An Analysis of Software and System Weaknesses

R&D An Analysis of Software and System Weaknesses

Purpose of research

  • R&D of software security technology to secure safety of local ICT services
  • Core technology for detecting and analyzing software weaknesses in relation to cyber attacks and prevention
  • Technology for analyzing weaknesses of systems for the latest applications (artificial intelligence, Cloud)

Research topics

  • Study of technology to analyze weaknesses of various IT operating platforms (Windows, Android, etc.)

    - Development of technology for analyzing weaknesses of core software of operating systems

    - Development of technology for analyzing weaknesses of embedded devices used for mobile and IOT devices

  • Study of technology for analyzing software safety by developing reverse engineering technology of binary data

    - Development of automated analysis technology by analyzing and developing various tools for the reverse engineering technology

    - Study of technology to restore meaning and abstracted information through automated analysis of binary files

  • Study of software engineering technology for weakness analysis

    - Study of application and use of software and hardware instrumentation-based security technology

    - Development of error analysis automation technology through Symbolic Execution and Taint Analysis

  • Study of system and hardware analysis technology using profiling and reverse engineering

    - Study of technology to analyze and exploit the weaknesses in heterogeneous systems based on the latest GPU

    - Study of technology to analyze the weaknesses in the Cloud system (operating system and hardware) and to attack the sub-channel

Expected outcomes

  • Safe operating environment for the local ICT services through R&D of security weaknesses
  • Capacity to effectively respond to local cyber attacks by analyzing weaknesses and studying the detection technology

Major accomplishments

  • 2016

    - Report on the use of instrumentation method in computer system security

    - Registration of K-fuzzer program, an error generating tool by converting input data