• The KIPS Transactions:PartC
• /
• v.16C no.5
• /
• pp.555-562
• /
• 2009

In malware accident investigation, the most important thing is detection of malicious code. Signature based anti-virus softwares have been used in most of the accident. Malware can easily avoid signature based detection by using packing or encryption method. Because of this, packed file detection is also important. Detection methods can be divided into signature based detection and entropy based detection. Signature based detection can not detect new packing. And entropy based detection has a problem with false positive. We provides detection method using entropy statistics of entry point section and 'write' properties of essential characteristic of packed file. And then, we show packing detection tool and evaluate its performance.

• Proceedings of the Korean Society of Precision Engineering Conference
• /
• 2002.05a
• /
• pp.561-564
• /
• 2002

With Rapid Prototyping system, the efficient packing in a fixed work volume reduces build time when multiple parts are built in a process. In this paper, an efficient and rapid packing algorithm is developed for SLS system that has cylindrical workspace. A genetic algorithm is implemented to place as many part as possible in a vat. For fast computation, a collision detection algorithm "k-DOPs Tree" is implemented.

• Bulletin of the Korean Chemical Society
• /
• v.27 no.4
• /
• pp.479-483
• /
• 2006

We developed a microfluidic immunoassay platform for the detection of various analytes such as bacterial pathogen by packing antibody-immobilized glass beads in spatially-isolated microchambers on a microfluidic device. Primary amines of antibody were covalently conjugated to carboxyl-terminated glass beads previously treated with aminosilane followed by glutaraldehyde. Through this covalent binding, up to 905 $\mu$g immunoglobulin G (IgG) per gram of glass beads was immobilized. For application, glass beads attaching antibody specific to Escherichia coli O157:H7, a foodborne pathogen, were packed into a microfluidic device and used for the detection of the serotype. This prototype immunoassay device can be used for the simultaneous detection of multiple analytes by sequentially packing different-sized glass beads attaching different antibody in discrete microchambers on a single microfluidic device.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.4
• /
• pp.775-784
• /
• 2019

Malware infringement attacks are continuously increasing in various environments such as mobile, IOT, windows and mac due to the emergence of new and variant malware, and signature-based countermeasures have limitations in detection of malware. In addition, analytical performance is deteriorating due to obfuscation, packing, and anti-VM technique. In this paper, we propose a system that can detect malware based on machine learning by using similarity hashing-based pattern detection technique and static analysis after file classification according to packing. This enables more efficient detection because it utilizes both pattern-based detection, which is well-known malware detection, and machine learning-based detection technology, which is advantageous for detecting new and variant malware. The results of this study were obtained by detecting accuracy of 95.79% or more for benign sample files and malware sample files provided by the AI-based malware detection track of the Information Security R&D Data Challenge 2018 competition. In the future, it is expected that it will be possible to build a system that improves detection performance by applying a feature vector and a detection method to the characteristics of a packed file.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06d
• /
• pp.56-60
• /
• 2010

악성코드의 기능들이 날로 정교해 지면서 악성 행위를 숨기거나 악성코드 분석이 어렵도록 만들기 위한 기법들이 적용되는 것을 쉽게 볼 수 있다. 이 중 악성코드 분석을 어렵게 만드는 대표적인 방식이 Packing이다. 그러므로 악성코드의 분석을 위해 Packing된 악성코드가 어떤 Packer로 Packing되어 있는 지 확인할 필요가 있다. 그러나 현재 사용하는 대부분의 시그니처 기반 탐지 방식은 오탐율 및 미탐율이 높다. 본 논문에서는 Packer 탐지를 위한 새로운 시그니처 생성 방식을 제안하고 성능을 검증한다.

• Journal of environmental and Sanitary engineering
• /
• v.17 no.4
• /
• pp.61-67
• /
• 2002

NIRS(Near infrared spectroscopy) scanning from 1300nm to 2400nm was appl ied for the DEHP(di-(2 ethylhexyl)phthalate) in PVC(polyvinyl chloride_packing material. All samples were devided into calibration group and validation group. As a result of conduction the multiple regression analysis on the correlation between the NIR spectrum data and chemical assay value obtained by the Korea Food Sanitation Act. The validation model for measuring the DEHP content had R of 0.997, SEC of 0.132, SEP of 0.176 by MLR and R of 0.996, SEC of 0.142, SEP of 0.198 by PLS and the detection limit was 0.1%. The obtained results indicate that the NIR procedure can potentially be used as a nondestructive analysis method for the purpose of rapid and simple measurement of DEHP in PVC packing material.

• Proceedings of the KIEE Conference
• /
• 2005.11a
• /
• pp.207-209
• /
• 2005

Ultra wide band electromagnetic energy can be transmitted to a far field by emitting the nanoseconds high voltage pulse electromagnetic energy via an antenna. This UWB EM energy is expected to be used in post-packing pasteurization of food, detection of buried objects or underground water veins and caves and the treatment of waste water or polluted gas. The nanoseconds pulse forming for UWB generation using high voltage blumlein line and an ultrafast switch is mentioned.

• Proceedings of the KIEE Conference
• /
• 2005.07c
• /
• pp.2123-2125
• /
• 2005

Ultra wide band electromagnetic energy can be transmitted to a far field by emitting the nanoseconds high voltage Pulse electromagnetic energy via an antenna. This UWB EM energy is expected to be used in post-packing pasteurization of food, detection of buried objects or underground water veins and caves and the treatment of waste water or polluted gas. The nanoseconds pulse forming for UWB generation using 500kV blumlein line and an ultrafast switch is mentioned.

• Journal of Food Hygiene and Safety
• /
• v.28 no.4
• /
• pp.376-380
• /
• 2013

Determination of PFOS in instant food packing materials by LC-MS/MS was developed. The procedure involves an extraction of the Food Packing Materials with 100% methanol soxcelet extraction method. The LC separation was performed by Hypersil Gold ($150mm{\times}2.1mm$ 5 um) with mobile phases of 2 mM amoniumacetate solution and acetonitrile. The Mass spectral acquisition was done in negative ESI/SRM using the TSQ Quantum Ultra. With this method, good linear relationship, sensitivity and reproducibility were obtained. The rate of recoveries of PFOS from paper material spiked with 1.0 ug/L were 99.84%, respectively. The limit of quantitation and limit of detection were below 0.03 ug/L and 0.009 ug/L. The method had been applied to determination of PFOS in instant food packing materials.

• International Journal of Advanced Culture Technology
• /
• v.9 no.4
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.