• The KIPS Transactions:PartD
• /
• v.15D no.5
• /
• pp.713-720
• /
• 2008

Fingerprinting scheme uses digital watermarks to trace originator of unauthorized or pirated copies, however, multiple users may collude and escape identification by creating an average or median of their individually watermarked copies. Previous research works are based on ACC (anti-collusion code) for identifying each user, however, ACC are shown to be resilient to average and median attacks, but not to LCCA and cannot support large number of users. In this paper, we propose a practical SACC (scalable anti-collusion code) scheme and its angular decoding strategy to support a large number of users from basic ACC (anti-collusion code) with LCCA (linear combination collusion attack) robustness. To make a scalable ACC, we designed a scalable extension of ACC codebook using a Gaussian distributed random variable, and embedded the resulting fingerprint using human visual system based watermarking scheme. We experimented with standard test images for colluder identification performance, and our scheme shows good performance over average and median attacks. Our angular decoding strategy shows performance gain over previous decoding scheme on LCCA colluder set identification among large population.

• Journal of KIISE
• /
• v.41 no.10
• /
• pp.859-869
• /
• 2014

In recent years, the obfuscation techniques are commonly exploited to protect malwares, so obfuscated malwares have become a big threat. Especially, it is extremely hard to analyze virtualization-obfuscated malwares based on unusual virtual machines, because the original program is hidden by the virtual machine as well as its semantics is mixed with the semantics of the virtual machine. To confront this threat, we suggest a framework to analyze virtualization-obfuscated programs based on the dynamic analysis. First, we extract the dynamic execution trace of the virtualization-obfuscated executables. Second, we analyze the traces by translating machine instruction sequences into the intermediate representation and extract the virtual machine architecture by constructing dynamic context flow graphs. Finally, we extract abstract semantics of the original program using the extracted virtual machine architecture. In this paper, we propose a method to extract the information of the original program from a virtualization-obfuscated program by some commercial obfuscation tools. We expect that our tool can be used to understand virtualization-obfuscated programs and integrate other program analysis techniques so that it can be applied to analysis of the semantics of original programs using the abstract semantics.

• The KIPS Transactions:PartD
• /
• v.13D no.7 s.110
• /
• pp.977-984
• /
• 2006

This paper is intended to trace and management of drug based on RFID Technology at a circulation market, from manufacturer to end user, of drug. To avoid counterfeit and generic drug and establish of order in the circulation of drug, at the moment of manufacturing, tags for each bottle and each box are tagged. and then from factory to hospital, through whole logistics, e-pedigree for the drug is made and monitored. Using inventory information, it is easy to manage and control stock of drug. In addition to, RFID System enables storing and delivery to be simple, process time to be shortened. As this research is to study of applying RFID to drug, in this paper, standard RFID code for drug is suggested and tried to apply domestic middle win. Finally, the result of tag pattern design and how to tag for the drug based on 90Mhz is proposed

• The KIPS Transactions:PartA
• /
• v.13A no.3 s.100
• /
• pp.205-210
• /
• 2006

To assist developing robust multithreaded software, we develop a thread monitoring system for multithreaded Java programs, which can trace or monitor running threads and synchronization. We design a monitoring system which has options to select interesting threads and synchronizations. Using this tool, programmers can monitor only interesting threads and synchronization in more details by selecting options. It also provides profile information after execution, which summarizes behavior of running threads and synchronizations during execution. We implement the system based on code inlining, and presents some experimental results.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2003.05b
• /
• pp.326-329
• /
• 2003

최근 인터넷을 대상으로 한 사이버 공격의 공격 경향은 분산 환경에서 다수 공격자의 대규모 분산 서비스 거부 공격(DoS)의 출현 및 해외 해커들의 국내 전산망을 우회 루트로 활용한 사례의 증가 등 고도화된 불법 행위가 점차 범죄의 강력한 수단으로 이용되는 추세에 있다. 본 논문은 기존 네트워크에서 해당 네트워크의 침입자의 트래픽 차단 방법의 취약점을 보완하여 2-MAC 인증 패킷을 이용한 효율적인 공격자 추적기법을 제안하였다. 제안된 방식은 기존 시스템에서의 NIC(Network Interface Card)의 물리적 주소인 MAC(Media Access Control)과 메시지 인증코드(MAC： Message Authentication Code)를 이용한 방식을 제안하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06c
• /
• pp.560-565
• /
• 2010

가상 머신은 중간코드로 컴파일 되어 한 프로그램을 여러 플랫폼에서 수행 가능하게 한다. 이러한 가상 머신에는 이미 널리 알려진 썬 마이크로시스템즈의 자바 가상 머신과 구글의 안드로이드 플랫폼의 달빅 가상 머신 그리고 애플이 지원하는 LLVM 등이 있으며, 파이어폭스의 TraceMonkey, 구글 크롬의 v8, 사파리의 SquirrelFish Extreme 같은 자바스크립트 엔진도 일종의 가상 머신으로 볼 수 있다. 가상 머신은 필연적으로 성능 저하를 동반하게 되는데, 이는 가상 머신의 주요 이슈 중 하나이다. 본 논문에서는 간단한 벤치마크를 통해서 이들 가상 머신간의 성능을 비교하고, 각 가상 머신의 특징을 알아본다. LLVM은 여러 단계에 걸친 컴파일 전략으로 JIT 컴파일을 사용하였을 때 높은 성능을 보이나 JIT 컴파일을 사용하지 않았을 경우는 매우 낮은 성능을 보인다. 달빅 가상 머신은 인터프리터 모드에서 자바 가상 머신 보다 조금 나았으나, 아직 개발된 지 얼마 되지 않아 JIT 컴파일러가 없다는 것이 약점이다. 자바스크립트 엔진들은 동적 언어인 자바스크립트를 지원하는 특성상 최적화를 적용하지 못해 비교적 낮은 성능을 보였다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.2
• /
• pp.263-277
• /
• 2021

Taint analysis techniques are popularly used to detect web vulnerabilities originating from unverified user input data, such as Cross-Site Scripting (XSS) and SQL Injection, in web applications written in JavaScript. To detect such vulnerabilities, it would be necessary to trace variables affected by user-submitted inputs. However, because of the dynamic nature of JavaScript, it has been a challenging issue to identify those variables without running the web application code. Therefore, most existing taint analysis tools have been developed based on dynamic taint analysis, which requires the overhead of running the target application. In this paper, we propose a novel static taint analysis technique using symbol information obtained from the TypeScript (a superset of JavaScript) compiler to accurately track data flow and detect security vulnerabilities in TypeScript code. Our proposed technique allows developers to annotate variables that can contain unverified user input data, and uses the annotation information to trace variables and data affected by user input data. Since our proposed technique can seamlessly be incorporated into the TypeScript compiler, developers can find vulnerabilities during the development process, unlike existing analysis tools performed as a separate tool. To show the feasibility of the proposed method, we implemented a prototype and evaluated its performance with 8 web applications with known security vulnerabilities. We found that our prototype implementation could detect all known security vulnerabilities correctly.

• Fire Science and Engineering
• /
• v.29 no.6
• /
• pp.33-39
• /
• 2015

In this paper, a numerical experiment was conducted to find out the optimal location of electrical heat trace for anti-freeze of water inside the CPVC pipe for fire protection. The unsteady incompressible Navier-Stokes equations coupled with energy equation were solved. Since the conduction equation of pipe was coupled with the natural convection of water, the analysis of conjugate heat transfer was conducted. A commercial code (ANSYS-FLUENT) based on SIMPLE-type algorithm was used for investigating the unsteady flows and temperature distributions in water region. From the present numerical experiment, it has been found that the vector field of water inside the PVC pipe is opposite to the case of steel because of the huge difference of material properties of the two pipes. Furthermore, it was found that the lowest part of the pipe was an optimal position for electrical heat trace since the minimum water temperature of the case was higher than those of the other cases.

• Journal of KIISE:Information Networking
• /
• v.30 no.6
• /
• pp.755-763
• /
• 2003

To improve performance over noisy wireless channels, mobile wireless networks employ forward error correction(FEC) techniques. The performance of static FEC algorithms, however, degrades by poorly matching the overhead of their correction code to the degree of the fluctuating underlying channel error. This paper proposes an adaptive FEC technique called FECA(FEC-level Adaptation), which dynamically tunes FEC strength to the currently estimated channel error rate at the data link layer. FECA is suitable for wireless networks whose error rate is high and slowly changing compared to the round-trip time between two communicating nodes. One such example network would be a sensor network in which the average bit error rate is higher than $10^{-6}$ and the detected error rate at one time lasts a few hundred milliseconds on average. Our experiments show that FECA performs 15% in simulations with theoretically modeled wireless channels and in trace-driven simulations based on the data collected from real sensor networks better than any other static FEC algorithms.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.12
• /
• pp.127-134
• /
• 2020

Recently, Harmful sites, including pornographic videos, drugs, personal information and hacking tool distribution sites, have caused serious social problems. However, due to the nature of the Internet environment where anyone can use it freely, it is difficult to control the user effectively. And the site operator operates by changing the domain to bypass the blockage. Therefore, even once identified sites have low persistence. In this paper, we propose multi-channel domain tracking technology, a technique that can effectively track changes in the domain addresses of harmful sites, including the same or similar content, by tracking changes in these harmful sites. Proposed technology is a technology that can continuously track information in a domain using OSINT technology. We tested and verified that the proposed technology was effective for domain tracking with a 90.4% trace rate (sensing 66 changes out of 73 domains).