Abstract: A code sequence based intelligent key code identification method includes extracting Smali code sequence by decompiling an application, vectorizing the extracted Smali code sequence to construct a training dataset, training a deep learning model with the vectorized Smali code sequence to generate a classifier, generating a category classification result using Smali code sequence of a target application as input of the classifier, and identifying and providing important Smali code sequence from which the classification result of the target application is derived. Accordingly, it is possible to objectively evaluate the application using Smali code sequence of the application being actually run.

Abstract: A method for detecting a mobile malicious application based on an implementation feature in a mobile malicious application detection apparatus based on an implementation feature and the method comprises decompiling a labeled application to remove preset information; extracting abstract syntax tree (AST) that is an implementation feature for each method; generating an AST node list; generating and vectorizing the generated AST node list as a learning dataset for deep learning; generating a classification model by learning a vectorized learning dataset; and outputting a classification result of a target application based on the classification model. This can reduce the false positive rate, extract many features from the obfuscated application, and detect malicious applications by classifying mobile applications as normal or malicious behaviors based on the behaviors performed by the application.

Abstract: A converter according to one embodiment of the present invention comprises: a first converter and a second converter for converting the input voltage into a first level voltage; a switching unit which connects the first converter and the second converter in series or in parallel; and an output unit to which the output terminal of the first converter and the output terminal of the second converter are connected in parallel.

Abstract: Provided is a unit test case-based security design flaw detection method performed in a security design flaw detection apparatus for detecting a security design flaw of a software system, and the method comprises collecting a unit test case for the software system from an external device and preprocessing the unit test case; generating a first test case by testing whether the software system violates a security policy using the preprocessed unit test case; generating a second test case that is a data set for testing a function of the software system based on the first test case; and detecting a vulnerability of the software system by executing the second test case.

Abstract: A device for automatically identifying anti-analysis techniques by using the signature extraction, includes an extraction unit which extracts a DEX file and an ELF file from an application file after unpacking the application file, which is in an APK format and includes compressed execution code to be executed on Android, a detection unit which receives the acquired signature classified according to types of the signature, analytically compares the input signature with the signature stored in a database, and detects the signature used in anti-analysis techniques, and a determination unit which determines according to the detected signature what anti-analysis technique is applied to the application. According to the present invention, it is possible to enable an appropriate and quick response to damages due to malicious applications by shortening the time required for analysis and automatically recognizing the application to which the anti-analysis technique is applied.

Abstract: A method for evaluating the risk of data leakage in an application includes the steps of: extracting a DEX (Dalvik Executable) file and a so (Shared Object) file by decompressing an APK file of a mobile application; extracting DEX code information from the DEX file by parsing the DEX file; translating a content of the so file into IR (Intermediate Representation); extracting IR code information from the translated IR; generating a call-reference structure between the DEX file and the so file by processing the extracted DEX code information and the extracted IR code information; and outputting weakness information according to a risk designated in advance based on the generated call-reference structure. Accordingly, it is possible to extend the call-reference coverage of an android application.

Abstract: A process wrapping method for bypassing native code anti-analysis includes receiving an execution instruction intended to run in an application from an Android framework when the application starts, extracting metadata of string and method from a compiled OAT file using an oatdump tool in the Android framework, determining if anti-analysis techniques are applied by comparing with information of a database (DB) based on the transmitted execution instruction and the extracted metadata, modifying the execution instruction based on the determined information when the anti-analysis technique is applied, and sending the modified execution instruction back to the Android framework. Accordingly, it is possible to provide an environment in which malicious applications to which anti-analysis techniques are applied can be easily analyzed.

Abstract: A mobile malicious code classification method based on feature selection includes extracting Application Programming Interface (API) feature information including a package name, a class name, a method name and a description from a malicious application of a predefined category, vectorizing a training dataset generated using the package name, the class name and the method name in the API feature information for deep learning, learning the vectorized training dataset to generate a classifier, probabilistically classifying to fit a target malicious application into a category, and defining the category of the target malicious application using a result of the classification and outputting a classification important API. Accordingly, it is possible to deal with malicious behaviors of malicious applications quickly and prevent damage caused by the malicious behaviors.

Abstract: A mobile application malicious behavior pattern detection method based on Application Programming Interface (API) call graph extraction includes extracting an API Call Graph (ACG) representing an API call flow from benign applications and applications which perform malicious behavior, generating and vectorizing a training dataset for deep learning using the extracted ACG, generating a deep learning algorithm prediction model by training with the vectorized training dataset, extracting ACG features used in the malicious behavior from the generated prediction model and extracting a malicious behavior pattern from an intersection of the malicious applications, and classifying an application which performs malicious behavior through similarity comparison between the extracted malicious behavior pattern and a pattern extracted from the target application. Accordingly, it is possible to detect the malicious behavior itself using the ACG representing an API call flow.

Abstract: A bulk acoustic resonator includes: a substrate; a first electrode disposed on the substrate; a piezoelectric layer disposed to cover at least a portion of the first electrode; a second electrode disposed to cover at least a portion of the piezoelectric layer; a metal pad connected to the first electrode and the second electrode; and a protective layer disposed to cover at least the metal pad.

Abstract: An example portable electronic device includes a front glass cover; a rear cover; a bezel surrounding a space defined by the front cover and the rear cover, the bezel including a portion including an opening; a display device built in the space; and a plate including a plane parallel to the front cover within the space. The example electronic device includes a key movably inserted in the opening; a support structure mounted on the plate or a portion of the bezel and including a hole through which the key passes; a dome button mounted on the support structure and arranged to face the first surface of the key and the hole so that the key can be pressed; and a waterproof structure including a flexible material.

Abstract: A method for evaluating the risk of data leakage in an application includes the steps of: extracting a DEX (Dalvik Executable) file and a so (Shared Object) file by decompressing an APK file of a mobile application; extracting DEX code information from the DEX file by parsing the DEX file; translating a content of the so file into IR (Intermediate Representation); extracting IR code information from the translated IR; generating a call-reference structure between the DEX file and the so file by processing the extracted DEX code information and the extracted IR code information; and outputting weakness information according to a risk designated in advance based on the generated call-reference structure. Accordingly, it is possible to extend the call-reference coverage of an android application.

Abstract: Provided is a method for bypassing an analysis evasion technique, which includes: loading a dummy DEX file; parsing a dummy method containing a dummy code from the dummy DEX file; a bypass point identifying step of determining whether a function to be currently called is a bypass target function to which the analysis evasion technique is applied; a branch target point changing step of changing information according to the determination result so that the dummy code is executed instead of the call target function; and a dummy code executing step of transmitting the dummy code to a framework of the application, so that a modulated framework is executed with a bypass code.

Abstract: A code sequence based intelligent key code identification method includes extracting Smali code sequence by decompiling an application, vectorizing the extracted Smali code sequence to construct a training dataset, training a deep learning model with the vectorized Smali code sequence to generate a classifier, generating a category classification result using Smali code sequence of a target application as input of the classifier, and identifying and providing important Smali code sequence from which the classification result of the target application is derived. Accordingly, it is possible to objectively evaluate the application using Smali code sequence of the application being actually run.

Abstract: A mobile malicious code classification method based on feature selection includes extracting Application Programming Interface (API) feature information including a package name, a class name, a method name and a description from a malicious application of a predefined category, vectorizing a training dataset generated using the package name, the class name and the method name in the API feature information for deep learning, learning the vectorized training dataset to generate a classifier, probabilistically classifying to fit a target malicious application into a category, and defining the category of the target malicious application using a result of the classification and outputting a classification important API. Accordingly, it is possible to deal with malicious behaviors of malicious applications quickly and prevent damage caused by the malicious behaviors.

Abstract: A mobile application malicious behavior pattern detection method based on Application Programming Interface (API) call graph extraction includes extracting an API Call Graph (ACG) representing an API call flow from benign applications and applications which perform malicious behavior, generating and vectorizing a training dataset for deep learning using the extracted ACG, generating a deep learning algorithm prediction model by training with the vectorized training dataset, extracting ACG features used in the malicious behavior from the generated prediction model and extracting a malicious behavior pattern from an intersection of the malicious applications, and classifying an application which performs malicious behavior through similarity comparison between the extracted malicious behavior pattern and a pattern extracted from the target application. Accordingly, it is possible to detect the malicious behavior itself using the ACG representing an API call flow.

Abstract: A process wrapping method for bypassing native code anti-analysis includes receiving an execution instruction intended to run in an application from an Android framework when the application starts, extracting metadata of string and method from a compiled OAT file using an oatdump tool in the Android framework, determining if anti-analysis techniques are applied by comparing with information of a database (DB) based on the transmitted execution instruction and the extracted metadata, modifying the execution instruction based on the determined information when the anti-analysis technique is applied, and sending the modified execution instruction back to the Android framework. Accordingly, it is possible to provide an environment in which malicious applications to which anti-analysis techniques are applied can be easily analyzed.

Abstract: An obfuscated identifier detection method based on natural language processing includes: converting an input obfuscated apk to smali code level, inspecting an obfuscated string in identifiers of the smali code acquired from a smali code converter, extracting information necessary for deobfuscation and frequency of the identifiers when there is the obfuscated string, storing frequency, type and name information of identifiers calculated from information extracted from an unobfuscated apk, and acquiring and deobfuscating an identifier type name having a most similar frequency in an identifier name database (DB) using information extracted from an obfuscated information extractor. Accordingly, it is possible to reduce delay in analysis and achieve faster analysis by automatically renaming the code that is difficult to understand due to identifier conversion obfuscation.

Abstract: A bulk acoustic wave resonator includes: a substrate; a resonant portion including a first electrode, a piezoelectric layer, and a second electrode sequentially stacked on the substrate; and a protective layer disposed on an upper surface of the resonant portion. The protective layer includes: a first protective layer formed of a diamond thin film; and a second protective layer stacked on the first protective layer, and formed of a dielectric material.

Abstract: A bulk-acoustic wave resonator includes: a substrate; a first electrode disposed on the substrate; a cavity disposed between the substrate and the first electrode; a piezoelectric layer covering at least a portion of the first electrode; a second electrode covering at least a portion of the piezoelectric layer; an insertion layer disposed between the first electrode and the piezoelectric layer; and a lower frame disposed in the cavity. At least a portion of the lower frame overlaps the insertion layer.