• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.5
• /
• pp.3121-3131
• /
• 2014

Vulnerabilities related to memory have been known as major threats to the security of a computer system. Actually, the number of attacks using memory vulnerability has been increased. Accordingly, various memory protection mechanisms have been studied and implemented on operating system while new attack techniques bypassing the protection systems have been developed. Especially, buffer overflow attacks have been developed as Return-Oriented Programing(ROP) and Jump-Oriented Programming(JOP) called Code Re-used attack to bypass the memory protection mechanism. Thus, in this paper, I analyzed code re-use attack techniques emerged recently among attacks related to memory, as well as analyzed various detection mechanisms proposed previously. Based on the results of the analyses, a mechanism that could detect various code re-use attacks on a binary level was proposed. In addition, it was verified through experiments that the proposed mechanism could detect code re-use attacks effectively.

• Journal of Korea Multimedia Society
• /
• v.7 no.5
• /
• pp.713-720
• /
• 2004

In this paper we suggest error control scheme to improve CLR performance degradation on wireless ATM access networks which consist of access node and wireless channel. Based on the cell scale and hurst scale, traffic model of wireless ATM access network is analyzed. The CLR equation due to buffer overflow for wireless access node is derived for VBR traffic. the CLR equation due to random bit errors and burst errors for wireless channel is derived. Using the CLR equation for both access node and wireless channel, the CLR equation of wireless ATM access network is derived, and we evaluate the CLR performance on the wireless ATM access networks with conventional SR ARQ scheme and recommended error control scheme, that is, Type I Hybrid ARQ scheme. It is confirmed that CLR performance of the access networks with recommended error control schemes is superior to that of access networks with conventional error control scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.3-10
• /
• 2007

In this paper, we proposed the methodology for security testing using block-based file fault injection. When fault is inserted into software, we consider the format of file in order to efficiently reduce the error that is caused by mismatch of format of file. The Vulnerability the methodology focuses on is related to memory processing, such as buffer overflow, null pointer reference and so on. We implemented the automatic tool to apply the methodology to image file format and named the tool ImageDigger. We executed fault-injection focused on WMF and EMF file format using ImageDigger, and found 10 DOS(Denial of Service) in Windows Platform. This methodology can apply to block-based file format such as MS Office file.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.6
• /
• pp.81-93
• /
• 2006

A file system is an evidence resource of cyber crime in computer forensics. Therefore the methods of recovering the file system and searching important information have been offered. However, the methods for finding a malicious fie in free blocks or slack spaces have not been suggested. In this paper, we propose an investigation method to find a maliciously executable fragmented file. After estimating if a file is executable with a machine code rate, we conclude it could be malicious by comparing a similarity of instruction sequences. To examine instruction sequences, we also propose a method of profiling malicious files using file and a method of comparing the continued scores. As the results, we could exactly pick out the malicious execution files, such as buffer overflow attack program, at fitting threshold level.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1069-1078
• /
• 2012

It is known that memory has been frequently a target threatening the computer system's security while attacks on the system utilizing the memory's weakness are actually increasing. Accordingly, various memory protection mechanisms have been studied on OS while new attack techniques bypassing the protection systems have been developed. Especially, buffer overflow attacks have been developed as attacks of Return to Library or Return-Oriented Programing and recently, a technique bypassing the countermeasure against Return-Oriented Programming proposed. Therefore, this paper is intended to suggest a detection mechanism at binary level by analyzing the procedure and features of Jump-Oriented Programming. In addition, we have implemented the proposed detection mechanism and experimented it may efficiently detect Jump-Oriented Programming attack.

• Journal of Positioning, Navigation, and Timing
• /
• v.10 no.4
• /
• pp.315-333
• /
• 2021

Due to the Global Navigation Satellite System (GNSS) modernization, recently launched GNSS satellites transmit signals at various frequency bands such as L1, L2 and L5. Considering the Korean Positioning System (KPS) signal and other GNSS augmentation signals in the future, there is a high probability of applying more complex communication techniques to the new GNSS signals. For the reason, GNSS receivers based on flexible Software Defined Radio (SDR) concept needs to be developed to evaluate various experimental communication techniques by accessing each signal processing module in detail. This paper proposes a novel SDR-based A-GNSS receiver capable of processing multi-GNSS/RNSS signals at multi-frequency bands. Due to the modular structure, the proposed receiver has high flexibility and expandability. For real-time implementation, A-GNSS server software is designed to provide immediate delivery of satellite ephemeris data on demand. Due to the sampling bandwidth limitation of RF front-ends, multiple SDRs are considered to process the multi-GNSS/RNSS multi-frequency signals simultaneously. To avoid the overflow problem of sampled RF data, an efficient memory buffer management strategy was considered. To collect and process the multi-GNSS/RNSS multi-frequency signals in real-time, the proposed SDR A-GNSS receiver utilizes multiple threads implemented on a CPU and multiple NVIDIA CUDA GPGPUs for parallel processing. To evaluate the performance of the proposed SDR A-GNSS receiver, several experiments were performed with field collected data. By the experiments, it was shown that A-GNSS requirements can be satisfied sufficiently utilizing only milliseconds samples. The continuous signal tracking performance was also confirmed with the hundreds of milliseconds data for multi-GNSS/RNSS multi-frequency signals and with the ten-seconds data for multi-GNSS/RNSS single-frequency signals.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.10
• /
• pp.101-110
• /
• 2009

The 6LoWPAN(IPv6 Low-power Wireless Personal Area Network) performs IPv6 header compression, TCP/UDP/IGMP header compression, packet fragmentation and re-assemble to transmit IPv6 packet over IEEE 802,15.4 MAC/PHY. However, from the point of view of security. It has the existing security threats issued by IP packet fragmenting and reassembling, and new security threats issued by 6LoWPAN packet fragmenting and reassembling would be introduced additionally. If fragmented packets are retransmitted by replay attacks frequently, sensor nodes will be confronted with the communication disruption. This paper analysis security threats introduced by 6LoWPAN fragmenting and reassembling, and proposes a re-transmission mechanism that could minimize re-transmission to be issued by replay attacks. Re-transmission procedure and fragmented packet structure based on the 6LoWPAN standard(RFC4944) are designed. We estimate also re-transmission delay of the proposed mechanism. The mechanism utilizes timestamp, nonce, and checksum to protect replay attacks. It could minimize reassemble buffer overflow, waste of computing resource, node rebooting etc., by removing packet fragmentation and reassemble unnecessary.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.24 no.9B
• /
• pp.1742-1754
• /
• 1999

In this paper, we propose a rate control scheme, using histogram based rate-distortion (R-D) estimation, which produces a consistent picture quality between consecutive frames. The histogram based R-D estimation used in our rate control scheme offers a closed-form mathematical model that enable us to predict the bits and the distortion generated from an encoded frame at a given quantization parameter (QP) and vice versa. The most attractive feature of the R-D estimation is low complexity of computing the R-D data because its major operation is just to obtain a histogram or weighted histogram of DCT coefficients from an input picture. Furthermore, it is accurate enough to be applied to the practical video coding. Therefore, the proposed rate control scheme using this R-D estimation model is appropriate for the applications requiring low delay and low complexity, and controls the output bit-rate ad quality accurately. Our rate control scheme ensures that the video buffer do not underflow and overflow by satisfying the buffer constraint and, additionally, prevents quality difference between consecutive frames from exceeding certain level by adopting the distortion constraint. In addition, a consistent considering the maximum tolerance BER of the voice service. Also in Rician fading channel of K=6 and K=10, considering CLP=$10^{-3}$ as a criterion, it is observed that the performance improment of about 3.5 dB and 1.5 dB is obtained, respectively, in terms of $E_b$/$N_o$ by employing the concatenated FEC code with pilot symbols.

• Journal of KIISE:Information Networking
• /
• v.35 no.3
• /
• pp.173-182
• /
• 2008

Promoting quality of streaming service in wireless networks has attracted intensive research over the years. Instable wireless channel condition causes high transmission delay and packet loss, due to fading and interference. Therefore, they lead to degrade quality of video streaming service. The IEEE 802.11 Working Group is currently working on a new standard called IEEE 802.11e to support quality of service in WLANs. And several schemes were proposed in order to guarantee QoS. However, they are not adaptable to network condition. Accordingly, they suffered video quality degradation, due to buffer overflow or packet loss. In this paper, to promote quality of video streaming service in WLANs, we propose a cross-layer architecture based on IEEE 802.11e EDCA model. Our cross-layer architecture provides differentiated transmission mechanism of IEEE 802.11e EDCA based on priority of MPEG-4 video frames and adaptively controls the transmission rate by dropping video frames through the efficient bandwidth estimation based on distinction of each AC. Through the simulation, proposed scheme is shown to be able to improve end-to-end qualify for video streaming service in WLANs.

• Journal of Broadcast Engineering
• /
• v.3 no.1
• /
• pp.69-84
• /
• 1998

In digital broadcasting, services such as digital satellite TV, cable TV and digital terrestrial TV, several video programs are compressed by MPEG-2, and then simultaneously transmitted over a conventional CBR (Constant Bit Rate) broadcasting channel. In this paper, we propose a joint quality control scheme to be able to accurately control the relative picture quality among the video programs, which is achieved by simdt;,nL'Ously controlling the video encoders to generate the VBR (Variable Bit Rate) compressed video streams. Our quality control scheme can prevent the video buffer overflow and underflow by total target bit allocation process, and also exactly control the relative picture quality in terms of PSNR (Peak Signal to Noise Ratio) between some programs requiring higher picture quality and others by rate-distortion modification. Furthermore we present a rate-distortion estimation method for MPEG-2 video, which is base of our joint quality control, and verify its performance by experiments. The most attractive features of this estimation method are as follows: 1) computational complexity is low because main operation for the estimation is to calculate the histogram of OCT coefficients into quantizer; 2) estimation results are very accurate enough to be applied to the practical MPEG-2 video coding applications. Simulation results show that the proposed joint quality control scheme accurately controls the relative picture quality among the video progran1s transmitted over a single channel as well as provides more consistent and higher picture quality than independent coding scheme that encodes each program independently.