Journal of Korea Game Society (한국게임학회 논문지)

Korea Game Society (한국게임학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Countermeasures for Personal Data Breach and Security Threats of Social Network Game

소셜 네트워크 게임(SNG) 서비스의 개인정보 유출 및 보안위협 대응방안에 관한 연구

  • Lee, Sang Won (Graduate School of Information Security, Korea University) ;
  • Kim, Huy Kang (Graduate School of Information Security, Korea University) ;
  • Kim, Eun Jin (Department of International Industrial Information, Kyonggi University)
  • 이상원 (고려대학교 정보보호대학원) ;
  • 김휘강 (고려대학교 정보보호대학원) ;
  • 김은진 (경기대학교 국제산업정보학과)
  • Received : 2014.11.13
  • Accepted : 2014.12.29
  • Published : 2015.02.20
Download PDF
⟨ Previous Next ⟩

Abstract

As the smart phone market is drastically expanding, there is a steady growth of recent vicious activities such as data manipulation, billing fraud, identity theft, and leakage of personal information that are security threats to Social Network Games(SNG). Due to the threats, Strong development standard is required for security enhancement of SNG. Nonetheless, short life-spans, additional expenses, and the necessities to provide a sound game service hinders developers from reaching their security goals. Therefore, this research investigates the weak points of SNG through memory manipulation experiments based on the currently provided SNG services. In addition, the research presents counter measures and security enforcements that are light in service load and simplistic which can be applied in the developing process.

스마트폰 게임시장의 성장과 함께 모바일 소셜 네트워크 게임(SNG) 서비스의 이용이 크게 증가하고 있다. 이와 더불어 이들 서비스를 대상으로 한 게임 데이터 조작, 결제 부정, 계정도용, 개인정보 유출 등 보안위협이 동시에 증가하고 있다. 모바일 소셜 네트워크 게임의 보안강화를 위해 강력한 개발보안 표준이 요구 되지만 게임의 짧은 생명주기, 추가적인 개발 비용의 발생, 원활한 서비스 제공의 어려움을 이유로 이의 적용이 쉽지 않은 실정이다. 본 논문에서는 소셜 네트워크 게임의 보안 강화 방안으로 발생빈도와 위험성이 높은 공격 방법 중 하나인 메모리 변조에 대한 대응 방안을 제시하고자 한다. 또한 이 방법은 모바일 환경에 맞게 가볍고 강력한 보안을 제공할 것으로 기대 된다.

Keywords

References

  1. KISA, "Statistical Survey Report of Mobile Internet", 2012.
  2. KISA, "Survey Report of Mobile Internet", 2013.
  3. KOCCA, "Present and Future of Social network game", 2010.
  4. DMC Media, "Present and Future of Social network game", 2010.
  5. Huykang Kim, YoungJun Keum, "Mobile game services security issues on Android environment", 2013
  6. Yuxue Piao, JinHyuk Jung, JeongHyun Yi, "Structural and Functional Analyses of ProGuard Obfuscation Tool", The Journal of Korea Information and Communications Society, 2013
  7. Lee Ju Yeob, "A Study on Programs Development of Online Game with Tightened Security", 2012.
  8. Kaspersky Lab. Security News, "Researchers Find Methods For Bypassing Google's Bouncer Android Security", June 2012
  9. Justin Case, "Report: Google's Android Market License Verification Easily Circumvented, Will Not Stop Pirates", August 2010.
  10. Huykang Kim, YoungJun Keum, "Mobile game services security issues on Android environment", 2013
  11. SangHo Lee, Dayoung Ju, "An analysis of vulnerability and the method to secure on Android SNS applications from alteration of the code segments", 2013
  12. KiSung Lee, Huykang Kim, "Android Game Repackaging Detection Technique using Shortened Instruction Sequence", Korea Game Society, v.13, no.6, pp.85-94, 2013
  13. Soonil Kim, Sunghoon Kim, Dong Hoon Lee, "A study on the vulnerability of integrity verification functions of android - based smartphone banking applications", Journal of the Korean Institute of Information Security and Cryptology v.23 no.4 , pp.743 - 755 , 2013 https://doi.org/10.13089/JKIISC.2013.23.4.743
  14. Yeonbi Chun, Sung Kyun Chang, Tack Woo, "Classification of Smartphone Game based on Mechanics", Korea Game Society, v.12, no.6, pp.15-24, 2012
  15. Justin Case, "Report : Google's Android Market License Verification Easily Circumvented, Will Not Stop Pirates", 2010.
  16. Kaspersky Lab. Security News, "Researchers Find Methods For Bypassing Google's Bouncer Android Security", June 2012
  17. Jiyoung Woo, Ah Reum Kang, Huy Kang Kim, "Modeling of Bot Usage Diffusion across Social Networks in MMORPGs," Workshop at ACM SIGGRAPH ASIA 2012, pp. 13-18, November 2012.
  18. DongYoung Woo, DongNam Seo, HuyKang Kim, JinYoung Choi, "A Study for Effectiveness of Preliminary Security Assessment on Online Game Service Domain", Journal of the Korea society of IT services, 2011
  19. Jiyoung Woo, Huy Kang Kim, "Survey and Research Direction on Online Game Security," Workshop at ACM SIGGRAPH ASIA 2012, pp. 19-25, November 2012.
  20. Hanumantu Rajeswari, Ramesh Yegireddi, Vudumula Govinda Rao, "Performance Analysis of Hash Algorithms and File Integrity", Hanumantu Rajeswari et al, International Journal of Computer Science and Information Technologies, Vol. 5 (6) , 2014, 7376-7379