• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.04a
• /
• pp.424-427
• /
• 2015

근래 들어 모바일 기기의 시스템을 장악하여 사용자의 기밀 정보를 빼내는 악성 행위의 한 방법으로 Code Reuse Attack (CRA)이 널리 사용되고 있다. 이와 같은 CRA를 막기 위하여 call-return이 일어날 때마다 이들 address를 비교해 보는 shadow stack과 branch에 대한 몇 가지 규칙을 두어 CRA 를 탐지하는 branch regulation과 같은 방식이 연구되었다. 우리는 shadow stack과 branch regulation을 종합하여 여러 종류의 CRA를 적은 성능 오버헤드로 탐지할 수 있는 CRA Detection System을 만들고자 한다. 이를 위하여 반드시 선행 되어야 할 연구인 바이너리 파일 분석과 meta-data 생성 및 압축 기술을 제안한다. 실험 결과 생성된 meta-data는 압축 기술을 적용하기 전보다 1/2에서 1/3 가량으로 그 크기가 줄어들었으며 CRA Detection System의 탐지가 정상적으로 동작하는 것 또한 확인할 수 있었다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2576-2590
• /
• 2020

The fundamental reason why most SQL injection detection methods are difficult to use in practice is the low reusability of the implementation code. This paper presents a reusable SQL injection detection method for Java Web applications based on AOP (Aspect-Oriented Programming) and dynamic taint analysis, which encapsulates the dynamic taint analysis processes into different aspects and establishes aspect library to realize the large-grained reuse of the code for detecting SQL injection attacks. A metamodel of aspect library is proposed, and a management tool for the aspect library is implemented. Experiments show that this method can effectively detect 7 known types of SQL injection attack such as tautologies, logically incorrect queries, union query, piggy-backed queries, stored procedures, inference query, alternate encodings and so on, and support the large-grained reuse of the code for detecting SQL injection attacks.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.43 no.9 s.351
• /
• pp.31-37
• /
• 2006

Low-density parity-check (LDPC) codes are recently emerged due to its excellent performance. The standard for European high definition satellite digital video broadcast, DVB-S2 has adopted LDPC codes as a channel coding scheme. This paper proposes a DVB-S2 LDPC decoder architecture using a hybrid parity check matrix which is efficient in hardware implementation for both decoders and encoders. The hybrid H-matrices are constructed so that both the semi-random technique and the partly parallel structure can be applied to design encoders and decoders. Using the hybrid H-matrix scheme, the architecture of LDPC decoder for DVB-S2 can be very practical and efficient. In addition, we show a new Variable Node processor Unit (VNU) architecture to reuse the VNU for various code rates and optimized block memory placement to reuse. We design a DVB-S2 LDPC decoder of code rate 1/2 usng the proposed architecture. We estimate the performance of the DVB-S2 LDPC decoder and compare it with other decoders.

• Proceedings of the Korea Contents Association Conference
• /
• 2005.05a
• /
• pp.475-479
• /
• 2005

In this paper we constructed semantic net that can efficiently conform retrieval and reuse of object-oriented source code. In odor that initial relevance of semantic net was constructed using thesaurus to represent concept of object-oriented inheritance between each node. Also we made up for the weak points in spreading activation method that use to activate node and line of semantic net and to impulse activation value. Therefore we proposed the method to enhance retrieval time and to keep the quality of spreading activation.

• Proceedings of the Korea Society for Simulation Conference
• /
• 1999.04a
• /
• pp.227-231
• /
• 1999

디자인 패턴은 소프트웨어 -특히, 객체지향 소프트웨어- 의 개발시 재 사용성을 높기 위해서 사용되며, 이는 상속(Inheritance)과 같은 코드레벨 재사용 (code reuse) 보다 높은 레벨의 디자인 재사용 (design reuse)을 가능하게 한다. 디자인 패턴은 구체적인 문제에 대해 구체적인 해를 제공하는 cookbook과는 달리, 추상적인 문제에 대해 추상적인 해를 제시함으로써, 비슷한 부류의 문제에 적용할 수 있으므로 높은 재 사용성을 보장한다. 본 논문은 Retargetable한 특성을 갖는 Instruction set simulator의 개발에 디자인 패턴을 적용한 예를 보여줌으로써, 재 사용성 및 확장성을 높이는 방안을 소개한다.

• ETRI Journal
• /
• v.25 no.6
• /
• pp.464-474
• /
• 2003

Component-based development leverages software reusability and reduces development costs. Enterprise JavaBeans (EJB) is a component model developed to reduce the complexity of software development and to facilitate reuse of components. However, EJB does not support component assembly by a plug-and-play technique due to the hard-wired composition at the code level. To cope with this problem, an architecture for EJB component assembly is defined at the abstract level and the inconsistency between the system architecture and its implementation must be eliminated at the implementation level. We propose a component-based application development tool named the COBALT assembler that supports the design and implementation of EJB component assembly by a plug-and-play technique based on the architecture style. The system architecture is first defined by the Architecture Description Language (ADL). The wrapper code and glue code are then generated for the assembly. After the consistency between the architecture and its implementation is checked, the assembled EJB components are deployed in an application server as a new composite component. We use the COBALT assembler for a shopping mall system and demonstrate that it can promote component reuse and leverage the system maintainability.

• Journal of Multimedia Information System
• /
• v.4 no.4
• /
• pp.255-262
• /
• 2017

In recent software development, repetitive code fragments (i.e., clones) are common due to the copy-and-paste programming practice, the framework-based development, or the reuse of same design patterns. Such similar code fragments are likely to introduce more bugs but are easily disregarded by a code reviewer or a programmer. In this paper, we present a code review tool to help code reviewers identify important code changes written by other programmers and recommend which changes need to be reviewed first. Specifically, to identify important code changes, our approach detects code clones across revisions and investigates them. Then, to help a code reviewer, our approach ranks the identified changes in accordance with several software quality metrics and statistics on those clones and changes. Furthermore, our approach allows the code reviewer to express their preferences during code review time. As a result, the code reviewer who has little knowledge of a code base can reduce his or her effort by reviewing the most significant changes that require an instant attention. To evaluate our approach, we integrated our approach with a modern IDE (e.g., Eclipse) as a plugin and then analyzed two third-party open source projects. The experimental results indicate that our approach can improve code reviewer's productivity.

• KIPS Transactions on Software and Data Engineering
• /
• v.6 no.7
• /
• pp.337-352
• /
• 2017

Clone-and-own reuse is an approach to creating new software variants by copying and modifying existing software products. A family of legacy software products developed by clone-and-own reuse often requires high maintenance cost and tends to be error-prone due to patch-ups without refactoring and structural degradation. To overcome these problems, many organizations that have used clone-and-own reuse now want to migrate their legacy products to software product line (SPL) for more systematic reuse and management of software asset. However, with most of existing methods, variation points are embedded directly into design and code rather than modeled and managed separately; variation points are not created ("engineered") systematically based on a variability model. This approach causes the following problems: it is difficult to understand the relationships between variation points, thus it is hard to maintain such code and the asset tends to become error-prone as it evolves. Also, when SPL evolves, design/code assets tend to be modified directly in an ad-hoc manner rather than engineered systematically with appropriate refactoring. To address these problems, we propose a feature-oriented method for extracting a SPL asset from a family of legacy applications. With the approach, we identify and model variation points and their relationships in a feature model separate from implementation, and then extract and manage a SPL asset from legacy applications based on the feature model. We have applied the method to a family of legacy Notepad++ products and demonstrated the feasibility of the method.

• Journal of the Korea Society of Computer and Information
• /
• v.3 no.3
• /
• pp.47-53
• /
• 1998

This Paper describes design and implementation of the Class Library Management System(CLMS) that is used to efficiently software reuse. Communication softwares are various and wide. They continually must be modified themselves for new demand. maintained previous modules, and extended for new service. Software reuse will have been enhanced of software quality and software developer's productivity The CLMS consists of the Class Register, the Class Retriever, and the Class Browser. The CLMS considered reuse of source code and SDL design specifications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1611-1625
• /
• 2019

The emergence of new technologies and devices brings a new environment in the field of cyber security. It is not easy to predict possible security threats about new environment every time without special criteria. In other words, most malicious codes often reuse malicious code that has occurred in the past, such as bypassing detection from anti-virus or including additional functions. Therefore, we are predicting the security threats that can arise in a new environment based on the history of repeated malicious code. In this paper, we classify and define not only the internal information obtained from malicious code analysis but also the features that occur during infection and attack. We propose a method to predict and manage security threats in new environment by continuously managing and extending.