• Journal of KIISE:Software and Applications
• /
• v.36 no.7
• /
• pp.590-606
• /
• 2009

We present a static analyzer that detects memory leaks in C programs. It achieves relatively high accuracy at a relatively low cost on SPEC2000 benchmarks and several open-source software packages, demonstrating its practicality and competitive edge against other reported analyzers: for a set of benchmarks totaling 1,777 KLOCs, it found 332 bugs with 47 additional false positives (a 12.4% false-positive ratio), and the average analysis speed was 720 LOC/sec. We separately analyze each procedure's memory behavior into a summary that is used in analyzing its call sites. Each procedural summary is parameterized by the procedure's call context so that it can be instantiated at different call sites. What information to capture in each procedural summary has been carefully tuned so that the summary should not lose any common memory-leak-related behaviors in real-world C program. Because each procedure is summarized by conventional fixpoint iteration over the abstract semantics ('a la abstract interpretation), the analyzer naturally handles arbitrary call cycles from direct or indirect recursive calls.

• Journal of KIISE:Software and Applications
• /
• v.37 no.10
• /
• pp.760-767
• /
• 2010

There are many memory leak detection tools. However, programmers, who develop very large programs, tend to avoid testing their programs with memory leak detection tools since these tools require runtime and space overheads. Thus, we present a memory leak detection technique which enables programmers to test their modules in their unit test phase with low overheads. To achieve this goal, we extend the existing cyclic memory allocation technique and evaluate our memory leak detection technique on a tiny DBMS. In our experiments, we find our tool has reasonably low runtime and space overheads and it reports only a small number of false positives.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.235-242
• /
• 2023

ORAM(Oblivious RAM) is an algorithm that defends side channel attacks when the user uses an untrusted server or hardware. ORAM defends against leaks of information by hiding data access patterns. However, ORAM is not in practical use because as ORAM reinforces hardware security, it also has a severe disadvantage in processing speed. In this paper, we suggest using newly introduced hardware, PIM (Process In Memory), to accelerate ORAM and use it practically.

• Journal of Integrative Natural Science
• /
• v.14 no.4
• /
• pp.189-196
• /
• 2021

Recently, as a countermeasure for cyber breach attacks and confidential leak incidents on PC hard disk memory storage data of the metaverse industry, it is required when reviewing and developing a remote-based regular/real-time monitoring and analysis security system. The reason for this is that more than 90% of information security leaks occur on edge-end PCs, and tangible and intangible damage, such as an average of 1.20 billion won per metaverse industrial security secret leak (the most important facts and numerical statistics related to 2018 security, 10.2018. the same time as responding to the root of the occurrence of IT WORLD on the 16th, as it becomes the target of malicious code attacks that occur in areas such as the network system web due to interworking integration when building IT infrastructure, Deep-Access-based regular/real-time remote. The concept of memory analysis and audit system is key.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.12
• /
• pp.2333-2340
• /
• 2017

Recently industry is suffering severe losses of important internal information, and most of the leaks result from the insiders. Thus, various technological counter measures are being studied in order to protect private organization information. In this paper, among various internal information leakage path protection mechanisms, we propose a technique for preventing files which are defined as confidential from being copied or moved through USB. The implemented confidential file loss prevention system is composed of both signature insert manager and confidential file detect manager. The signature insert manager allows a system administrator to insert a special pattern specifying a classified confidential file, while the confidential file detect manager protects confidential file leakage when a user attempts to move or copy a confidential file to the USB memory. This results would be contributed to reducing the damage caused by leakage of confidential files outside of the company via USB.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.76-82
• /
• 2019

The development of Internet technology and the deployment of smart devices provide a convenient environment for people, and this is becoming common with the technology called the Internet of Things (IoT). But the development of, and demand for, IoT technology is causing various problems, such as personal information leaks due to the attacks of hackers who exploit it. A number of devices are connected to a network, and network attacks that have been exploited in the existing PC environment are occurring in the IoT environment. When it comes to IP cameras, security incidents (such as distributed denial of service [DDoS] attacks, hacking someone's personal information, and monitoring without consent) are occurring. However, it is difficult to install and implement existing security solutions because memory space and power are limited owing to the characteristics of small devices in the IoT environment. Therefore, this paper proposes a security protocol that can look at and prevent IoT security threats. A security assessment verified that the proposed protocol is able to respond to various security threats that could arise in a network. Therefore, it is expected that efficient operation of this protocol will be possible if it is applied to the IoT environment.