Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
À©µµ¿ì ȯ°æ¿¡¼ »ç¿ëÀÚ ÇÁ·Î±×·¥ ½ÇÇà ±ÇÇÑ Á¦¾î ±â´É ¼³°è |
| ¿µ¹®Á¦¸ñ(English Title) |
Design of the Function for User Program Execution Control in the Windows |
| ÀúÀÚ(Author) |
Àå½ÂÁÖ
Jang
Seung-Ju
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 20 NO. 08 PP. 1553 ~ 1560 (2016. 08) |
Çѱ۳»¿ë
(Korean Abstract) |
º» ³í¹®Àº À©µµ¿ì ½Ã½ºÅÛ È¯°æ¿¡¼ ±¸µ¿µÇ´Â ÇÁ·Î±×·¥¿¡ ´ëÇÑ ½ÇÇà ±ÇÇÑÀ» ÅëÁ¦ÇÒ ¼ö ÀÖµµ·ÏÇÏ´Â Á¦¾î ÇÁ·Î±×·¥À» ¼³°èÇÑ´Ù. À©µµ¿ì ÇÁ·Î±×·¥ÀÇ Á¤ÇüÈµÈ ±¸Á¶ Á¤º¸¸¦ ÀÌ¿ëÇÏ¿© ½ÇÇà ÇÁ·Î±×·¥ÀÇ Æ¯Á¤ À§Ä¡ Á¤º¸¸¦ ÀÓÀÇÀÇ ºñÆ® °ªÀ¸·Î º¯È¯À» ÇÏ¿© ÀÏ¹Ý »ç¿ëÀÚ´Â ½ÇÇàÀ» ÇÒ ¼ö ¾øµµ·Ï ÇÑ´Ù. ÀÌ·¸°Ô º¯È¯µÈ ºñÆ® °ªÀº Çã°¡µÈ »ç¿ëÀÚÀÇ °æ¿ì ¿ø·¡ÀÇ ºñÆ® °ªÀ¸·Î µÇµ¹¸± ¼ö ÀÖµµ·Ï ÇÔÀ¸·Î½á ÇÁ·Î±×·¥ÀÌ Á¤»óÀûÀ¸·Î ¼öÇàÀÌ µÉ ¼ö ÀÖ´Ù. ÀÌ·¸°Ô ÇÔÀ¸·Î½á À©µµ¿ì ½ÇÇà ÇÁ·Î±×·¥¿¡ ´ëÇÑ ¿ª°øÇÐÀÇ À§Çè µî¿¡ º¸´Ù ¾ÈÀüÇÏ°Ô »ç¿ëÇÒ ¼ö ÀÖµµ·Ï ÇÑ´Ù. º» ³í¹®¿¡¼ Á¦¾ÈÇÏ´Â ÇÁ·Î±×·¥ ½ÇÇà ±ÇÇÑ Á¦¾î ÇÁ·Î±×·¥¿¡ ´ëÇؼ ¼³°èÇÏ°í ½ÇÇèÀ» ¼öÇàÇÏ¿´´Ù. ½ÇÇèÀ» ¼öÇàÇÑ °á°ú À©µµ¿ì ȯ°æ¿¡¼ »ç¿ëÀÚ ÇÁ·Î±×·¥¿¡ ´ëÇÑ ½ÇÇà ±ÇÇÑ Á¦¾î ±â´ÉÀÌ Á¤»óÀûÀ¸·Î µ¿ÀÛµÊÀ» È®ÀÎÇÒ ¼ö ÀÖ¾ú´Ù.À½Àº ¿ä¾à¹®ÀÔ´Ï´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
In this paper, we design a program that controls the execution permissions for the running application in the Windows system environment. It does not allow general users to execute the program converting the specific location information of the execution program, to any of the bit values with the formal structure information in window program. The converted bit value can be returned to the original bit value in the case of an authorized user, so that the original program can be normally performed. By doing so, it can be more safely used in the risk of reverse engineering for Windows executable program. We implemented the control program for the program execution authority we proposed in this paper, and the experiment was performed. At the results of experiments, it was confirmed that the
control function to permit execution for the user program was working properly in the Windows environment.
|
| Å°¿öµå(Keyword) |
ÇÁ·Î±×·¥ ½ÇÇà ±ÇÇÑ
ÇÁ·Î±×·¥ ½ÇÇà ±ÇÇÑ Á¦¾î
À©µµ¿ì ½Ã½ºÅÛ
PE º¯Çü
PE º¹±¸
½ÇÇè
Program Execution Rights
Program Execution Rights Access
Windows System
PE modified
PE recovery
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
