Á¤º¸°úÇÐȸ ³í¹®Áö A : ½Ã½ºÅÛ ¹× ÀÌ·Ð
ÇѱÛÁ¦¸ñ(Korean Title) |
¹ÙÀ̳ʸ® ÄÚµå ¼öÁØ¿¡¼ ¿¬»êÀÚ k-gram ±â¹ÝÀÇ ¿ÀǼҽº ¼ÒÇÁÆ®¿þ¾î ŽÁö |
¿µ¹®Á¦¸ñ(English Title) |
Open Source Software Detection based on Opcode k-gram at Binary Code Level |
ÀúÀÚ(Author) |
ÃÖÁ¾Ãµ
Á¶¼ºÁ¦
Jong-Cheon Choi
Seong-Je Cho
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 41 NO. 01 PP. 0023 ~ 0032 (2014. 02) |
Çѱ۳»¿ë (Korean Abstract) |
¸¹Àº ¼ÒÇÁÆ®¿þ¾î º¥´õµé°ú °³¹ßÀÚµéÀº ¿ÀǼҽº ¶óÀ̼±½º¸¦ ÀÌÇØÇÏÁö ¾Ê°í ¡®¿ÀǼҽº ¼ÒÇÁÆ®¿þ¾î¡¯(open source software: OSS)¸¦ »ç¿ëÇÑ´Ù. ¿ÀǼҽº ¶óÀ̼±½ºÀÇ À§¹ÝÀº ÀúÀÛ±Ç Ä§ÇØÀ̹ǷÎ, ÀÓÀÇ ¼ÒÇÁÆ®¿þ¾î Á¦Ç°¿¡ OSS°¡ ºÒ¹ýÀ¸·Î »ç¿ëµÇ°í ÀÖ´Â Áö¸¦ ÆľÇÇÏ´Â °ÍÀÌ ÇÊ¿äÇÏ´Ù. º» ³í¹®¿¡¼´Â ¹ÙÀ̳ʸ® ¹× ½ÇÇàÆÄÀÏ ÇüÅÂÀÇ ÇÁ·Î±×·¥¿¡ ¿ÀǼҽº Äڵ尡 Æ÷ÇԵǾî ÀÖ´ÂÁö¸¦ ÆÇ´ÜÇÏ´Â »õ·Î¿î ±â¹ýÀ» Á¦¾ÈÇÑ´Ù. Á¦¾È ±â¹ý¿¡¼, ¿ÀǼҽº ÄÚµå¿Í ÀÇ½É ÇÁ·Î±×·¥ ÄÚµå °£ÀÇ À¯»ç¼ºÀ» ÃøÁ¤Çϴ Ư¡Á¤º¸·Î ¿¬»êÀÚ ¼öÁØ k-gramÀ» »ç¿ëÇÑ´Ù. Áï, ÀÇ½É ÇÁ·Î±×·¥¿¡¼ ¿ÀǼҽº Äڵ带 ŽÁöÇϱâ À§ÇØ, ±æÀÌ°¡ kÀÎ ¿¬»êÀÚ ¼øÂ÷µéÀÇ ÁýÇÕÀ» ±¸ÇÏ¿© k-gram ±â¹ÝÀ¸·Î µÎ ÄÚµå °£ÀÇ À¯»ç¼ºÀ» ÃøÁ¤ÇÑ´Ù. Á¦¾È ±â¹ýÀ» Æò°¡Çϱâ À§ÇØ, MS À©µµ¿ì¿Í ¸®´ª½º ½Ã½ºÅÛ¿¡¼ ¹ÙÀ̳ʸ® ÄÚµåµéÀ» ´ë»óÀ¸·Î ¿©·¯ ½ÇÇèÀ» ¼öÇàÇÏ¿´´Ù. ½ÇÇè °á°ú, Á¦¾È ±â¹ýÀÌ ÀÇ½É ÇÁ·Î±×·¥¿¡¼ ¿ÀǼҽº Äڵ带 ŽÁöÇÒ ¼ö ÀÖÀ½À» º¸¿´´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
Many software vendors or developers use open source software(OSS) without understanding an open source license. Violating the terms of an open source license may result in liability for copyright infringement. Therefore, it is necessary to devise a way to find out if OSS was illegally used in any software product. In this paper, we propose a novel technique for determining whether binary or executable form of a program includes open source code. The proposed technique uses opcode-level k-grams as a feature to measure software similarity between open source code and suspicious program code. To detect open source code in suspicious program code, the technique computes the set of opcode sequences of length k for a set of codes and calculate similarity between two codes based on k-grams. To evaluate our proposed technique, we perform several experiments with binary codes under MS Windows and Linux systems. Experimental results show that our proposed technique can detect or locate open source software code in a suspicious executable program.
|
Å°¿öµå(Keyword) |
¿ÀǼҽº ¼ÒÇÁÆ®¿þ¾î
¿ÀǼҽº ¶óÀ̼±½º
¿¬»êÀÚ-¼öÁØ k-gram
¹ÙÀ̳ʸ® ÄÚµå ŽÁö
open source software(OSS)
open source license
opcode-level k-gram
binary code detection
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|