DOI QR코드

DOI QR Code

A Study of Realtime Malware URL Detection & Prevention in Mobile Environment

모바일 환경에서 실시간 악성코드 URL 탐지 및 차단 연구

  • 박재경 (한국과학기술원 사이버보안연구센터)
  • Received : 2015.04.23
  • Accepted : 2015.05.29
  • Published : 2015.06.30

Abstract

In this paper, we propose malware database in mobile memory for realtime malware URL detection and we support realtime malware URL detection engine, that is control the web service for more secure mobile service. Recently, mobile malware is on the rise and to be new threat on mobile environment. In particular the mobile characteristics, the damage of malware is more important, because it leads to monetary damages for the user. There are many researches in cybercriminals prevention and malware detection, but it is still insufficient. Additionally we propose the method for prevention Smishing within SMS, MMS. In the near future, mobile venders must build the secure mobile environment with fundamental measures based on our research.

본 논문에서는 악성코드에 대한 피해를 실시간으로 탐지하고 차단하기 위해 모바일 내부에 악성링크에 대한 데이터베이스를 저장하고 또한 악성링크 탐지 엔진을 통해 웹 서비스를 통제함으로 인해 보다 안전한 모바일 환경을 제공하고자 한다. 최근 모바일 환경에서의 악성코드는 PC 환경 못지않게 기승을 부리고 있으며 새로운 위협이 되고 있다. 특히 모바일 특성상 악성코드의 피해는 사용자의 금전적인 피해로 이어진다는 것이 더 중요한 이유이다. 이러한 사이버 범죄를 어떻게 예방하고 실시간으로 차단할 수 있을 것 인지에 대해 많은 연구가 진행되고 있지만 초보적인 수준에 불과한 실정이다. 추가적으로 SMS나 MMS를 통해 전달되는 스미싱도 탐지 및 차단할 수 있는 방안을 제안하고자 한다. 향후 모바일 사업자는 본 연구를 바탕으로 한 근본적인 대책을 수립하여 안전한 모바일 환경을 구축해야 할 것이다.

Keywords

References

  1. Jae-Kyung Park, Sang-Yong Choi, "Studing Security Weaknesses of Android System", International Journal of Security and Its Applications, Vol. 9, No.3, pp. 7-12, Mar. 2015. https://doi.org/10.14257/ijsia.2015.9.3.02
  2. Jae-Kyung Park, Sang-Yong Choi, "An Integrity Checking MechanismUsing Physical Independent Storage for Mobile Device", International Journal Control and Automation, Vol.8, No.3, pp.109-114, Mar. 2015. https://doi.org/10.14257/ijca.2015.8.3.13
  3. Jae-Kyung Park, "A Realtime Malware Detection Technique Using Multiple Filter", Journal of The Korea Society of Computer and Information, Vol. 19, No.7, pp. 77-85, July 2014. https://doi.org/10.9708/jksci.2014.19.7.077
  4. Hyo-NamKim, "Realtime hybrid analysis based on multiple profile for prevention of malware", Hongik Univ. Feb. 2014.
  5. Jae-Kyung Park, Sung-Jin Kim, "The Design of the expanded BYOD solutions for business mobile users", Journal of The Korea Society of Computer and Information, Vol. 10, No.10, pp. 107-115, October 2014.
  6. Jin-Kyung Kim, "A design of anomaly detection with automata dynamic profile", Hansei Univ., Feb. 2014.
  7. S. Kimand D. H. Lee, "A study on the vulnerability of integrity verification functions of android-based smartphone banking applications". in Journal of The Korea Institute of Information Security & Cryptology (JKIISC), vol. 23, no. 4, pp. 743-755, Aug. 2013. https://doi.org/10.13089/JKIISC.2013.23.4.743
  8. Hyo-Nam, Kimand Jae-Kyoung Park and Yoo-Hun Won, "A Study on the Malware Realtime Analysis Systems Using the Finite Automata", Journal of the Korea society of computer and information, Vol.18, No.5, pp.69-76, Apr. 2013. https://doi.org/10.9708/jksci.2013.18.5.069
  9. H.S. Moon, B.H. Jung, Y.S. Jeon and J.N. Kim, "A Survey of Mobile Malware Detection Techniques", 2013 Electronics and Telecommunications Trends, Vol. 23. No. 3, pp. 39-46, May. 2013.
  10. Y. Zhou and X. Jiang, "Dissecting AndroidMalware: Characterization and Evolution", Proc 33rd IEEE Symp Security and Privacy, Aug. 2012.
  11. Mobile security technology research society, "Demand and outlook for mobile security technology", Data collection for Mobile security technology research society seminar, Sept. Jun. 2011.
  12. Androulidakis, Digital evidence inmobile phones. IT security professional magazine, Issue 13, pp 36-39, Feb. 2010.
  13. http://www.cnet.com/how-to/protect-yourandroid-device-from-malware/
  14. http://blog.trendmicro.com/trendlabs-security-intelligence/the-communication-function-ofmalicious-urls/
  15. http://www.sophos.com/en-us/security-newstrends/security-trends/malware-goes-mobile/10-tips-to-prevent-mobile-malware.aspx
  16. http://blog.trendmicro.com/trendlabs-securityintelligence/android-installer-hijacking-bugused-as-lure-for-malware/
  17. http://www.etnews.com/20150210000170
  18. http://www.siminilbo.co.kr/news/articleView.html?idxno=391594