- Volume 15 Issue 4
DOI QR Code
Cloud Messaging Service for Preventing Smishing Attack
스미싱 공격 방지를 위한 클라우드 메시징 서비스
- Park, Hyo-Min (Interdisciplinary Program of Information Security, Graduate School, Pukyong National University) ;
- Kim, Wan-Seok (Dept. of IT Convergence and Application Eng., Pukyong National University) ;
- Kang, So-Jeong (Dept. of IT Convergence and Application Eng., Pukyong National University) ;
- Shin, Sang Uk (Dept. of IT Convergence and Application Eng., Pukyong National University)
- Received : 2017.03.02
- Accepted : 2017.04.20
- Published : 2017.04.28
They are rapidly evolving malicious attacks on smart devices, and to timely protect the smart devices from these attacks has become a very important issue. In particular, smishing attack has emerged as one of the most important threats on the smartphone. In this paper, we propose the cloud service that can fundamentally protect the user from the risk of smishing attack. The proposed scheme provides cloud messaging service that can filter text messages including URLs in the user's smart device, view and manage them through a virtual machine provided by a cloud server. The existing techniques for preventing smshing attacks protect only malicious code of a known pattern and there is the possibility of error such as FP(False Positive) or FN(False Negative). However, since the proposed method automatically filters all text messages including URLs, storing, viewing, and managing them in their own storage space on the cloud server, it can completely block the installation of malwares(malicious codes) on the user's smart device through smishing attacks.
Smishing attack;Smart device;Cloud computing;Virtual machine;Phishing;Malware
Supported by : 부경대학교
- Yun-Young Song, Kyung min Han, "A Study of Response and Plan of Banks for Mobile Payments of Non-financial Corporations", Journal of IT Convergence Society for SMB, Vol. 5, No. 2, pp.7-13, 2015.
- Smishing(2008), http://www.police.go.kr/portal/main/contents.do?menuNo=200287 (accessed Jun., 24, 2016).
- D.C. Kim, and J.C. Ryou, "The blocking method for accessing toward malicious sites based on Android platform," Journal of the Korea Institute of Information Security and Cryptology, Vol. 24, No. 3, pp. 499-505, 2014. https://doi.org/10.13089/JKIISC.2014.24.3.499
- W.J. Park, K.H. Lee, S.J. Kim, and W. Ryu, "A financial fraud protection platform on Android smartphones in real-time," Information and Communication Technology Convergence (ICTC), 2015 International Conference on. IEEE, pp. 1246-1248, 2015.
- Sik-Wan Cho, Won-Jun Jang, Hyung-Woo Lee, "Development of User Oriented Vulnerability Analysis Application on Smart Phone", Journal of the Korea Convergence Society, Vol. 3, No. 2, pp. 7-12, 2012.
- Byung-Seok Yu, Sung-Hyun Yun, "The Design and Implementation of Messenger Authentication Protocol to Prevent Smart Phone Phishing", Journal of the Korea Convergence Society, Vol. 2, No. 4, pp. 9-14, 2011.
- Sunghyuck Hong, "Cognitive Approach to Anti-Phishing and Anti-Pharming : Survey", Journal of IT Convergence Society for SMB, Vol. 3, No. 2, pp.33-39, 2013.
- H. Shahriar, T. Klintic, and V. Clincy, "Mobile Phishing Attacks and Mitigation Techniques," Journal of Information Security, Vol. 6 No. 3, pp. 206-212, 2015. https://doi.org/10.4236/jis.2015.63021
- C.F.M. Foozy, R. Ahmad, and M.F. Abdollah, "Phishing detection taxonomy for mobile device," International Journal of Computer Science, Vol. 10, No. 3,pp. 338-344, 2013.
- P. He, X. Wen, and W. Zheng, "A Novel Method for Filtering Group Sending Short Message Spam," Proceedings of the International Conference on Convergence and Hybrid Information Technology, 2008. ICHIT'08, International Conference on, pp. 60-65, 2008.
- D.W. Park, "Analysis on Mobile Forensic of Smishing Hacking Attack," Journal of the Korean Institute of Information and Communication Engineering, vol. 8, no. 12, pp. 2878-2883, 2014.
- D.W. Park, "Analysis of Mobile Smishing Hacking Trends and Security Measures," Journal of the Korea Institute of Information and Communication Engineering, Vol. 19, No. 11, pp. 2615-2622, 2015. https://doi.org/10.6109/jkiice.2015.19.11.2615
- S.Y. Lee, H.S. Kang, and J.S. Moon, "A Study on Smishing Block of Android Platform Environment," Journal of the Korea Institute of Information Security and Cryptology, Vol. 24, No. 5, pp. 975-985, 2014. https://doi.org/10.13089/JKIISC.2014.24.5.975
- J.W Yoon, H Kim, and J. H Huh, "Hybrid spam filtering for mobile communication," Computers & Security, Vol. 29, pp. 446-459, 2010. https://doi.org/10.1016/j.cose.2009.11.003
- T.T. Mahmoud, and A.M. Mahfouz, "SMS Spam Filtering Technique Based on Artificial Immune System," International Journal of Computer Science, Vol. 9, pp. 589-597, 2012.
- S. Sheng, B. Wardman, G. Warner, L. Cranor, J. Hong, and C. Zhang, "An Empirical Analysis of Phishing Blacklists," 6th Annual Conference on Email and AntiSpam (CEAS), 2009.
- Desktop as a Service(2016), https://en.wikipedia.org/wiki/Desktop_virtualization#Desktop_as_a_Service (accessed Jun., 24, 2016).
- M. Khonji, Y. Iraqi, and A. Jones, "Phishing Detection: A Literature Survey," IEEE Communications Survey & Tutorials, Vol. 15, No. 4, pp. 2091-2121, 2013. https://doi.org/10.1109/SURV.2013.032213.00009