• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.1
• /
• pp.111-115
• /
• 2008

We present a simple and effective method to reduce loop-related false alarms raised by buffer-overrun static program analyzer. Interval domain buffer-overrun analyzer raise many false alarms in analyzing programs that frequently use loops and arrays. Firstly, we classified patterns of loop-related false alarms for loop-intensive programs, such as embedded programs or mathematical libraries. After that we designed a simple and effective false alarm refiner, specialized for the loop-related false alarms we classified. After the normal analysis of program in which alarms considered as false. We implemented this method on our buffer-overrun analyzer with the result that our refinement method decreased the number of false alarms by 32% of total amount the analyzer reported.

• Journal of KIISE:Software and Applications
• /
• v.33 no.5
• /
• pp.508-524
• /
• 2006

We present our experience of combining, in a realistic setting, a static analyzer with a statistical analysis. This combination is in order to reduce the inevitable false alarms from a domain-unaware static analyzer. Our analyzer named Airac(Array Index Range Analyzer for C) collects all the true buffer-overrun points in ANSI C programs. The soundness is maintained, and the analysis' cost-accuracy improvement is achieved by techniques that static analysis community has long accumulated. For still inevitable false alarms (e.g. Airac raised 970 buffer-overrun alarms in commercial C programs of 5.3 million lines and 737 among the 970 alarms were false), which are always apt for particular C programs, we use a statistical post analysis. The statistical analysis, given the analysis results (alarms), sifts out probable false alarms and prioritizes true alarms. It estimates the probability of each alarm being true. The probabilities are used in two ways: 1) only the alarms that have true-alarm probabilities higher than a threshold are reported to the user; 2) the alarms are sorted by the probability before reporting, so that the user can check highly probable errors first. In our experiments with Linux kernel sources, if we set the risk of missing true error is about 3 times greater than false alarming, 74.83% of false alarms could be filtered; only 15.17% of false alarms were mixed up until the user observes 50% of the true alarms.

• The KIPS Transactions:PartA
• /
• v.10A no.6
• /
• pp.677-684
• /
• 2003

Most policies of VOD services are mainly studied about server system, and make no touch on clients buffer stabilization which is the basis of guaranteeing playback quality and playing without cut off. In this paper, we proposed a skipping frame transfer policy that can sending dynamic buffer control signal to server in accordance with clients buffer state of starvation or overrun, and server transfers a skipped frame to client after receive the control signal. And through a simulation, we show the suggested policy is more efficiency on playback quality by buffer stabilization which is by preventing loss and miss for receiving frame due to grow worse client buffer state.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.06a
• /
• pp.292-293
• /
• 2007

• Journal of Korea Multimedia Society
• /
• v.1 no.1
• /
• pp.67-79
• /
• 1998

In this paper, we present the design and analyze the transmission rate of a control algorithm for the client buffer on the VOD systems. The design is based on the server's data transmission rate and clients' data consumption rate. The proposed algorithm stabilizes the client's buffer by reducing the oscillation phenomena of the buffer. And it uses the BCT (Buffer Check Time) to reduce the scheduling load of the client system. The client's data consumption rate and the buffer size are calculated on the basis of BCT. In case that the predicted buffer size operates in the overrun or starvation the buffer. As the load fluctuation of the network, the transmission rate control policy cannot stabilize the client's buffer alone. The media scaling policy, therefore, also performs its complementary part in stabilizing the client's buffer, and performance evaluation of the proposed algorithm is provided through simulation.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11b
• /
• pp.964-966
• /
• 2005

아이락(Airac)은 C 프로그램의 버퍼오버런(buffer overrun)오류를 찾아주는 정적 프로그램 분석기(static program analyzer)이다. 아이락은 요약해석(abstract interpretation)의 틀 속에서 디자인되었다. 설계 및 구현 과정에서 프로그램 분석 분야에서 축적되어온 다양한 기술들을 적용하여 분석의 성능 및 정확도 향상을 이룩하였다. 아이락은 리눅스 커널(linux kernel), GNU 소프트웨어, 상용 소프트웨어등에 적용되어 오류를 찾아냈다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.06b
• /
• pp.391-393
• /
• 2006

버퍼 오버런과 같은 소프트웨어의 보안 취약점이 알려진 이후로 이를 해결하기 위한 분석 도구 개발이 다양한 연구그룹에 의해 수행되었다. 하지만 범용 소프트웨어를 분석할 수 있는 실용적인 도구는 않지 않다. 본 논문은 모든 버그를 빠트림 없이 찾는 정적 분석에서 한발 물러나 조금 부정확하지만 빠른 시간안에 보안 취약점을 검출할 수 있는 방법을 소개하고, 버그가 알려진 소프트웨어에 대한 실험 결과를 통해 제안하는 검출기의 실용성을 보인다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.07a
• /
• pp.139-141
• /
• 2005

본 논문에서는 JPEG 파일의 구조를 먼저 살펴하고, MS Windows 운영체제 상에서 비정상적인 JPEG 파일을 접근(open)할 때 발생할 수 있는 버퍼 오버런 취약성(MS04-028)을 재연하여 분석한다. JPEG 파일의 헤더에 코멘트(comment) 부분이 있을 경우 길이 필드가 잘못되어 있고 JPEG 파일의 몸체에 쉘코드(cmd.exe) 생성부분을 가지고 있을 경우, 버퍼(heap) 오버런 공격이 발생되어 예기치 못한 결과들이 발생 할 수 있다. 본 논문에서는 디버거(WinDBG) 및 역공학 도구(IDAPro)를 이용하여, 이러한 JPEG 파일 관련 취약성을 분석하면서 바이너리 코드만 주어진 경우의 취약성 분석 절차를 이해하고 보안 결함 부분을 추적하는 연구를 수행한다.