-word operations, RFEMLO allows multiple contiguous registers to be specified as a single operand. Thus, a single instruction can specify a SIMD-style multi-word operation or a long-word operation. RFEMLO can be applied to general purpose processors by adding instruction set for multi-words or long-word operands and functional units for additional instruction set. To evaluate the performance of RFEMLO, we use Simplescalar/ARM 3.0 (with gcc 2.95.2) and run detailed simulations on various symmetric and asymmetric cryptographic algorithms. By applying RFEMLO, we could get maximum 62% and 70% reductions in the total instruction count of symmetric and asymmetric cryptographic algorithms respectively. Also, performance results show that a speedup of 1.4 to 2.6 can be obtained in symmetric cryptographic algorithms and a speedup of 2.5 to 3.3 can be obtained for asymmetric cryptographic algorithms when we apply RFEMLO to a processor with an in-order pipeline. We also found that RFEMLO can effectively improve the performance of these cryptographic algorithms with much less cost compared to issue-width increase available in Superscalar implementations. Moreover, the RFEMLO can also be applied to Superscalar processor, leading to additional 83% and 138% performance gain in symmetric and asymmetric cryptographic algorithms.

• Journal of Korea Society of Industrial Information Systems
• /
• v.18 no.2
• /
• pp.27-34
• /
• 2013

NAND Flash Memory has been used in several devices by low cost and high capacity, and the demand for mass NAND Flash Memory has increased due to the multimedia extension of mobile devices. The JFFS2, NILFS2, and YAFFS2 file systems are used mainly in NAND Flash Memory. In this paper, the performance of Sequential read/write of the 3 file systems are analyzed for the 4 I/O schedulers : CFQ(Complete Fair Queuing) I/O scheduler, NOOP(No Operation) I/O scheduler, Anticipatory I/O scheduler, and Deadline I/O scheduler. In JFFS2 file system, Anticipatory I/O scheduler has the best performance by 8% decreasing speed in writing time and 1.5% decreasing speed in reading time compared to the other I/O scheduler. In YAFFS2 file system, it results are similar to performance in reading and writing for the 4 I/O schedulers. In NILFS2 file system, NOOP I/O scheduler has 2% faster in writing and Deadline I/O scheduler has 6% faster in reading than other I/O schedulers.

• Journal of KIBIM
• /
• v.11 no.3
• /
• pp.67-74
• /
• 2021

An IFC file is dependent on the IFC schema. Because of this relationship, most IFC-using software reads and interprets the IFC File by employing an early binding method, which uses a standard IFC schema. In the case of most open sources, early binding methods using standard IFC schema have a problem that they cannot express extra information of IFC File out of extended IFC schema. Also, in the case of previous studies, they suggested schema extension, such as adding attribute information to the schema, rather than the interpretation of IFC File. This study research on method of extracting shape and attribute information was conducted by analyzing the IFC File produced through the Port schema, which is an extended IFC schema. Three objects were created using the reference relationship between the Port schema definition and the IFC entity, and, at the end, the three objects were combined into one object. It has been confirmed that the shape and property data were express properly while delivering the combined object to the viewer. The process is possible because of the method of matching IFC schema and IFC File, which is dependent on IFC schema but not early binding method. However, this method has some drawbacks, such that contemporaneously generated many objects consume many memory spaces. Future research to investigate that issue further is needed.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.2
• /
• pp.545-551
• /
• 2023

As digital information is readily available to everyone today, the adoption of digital evidence is increasing. However, it is virtually impossible to determine the authenticity of forgery in the case of a voice recording file that has gone through a sophisticated editing process along with the spread of various voice file editing tools. This study aims to prove that forgery, which is difficult to distinguish from the original file, is possible by using insertion, deletion, linking, and synthetic editing technologies in voice recording files. This study presents the difficulty of detecting forgery by encoding a forged voice file with the same extension as the original. In addition, it was shown that forgery detection is impossible if additional transition band deletion and secondary encoding are performed only for experiments in which features occurred. Through this, this study is expected to contribute to the establishment of more stringent evidence admissibility criteria for adopting voice recording files as digital evidence.