• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.171-179
• /
• 2022

Self-Modifying-Code is a code that changes the code by itself during execution time. This technique is particularly abused by malicious code to bypass static analysis. Therefor, in order to effectively detect such malicious codes, it is important to identify self-modifying-codes. In the meantime, Self-modify-codes have been analyzed using dynamic analysis methods, but this is time-consuming and costly. If static analysis can detect self-modifying-code it will be of great help to malicious code analysis. In this paper, we propose a static analysis method to detect self-modified code for binary executable programs converted to LLVM IR and apply this method by making a self-modifying-code benchmark. As a result of the experiment in this paper, the designed static analysis method was effective for the standardized LLVM IR program that was compiled and converted to the benchmark program. However, there was a limitation in that it was difficult to detect the self-modifying-code for the unstructured LLVM IR program in which the binary was lifted and transformed. To overcome this, we need an effective way to lift the binary code.

• Proceedings of the KSR Conference
• /
• 2002.10b
• /
• pp.884-891
• /
• 2002

This report is the result performed the structural analysis and the static and fatigue load test of bogie frame for the purpose of designing and verifying the bogie frame which satisfy the load condition required in the UIC code. This investigation is proposed the efficient draft of the design to satisfy the load condition required in the UIC code. And It is performed the structural analysis to evaluate the static strength and the fatigue life of the patient material and the welded part. Also, This is proposed the efficient draft of the test to satisfy the method of the static and fatigue test required in the UC code. And it is carried out the static and the fatigue load test to verify it. We can designed the bogie frame in compliance with UIC 515-4 and 615-4 code.

• International Journal of Advanced Culture Technology
• /
• v.9 no.4
• /
• pp.288-294
• /
• 2021

There are various ways to be infected with malicious code due to the increase in Internet use, such as the web, affiliate programs, P2P, illegal software, DNS alteration of routers, word processor vulnerabilities, spam mail, and storage media. In addition, malicious codes are produced more easily than before through automatic generation programs due to evasion technology according to the advancement of production technology. In the past, the propagation speed of malicious code was slow, the infection route was limited, and the propagation technology had a simple structure, so there was enough time to study countermeasures. However, current malicious codes have become very intelligent by absorbing technologies such as concealment technology and self-transformation, causing problems such as distributed denial of service attacks (DDoS), spam sending and personal information theft. The existing malware detection technique, which is a signature detection technique, cannot respond when it encounters a malicious code whose attack pattern has been changed or a new type of malicious code. In addition, it is difficult to perform static analysis on malicious code to which code obfuscation, encryption, and packing techniques are applied to make malicious code analysis difficult. Therefore, in this paper, a method to detect malicious code through dynamic analysis and static analysis using Trojan-type Downloader/Dropper malicious code was showed, and suggested to malicious code detection and countermeasures.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1689-1705
• /
• 2023

To deal with the potential XSS vulnerabilities in the source code of the power communication network, an XSS vulnerability detection method combining the static analysis method with the dynamic testing method is proposed. The static analysis method aims to analyze the structure and content of the source code. We construct a set of feature expressions to match malignant content and set a "variable conversion" method to analyze the data flow of the code that implements interactive functions. The static analysis method explores the vulnerabilities existing in the source code structure and code content. Dynamic testing aims to simulate network attacks to reflect whether there are vulnerabilities in web pages. We construct many attack vectors and implemented the test in the Selenium tool. Due to the combination of the two analysis methods, XSS vulnerability discovery research could be conducted from two aspects: "white-box testing" and "black-box testing". Tests show that this method can effectively detect XSS vulnerabilities in the source code of the power communication network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.605-615
• /
• 2018

Due to the rapid growth of the Internet of Things market, the use of the C/C++ language, which is the most widely used language in embedded systems, is also increasing. To improve the quality of code in the C/C++ language and reduce development costs, it is better to use static analysis, a software verification technique that can be performed in the first half of the software development life cycle. Many programs use static analysis to verify software safety and many static analysis tools are being used and studied. In this paper, we use Clang static analysis tool to check security weakness detection performance of verified test code. In addition, we compared the static analysis results of the test codes applied with the source obfuscation techniques, layout obfuscation, data obfuscation, and control flow obfuscation techniques, and the static analysis results of the original test codes, Analyze the detection ability impact of the Clang static analysis tool.

• Journal of Information Technology Services
• /
• v.17 no.3
• /
• pp.171-189
• /
• 2018

To remove software defects and improve performance of software, many developers perform code inspections and use static analysis tools. A code inspection is an activity that is performed manually to detect software defects in the developed source. However, there is no clear criterion which source codes are inspected. A static analysis tool can automatically detect software defects by analyzing the source codes without running the source codes. However, it has disadvantage that analyzes only the codes in the functions without analyzing the relations among source functions. The functions in the source codes are interconnected and formed a social network. Functions that occupy critical locations in a network can be important enough to affect the overall quality. Whereas, a static analysis tool merely suggests which functions were called several times. In this study, the core functions will be elicited by using social network analysis and DEA (Data Envelopment Analysis) for CUBRID open database sources. In addition, we will suggest clear criteria for selecting the target sources for code inspection and will suggest ways to find core functions to minimize defects and improve performance.

• International Journal of Highway Engineering
• /
• v.14 no.5
• /
• pp.1-9
• /
• 2012

PURPOSES: A viscoelastic axisymmetric finite element analysis code has been developed for stress analysis of asphalt pavement structures. METHODS: Generalized Maxwell Model (GMM) and 4-node isoparametric element were employed for finite element formulation. The code was developed using $C^{+}^{+}$ computer program language and named as KICTPAVE. For the verification of the developed code, a structural model of a pavement system was constructed. The structural model was composed of three layers: asphalt layer, crushed stone layer, and soil subgrade. Two types of analysis were considered for the verification: (1)elastic static analysis, (2)viscoelastic time-dependent analysis. For the elastic static analysis, linear elastic material model was assigned to all the layers, and a static load was applied to the structural model. For the viscoelastic time-dependent analysis, GMM and linear elastic material model were assigned to the asphalt layer and all the other layers respectively, and a cyclic loading condition was applied to the structural model. RESULTS: The stresses and deformations from KICTPAVE were compared with those from ABAQUS. The analysis results obtained from the two codes showed good agreement in time-dependent response of the element under the loading area as well as the surface deformation of asphalt layer, and horizontal and vertical stresses along the axisymmetric axis. CONCLUSIONS: The validity of KICTPAVE was confirmed by showing the agreement of the analysis results from the two codes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1131-1139
• /
• 2020

The static analysis of the source code is to find the remaining security weaknesses for a wide range of source codes. The static analysis tool is used to check the result, and the static analysis expert performs spying and false detection analysis on the result. In this process, the amount of analysis is large and the rate of false positives is high, so a lot of time and effort is required, and a method of efficient analysis is required. In addition, it is rare for experts to analyze only the source code of the line where the defect occurred when performing positive/false detection analysis. Depending on the type of defect, the surrounding source code is analyzed together and the final analysis result is delivered. In order to solve the difficulty of experts discriminating positive and false positives using these static analysis tools, this paper proposes a method of determining whether or not the security weakness found by the static analysis tools is a spy detection through artificial intelligence rather than an expert. In addition, the optimal size was confirmed through an experiment to see how the size of the training data (source code around the defects) used for such machine learning affects the performance. This result is expected to help the static analysis expert's job of classifying positive and false positives after static analysis.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.147-155
• /
• 2010

It has been widely addressed that static analysis techniques can play important role in identifying potential security vulnerability reside in source code. This paper proposes the design and application of security metrics that use both vulnerability information extracted from the static analysis, and significant factors of information that software handles. The security metrics are useful for both developers and evaluators in that the metrics help them identity source code vulnerability in early stage of development. By effectively utilizing the security metrics, evaluators can check the level of source code security, and confirm the final code depending on the characteristics of the source code and the security level of information required.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2354-2376
• /
• 2020

SmartThings is one of the most popular open platforms for home automation IoT solutions that allows users to create their own applications called SmartApps for personal use or for public distribution. The nature of openness demands high standards on the quality of SmartApps, but there have been few studies that have evaluated this thoroughly yet. As part of software quality practice, code reviews are responsible for detecting violations of coding standards and ensuring that best practices are followed. The purpose of this research is to propose systematically designed quality metrics under the well-known Goal/Question/Metric methodology and to evaluate the quality of SmartApps through automatic code reviews using a static analysis. We first organize our static analysis rules by following the GQM methodology, and then we apply the rules to real-world SmartApps to analyze and evaluate them. A study of 105 officially published and 74 community-created real-world SmartApps found a high ratio of violations in both types of SmartApps, and of all violations, security violations were most common. Our static analysis tool can effectively inspect reliability, maintainability, and security violations. The results of the automatic code review indicate the common violations among SmartApps.