• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.4
• /
• pp.559-572
• /
• 2020

As internet technology advances, users can share content online, and many sharing services exist. According to a recently published digital forensic study, when playing an online streaming service, you can restore the played video by reconstructing the Chrome cache file left on local device such as a PC. This can be seen as evidence that the user watched illegal video content. From a different point of view, copyright infringement occurs when a malicious user restores video stream and share it to another site. In this paper, we selected 23 online streaming services that are widely used both at home and abroad. After streaming videos, we tested whether we can recover original video using cache files stored on the PC or not. As a result, the paper found that in most sites we can restore the original video by reconstructing cache files. Furthermore, this study also discussed methodologies for preventing copyright infringement in online streaming service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.213-222
• /
• 2017

Online advertisement has many benefits comparing to offline advertisement but it also has many challenging problems by online ad abuses. Advertisement injection (Ad injection) is one of the threats that surreptitiously inserts advertisements without a permission of site owners. Users are exposed to additional ads and redundant web traffic by injected ads can cause a service quality problem. Moreover, advertisers can have economic loss when injected ads are different from original ones. Although ad injection leads to these problems it has not been fully studied yet. A few ad injection researches are done by online advertising providers such as Google. In this paper, we analyze ad injection activities to Korean major portal, Naver. We classify 6 types of ad injections and describe their characteristics by analyzing 27 downloaders and 199 installed programs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.963-974
• /
• 2018

With the growing interest in cryptocurrency such as bitcoin, the blockchain technology has attracted much attention in various applications as a distributed security platform with excellent security. However, Cryptojacking, an attack that hijack other computer resources such as CPUs, has occured due to vulnerability to the Cryptomining process. In particular, browser-based Cryptojacking is considered serious because attacks can occur only by visiting a Web site without installing it on a visitor's PC. The current Cryptojacking detection system is mostly signature-based. Signature-based detection methods have problems in that they can not detect a new Cryptomining code or a modification of existing Cryptomining code. In this paper, we propose a Cryptojacking detection solution using a dynamic analysis-based that uses a headless browser to detect unknown Cryptojacking attacks. The proposed dynamic analysis-based Cryptojacking detection system can detect new Cryptojacking site that cannot be detected in existing signature-based Cryptojacking detection system and can detect it even if it is called or obfuscated by bypassing Cryptomining code.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.869-878
• /
• 2018

Digital Evidence Data in cyberspace is easy to modify or delete, and changes are reflected in real time, so it is necessary to acquire evidence data quickly. Collecting evidence on the client side is advantageous in that data can be acquired without time delay due to additional administrative procedures, but collection of large data is likewise vulnerable to collection time delay problem. Therefore, this paper proposes an automated evidence collection method on the client side, focusing on the major web-based services in cyberspace, and enables efficient evidence collection for large volumes of data. Furthermore, we propose a digital evidence collection system in cyberspace that guarantees the integrity of the collected digital evidence until the court submission.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.5
• /
• pp.81-90
• /
• 2003

Existing web-based system management software solutions show some limitations in time and space. Moreover, they possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance suppers and emergency measures. In order to solve these deficiencies, Wireless Remote Control System was designed and implemented. Wireless Remote Control System is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of Wireless Remote Control System leads to these security Problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to Wireless Remote Control System. The designed security functions include mobile device user authentication and target system access control. For security verification of these security functions introduced CPN(Coloured Petri Nets) which is capable of expressing every possible state for each stage. And then in this paper was verified its security through PI(Place Invariant) based on CPN(Coloured Petri Nets). The CPN expression and analysis method of the proposed security function can also be a useful method for analyzing other services in the future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.4
• /
• pp.3-11
• /
• 2004

The XML has been becoming a basis of the related application and industry standards with proliferation of electronic transactions on the web, and the standardization on XML Signature, which can be applied to the digital contents including XML objects from one or more sources, is in the progress through a joint effort of W3C(World Wide Web Consortium) and IETF(Internet Engineering Task Force). Along with this trend, the development of products implementing XML Signature has been growing, and the XML Signature products are required to implement the relevant standards correctly to guarantee the interoperability among different XML Signature products. In this paper, we propose a conformance testing method for testing the XML Signature products, which includes a testing procedure and test cases. The test cases were obtained through analysis of XML Signature standards. Finally we describe the design and uses of our XML Signature conformance testing tools which implements our testing method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.71-79
• /
• 2003

Existing web-based system management software solutions show some limitations in time and space. Moreover, hey possess such as shortcomings unreliable error message announcements and difficulties with real-time assistance supports and emergency measures. In order to solve these deficiencies, Wireless Remote Control System(W-RCS) was designed and implemented. W-RCS is able to manage and monitor remote systems by using mobile communication devices for instantaneous control. The implementation of W-RCS leads to these security problems as well as solutions to aforementioned issues with existing web-based system management software solutions. Therefore, this paper has focused on the security matters related to W-RCS. The security functions based on public key infrastructure include mobile device user authentication and target system access control. The W-RCS allows real-time user authentication, increases the flexibility of resource administrators and mobile device non, and provides not only uninterrupted services, but also safe mobile office environments.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.3-12
• /
• 2005

To provide visitors with the various services, Many web sites distribute many ActiveX controls to them because ActiveX controls can overcome limits of HTML documents and script languages. However, PC can become dangerous if it has unsecure ActiveX controls, because they can be executed in HTML documents. Nevertheless, many web sites provide visitors with ActiveX controls whose security are not verified. Therefore, the verification is needed by third party to remove vulnerabilities in ActiveX controls. In this paper, we introduce the process and the technique to fad vulnerabilities. The existing proof codes are not valid because ActiveX controls are different from normal application and domestic environments are different from foreign environments. In this paper, we introduce the technique to prove vulnerabilities in ActiveX control.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1073-1088
• /
• 2024

This study proposes a novel model to address the security, usability, and scalability challenges of cryptocurrency wallets. The model is implemented as a web application that combines FIDO2 (Fast Identity Online v2) with Account Abstraction (AA), offering enhanced security by storing private keys within the Trusted Execution Environment (TEE) of users' mobile devices. By utilizing two types of private keys, the model supports three account types, allowing users to flexibly select security levels and functionalities according to their needs. The research findings show that the proposed model provides strong security against various attack scenarios while also improving usability and scalability. By integrating hardware wallet-level security with the convenience of software wallets, this new paradigm for cryptocurrency wallets is expected to contribute to the widespread adoption of blockchain technology