Vol. 45, No. 12,
Dec. 2018
Digital Library
Binary Vulnerability Analysis Framework Combining Static and Dynamic Analyses
Seoksu Lee, Wonchan Oh, Sunnyeo Park, Eun-Sun Cho, In Sung Baek
http://doi.org/10.5626/JOK.2018.45.12.1217
Binary program analyses are considered harder than source level analyses, due to the lack of semantic information. Thus, experts frequently combine multiple tools in analyzing binary programs. However, such analysis tools require different prerequisites like various formats of information to deliver based on various working environments, so that even qualified experts would have difficulties in integrating multiple analysis tools. This paper proposes a framework to allow the combination of different analysis tools with various characteristics. The proposed framework aims to integrate a static anlysis and a dynamic analysis which might need different execution environments and other prerequisites. We have also provided prototypes built with realworld tools including IDA Pro and angr, based on the proposed framework, so as to demonstrate its feasibility and performance improvement.
A Data Replacement Scheme considering Data Transfer in a Scientific Workflow and Change in the Experimental Environment
Julim Ahn, Heewon Kim, Yoonhee Kim
http://doi.org/10.5626/JOK.2018.45.12.1227
Scientific workflow applications have a large amount of data scattered in the data center, and as they use and execute applications, the execution results may vary depending on the location of the stored data. The location of the intermediate data produced during execution also affects the transmission. So, it is important for the location of the data to minimize the data transfer time and size. Therefore, we propose data placement considering the state of dynamically changing resources for data-intensive workflow applications. Considering the dynamically changing state of the resource during the execution of the task, the replacements in the data-intensive steps lead to a reduction in the data transfer time and the size of the transfer data.
Malware Detection Model with Skip-Connected LSTM RNN
Jangseong Bae, Changki Lee, Suno Choi, Jonghyun Kim
http://doi.org/10.5626/JOK.2018.45.12.1233
A program can be viewed as a sequence of consecutive Opcodes in which malware is a malicious program. In this paper, we assume that the program is a sequence of Opcodes with semantic information and detect the malware using the Long Short-Term Memory Recurrent Neural Network (LSTM RNN), which is a deep learning model suitable for sequence data modeling. For various experiments, the Opcode sequence is divided into a uni-gram sequence and a tri-gram sequence and used as the input features of the various deep learning models. Several deep learning models use the input Opcodes sequence to determine whether the program is a normal file or malware. We also show that the proposed Skip-Connected LSTM RNN model is superior to the LSTM encoder and the Convolutional Neural Network(CNN) model for malware detection. Experimental results show that the Skip-Connected LSTM RNN model has better performance than the LSTM encoder and CNN model in the Opcode sequence tri-gram data.
Inferring User Traits from Applications Installed on a Smart Phone
Hongdo Ki, Jaehong Lee, Heewoong Park, Moon-jung Chae, Sangwoo Choi, Jonghun Park
http://doi.org/10.5626/JOK.2018.45.12.1240
Needs for customized services are increasing as a smart phone personalized device, has been used generally. Demographic information is beneficial for customized services, so inferring user traits based various data using statistical learning has been actively studied. This study conducted experiments of inferring user traits with a list of installed applications differed by users’ interest and lifestyle, and may can be accessed easily as a snapshot without explicit permission. Four feature vectors are used for inferring user traits, including vectors using application category or description that can be collected from the application market. Especially, one of the feature vectors is generated by applying Doc2Vec, a text embedding method based on a neural network, to application description. The application selection method we proposed is also used to achieve better performances than could be achieved by using all applications on the list. Last, we collected 100 lists of installed applications for experiments of inferring gender, age, relationship status, residential type, living together or not, income, outcome, height, weight, religion, semester and college, and confirmed effectiveness of proposed feature vectors and the application selection method.
Effect Scene Detection using Multimodal Deep Learning Models
Jeongseon Lim, Mikyung Han, Hyunjin Yoon
http://doi.org/10.5626/JOK.2018.45.12.1250
A conventional movie can be converted into a 4D movie by identifying effect scenes. In order to automate this process, in this paper, we propose a multimodal deep learning model that detects effect scenes using both visual and audio features of a movie. We have classified effect/non-effect scenes using audio-based Convolutional Recurrent Neural Network (CRNN) model and video-based Long Short-term Memory (LSTM) and Multilayer Perceptron (MLP) model. Also, we have implemented feature-level fusion. In addition, based on our own observation that effects typically occur during non-dialog scenes, we further detected non-dialog scenes using audio-based Convolutional Neural Network (CNN) model. Subsequently, the prediction scores of audio-visual effect scene classification and audio-based non-dialog classification models were combined. Finally, we detected sequences of effect scenes of the entire movie using prediction score of the input window. Experiments using real-world 4D movies demonstrate that the proposed multimodal deep learning model outperforms unimodal models in terms of effect scene detection accuracy.
Korean Machine Reading Comprehension with S²-Net
Cheoneum Park, Changki Lee, Sulyn Hong, Yigyu Hwang, Taejoon Yoo, Hyunki Kim
http://doi.org/10.5626/JOK.2018.45.12.1260
Machine reading comprehension is the task of understanding a given context and identifying the right answer in context. Simple recurrent unit (SRU) solves the vanishing gradient problem in recurrent neural network (RNN) by using neural gate such as gated recurrent unit (GRU), and removes previous hidden state from gate input to improve speed. Self-matching network is used in r-net, and this has a similar effect as coreference resolution can show similar semantic context information by calculating attention weight for its RNN sequence. In this paper, we propose a S²-Net model that add self-matching layer to an encoder using stacked SRUs and constructs a Korean machine reading comprehension dataset. Experimental results reveal the proposed S²-Net model has EM 70.81% and F1 82.48% performance in Korean machine reading comprehension.
API-call Constraint Checking Considering Alarms and ISRs for IoT Device Control Software
http://doi.org/10.5626/JOK.2018.45.12.1269
The IoT operating system provides a set of API functions for applications along with a set of API-call constraints and all the applications are required to use API in accordance with these constraints. Improper use of API can result in breaking of system integrity and system failure. The prior study introduced a method for API-call constraint checking by converting the operating system and application into formal models and identifying API-call constraint violation scenarios through model checking. But, Alarms that should be considered for actual time or interrupts that can occur arbitrarily were left out of the scope of the verification. This study introduces the method for verifying API-call constraints considering the Alarms and ISRs. The actual time of an alarm is converted to the relative time of the formal model, and interrupts are defined to be generated anytime to activate an ISR in the verification model. Application of the verification method to 19 IoT applications led to the detection of a total of 34 API-call constraint violations, 15 of which were not detected due to lack of consideration of Alarms and/or ISRs.
Visual Scene Understanding with Contexts
http://doi.org/10.5626/JOK.2018.45.12.1279
In this paper, as a visual scene understanding problem, we address the problem of generating corresponding scene graphs and image captions from input images. While a scene graph is a formal knowledge representation expressing in-image objects and their relationships, an image caption is a natural language sentence describing the scene captured in the given image. To address the problem effectively, we propose a novel deep neural network model, CSUN(Context-based Scene Understanding Network), to generate two different representations in a complementary way, by exchanging useful contexts with each other. The proposed model consists of three different layers, such as object detection, relationship detection, and caption generation, each of which makes use of proper context to accomplish its own task. To evaluate performance of the proposed model, we conduct various experiments on a large-scale benchmark dataset, Visual Genome. Through these experiments, we demonstrate that our model using useful contexts, achieves significant improvements in accuracy over state-of-the-art models.
Measuring Semantic Orientation of Words using Temporal Difference Learning
http://doi.org/10.5626/JOK.2018.45.12.1287
Temporal-difference(TD) learning is a core algorithm of reinforcement learning, which employs models of Markov process. In the TD methods, rewards are always discounted by a discount factor and states receive these discounted values as their rewards. In this paper, we attempted to estimate a semantic orientation of words in texts using the TD-based methods and examined the effectiveness of the proposed methods by comparing them to existing feature selection methods (indirect approach) and Bayes probabilities (direct approach). The TD-based estimation would be useful for tasks of social opinion mining, since TD learning is inherently an on-line method. In order to show our approach is scalable to huge data, the estimation method is also evaluated using asynchronous parallel processing.
An Analysis of Linear Argumentation Structure of Korean Debate Texts Using Sequential Modeling and Linguistic Features
http://doi.org/10.5626/JOK.2018.45.12.1292
Current studies on argument mining provide tree-structured argumentation structures based on relational nuclearities and discourse relations between sentences in each document. In this case, inconsistencies between related sentences may occur, constructing a full argumentation structure for a document by the bottom-up method. This paper introduces relations between the topic of texts and sentences to provide a frame of argumentation structure. Automatic analysis of argumentation structure uses contextual information from documents, as argument types defined for each sentence are applied to the sequential model. In this paper, we vectorized sentences using bag-of-words of morphemes, word embedding of morphemes, and some linguistic features extracted from the sentence respectively, and used those vectors as inputs of models to predict argument types in the document. As a result, the combination of linguistic features and the sequential model revealed the best result in the experiment, showing 0.68 as the f1-score.
A Predictive Query Processing Method Considering the Movement of both a User and Objects
http://doi.org/10.5626/JOK.2018.45.12.1302
Recently, with the increase in use of mobile devices such as smart phones and tablet PCs with GPS, it is possible to analyze a large volume of data aggregated from various sensors. Accordingly, a variety of location-based services (LBSs) have attracted attention. To effectively provide these services, techniques for efficient spatial query processing have been studied. In this paper, we propose a method to overcome the limitation of not returning the desired query result to the user, because existing studies did not consider movement of the user. Specifically, we propose an algorithm to efficiently process a predictive query in the road network that returns the best available K moving objects, in consideration of the time of the user`s moving and that of the user`s waiting. In this process, we apply the technique to gradually expand the range of user and object`s movement simultaneously. Also, an appropriate index structure is used to efficiently process queries even in the road network with a large number of vertices and moving objects. Experimental results reveal the difference in the query result compared to existing studies and also reveal significant results in terms of efficiency.
Detection of Malicious Users with High Influence through Foul Language Network Analysis in MOBA Games
http://doi.org/10.5626/JOK.2018.45.12.1312
In relation to the online game industry, verbal violence in the game has become a serious social problem. However, it is difficult to solve fundamental problems by simply filtering or using reporting systems. This study proposed a method to analyze the propagation tendency of the foul language and to detect malicious users in social network perspective. This method was applied to the analysis of the chat log of Defense of the Ancients 2(DotA 2), a popular MOBA(Multiplayer Online Battle Arena) genre game around the world. In the case of MOBA games, there are usually limited users belonging to one queue, which is a good platform for analyzing foul language networks as compared to other games. Verbally abusive malicious users tend to have high centrality when they form a network. Using these features, we analyzed the propagation tendency of the foul language on the network and detected users with high centrality. We also analyzed the effect on the whole network when the user was restricted. With the proposed method, we were able to detect malicious users who used the foul language. For future works, we will classify the spreading types in the foul language network and analyze users for each type.
Efficient Method of Collecting Network Traces for Generating Network Topology
http://doi.org/10.5626/JOK.2018.45.12.1319
Network topology information is critical in cyber security for designing security architecture and threat analysis as well as for network management and diagnosis. Numerous approaches have been proposed for obtaining information about network topology. In particular, graph analytical methods for inferring network topology are intensively researched. These methods collect path traces via traceroute and analyze them using graph theoretical methods for inferring network topology. However, there exist few research reports on choosing destinations and deployment locations of trace collectors which have the potential of significantly affecting network overhead and discovery time. This paper proposes a novel method of choosing destinations and determining trace collectors for the efficient collection of network traces. In the present work, we have also implemented a prototype of the proposed methods and experimentally validated their performance.
Performance Comparison and Improvement of TCP Congestion Control Algorithms in Vehicle to Grid Communication
Jinwoo Park, Hyogon Kim, Jin-Young Choi
http://doi.org/10.5626/JOK.2018.45.12.1329
As ICT for automobiles continues to develop, automobiles have developed into information devices. In a connected car, the performance of TCP(Transmission Control Protocol), which determines Internet performance, V2G(Vehicle to Grid) performs SCC(Smart Charging Communication) using the charge line of electric car, which has high noise and error. In V2G communication standard ISO 15118, NewReno has been chosen as the congestion control algorithm of TCP. NewReno may not be suitable for V2G communication environment because it is an algorithm made considering the traditional Internet environment where there are not much error. In this paper, we verify if NewReno is the best choice for TCP congestion control algorithm in V2G communication environment. Furthermore, we explore whether TCP congestion control can be improved in the V2G communication environment.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr