• Title/Summary/Keyword: 탈취

Search Result 441, Processing Time 0.027 seconds

A Framework Development for Fake App Detection and Official App Information Sharing (가짜 앱 탐지 및 공식 앱 정보 공유 프레임워크 개발)

  • Jinwook Kim;Yujeong No;Wontae Jung;Kyungroul Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.213-214
    • /
    • 2023
  • 스마트폰은 앱을 통하여 사람들에게 다양하고 유용한 기능을 제공하며, 새로운 앱들이 계속해서 개발되어 출시되고 있다. 그러나 이러한 긍정적인 측면에서 불구하고, 사람들의 편리한 사용에 대한 욕구를 이용하여, 신종 앱 사기와 같은 범죄가 발생하고 있으며, 이를 악용하여 금전적으로 피해를 주거나 개인정보를 탈취하는 범죄로가 증가되는 추세이다. 이와 같은 앱으로 인한 범죄를 대응하기 위하여, 신종 앱 사기 범죄를 분석하고 해결하는 방안이 요구되는 실정이다. 따라서 본 논문에서는 신종 앱 사기 범죄에 악용되는 가짜 앱을 탐지하고, 공식 기관에서 제공하는 정보를 기반으로 가짜 앱과 공식 앱에 대한 대량의 정보를 공유하는 프레임워크를 개발한다. 개발한 프레임워크를 통하여, 정보를 공유한 사람들에게 가짜 앱에 대한 정보를 알려주고, 공식 기관의 앱을 확인하는 안전한 모바일 환경을 제공할 것으로 사료된다.

  • PDF

Vulnerability Analysis and Demonstration of Fingerprint Authentication in Secure USB Drives: Based on Product F (보안 USB 지문 인증 취약점 분석 및 실증: F 제품을 기반으로)

  • Seunghee Kwak;Suwan Go;Junkwon Lee;Jaehyuk Lee;Jinseo Yun;Kyungroul Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.189-190
    • /
    • 2023
  • IT 산업의 발전으로 인하여, 이동식 저장장치의 빠른 발전에도 불구하고, 대중적으로 사용되는 USB 저장 장치의 분실 및 탈취로 인한 민감 데이터의 노출 문제가 발생하였다. 이러한 문제점을 해결하기 위하여, 다양한 인증 방식을 적용한 보안 USB 저장장치가 등장하였지만, 소프트웨어의 구조적인 문제점으로 인하여, 사용자 인증정보를 검증하는 함수가 노출되는 것과 같은 인증 과정에서 발생하는 취약점을 악용함으로써, 보안 USB 저장장치에 안전하게 저장된 민감한 데이터를 보호하지 못하는 보안 위협이 발생하는 실정이다. 따라서 본 논문에서는 보안 USB 저장장치 중, F 제품을 대상으로, 지문 인증과정에서 발생하는 취약점을 분석하고 실증한다. 본 논문의 결과는 보안 USB 저장장치의 데이터 보호 및 인증기술을 더욱 안전하게 향상시키기 위한 참고 자료로 활용될 것으로 사료된다.

  • PDF

A study on QR code-based backup methods to strengthen the security of Cold wallet Purse (콜드월렛 지갑 보안 강화를 위한 QR코드 기반 백업 방안에 대한 연구)

  • Byoung Hoon Choi;JinYong Lee;Nam Hyun Koh;Sam Hyun Chun
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.23 no.6
    • /
    • pp.21-26
    • /
    • 2023
  • Recently, cryptocurrencies such as Ethereum and Bitcoin, which are called digital assets, Cryptocurrency has completely different characteristics from real assets and must be handled carefully and safely. But The disadvantage of digital assets is that anyone who knows the private key of the wallet can easily steal the digital assets. If the seed card is lost, stolen, or exposed when used, you can use the wallet by recovering the private key using the seed card acquired by someone else. In this paper We aim to safely protect encrypted assets by using QR codes when providing mnemonic words needed to create seed cards.

Design of a Vulnerability Exploit Framework for Secure External Hard Disks (보안 외장 하드디스크 취약점 익스플로잇 프레임워크 설계)

  • Sejun Hong;Wonbin Jeong;Sujin Kwon;Kyungroul Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2024.01a
    • /
    • pp.117-121
    • /
    • 2024
  • 기존의 외장 하드디스크는 보안 기능의 부재로 인하여, 비인가자로부터 디스크가 탈취되는 경우에는 저장된 데이터가 유출되거나 훼손되는 문제점이 존재한다. 이러한 문제점을 보완하기 위하여, 보안 기능을 제공하는 보안 외장 하드디스크가 등장하였지만, 보안 기능 중 패스워드나 지문 인증과 같은 사용자 인증을 우회하는 취약점이 지속적으로 발견됨으로써, 비인가자가 장치 내부에 안전하게 저장된 데이터에 접근하는 보안위협이 발생하였다. 이러한 보안위협은 국가사이버안보센터에서 공개한 보안 요구사항을 만족하지 못하거나, 만족하더라도 설계나 구현 과정에서 내포된 취약점으로 인하여 발생한다. 본 논문은 이와 같이 보안 외장 하드디스크에서 발생하는 취약점을 점검하기 위한 목적으로 보안 외장 하드디스크 익스플로잇 프레임워크를 설계하였다. 취약점을 점검하기 위한 전체 프레임워크를 설계하였고, 프레임워크에서 제공하는 각 기능 및 유즈케이스 다이어그램을 설계하였으며, 설계된 프레임워크를 활용한다면, 현재 상용화되었거나 추후 개발될 보안 외장 하드디스크를 대상으로 안전성을 평가할 것으로 판단된다. 그뿐만 아니라, 안전성 평가 결과를 기반으로, 보안 외장 하드디스크에 내재된 취약점을 보완함으로써 안전성을 더욱 향상시키고, 수동으로 분석하여야만 하는 보안 외장 하드디스크의 취약점 점검을 자동화함으로써, 안전성을 평가하는 시간과 비용 또한 절감할 것으로 사료된다.

  • PDF

Effects of Nitrogen Sources on PRE-point and Free amino acids in Soybean Leaves different In Phosphorus Sensitivity (인산감수성(燐酸感受性)이 다른 대두엽(大豆葉)의 광합성(光合成) 호흡(呼吸) 평형(平衡)과 유리(遊離) 아미노산에 대(對)한 질소원(窒素源)의 영향(影響))

  • Stutte, Charls A.;Park, Hoon
    • Korean Journal of Soil Science and Fertilizer
    • /
    • v.6 no.4
    • /
    • pp.239-244
    • /
    • 1973
  • Effects of nitrogen sources on free amino acids, and on photosynthsis-respiration equilibrium point of various positional leaf in soybean were investigated in relation to phosphorus sensitivity. The content of free amino acids was highest in ammonium and lowest in urea treated leaves. Glycine, serine, alanine and especially histidine were high in the ammonium treated leaves. Aspartic acid was high in the nitrate treated leaves. Photosynthesis respiration equilibrium point was higher in the sensitive cultivars, and higher with ammonium than with nitrate. The excess ammonium in plant appears to draw out an intermediate metabolite from carbon fixation pathway resulting in photosynthetic inhibition and activate pentoses phosphate pathway and photorespiration. Such phenomena were likely accentuated in phosphorus sensitive variety.

  • PDF

A study on hard-core users and bots detection using classification of game character's growth type in online games (캐릭터 성장 유형 분류를 통한 온라인 게임 하드코어 유저와 게임 봇 탐지 연구)

  • Lee, Jin;Kang, Sung Wook;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.1077-1084
    • /
    • 2015
  • Security issues such as an illegal acquisition of personal information and identity theft happen due to using game bots in online games. Game bots collect items and money unfairly, so in-game contents are rapidly depleted, and honest users feel deprived. It causes a downturn in the game market. In this paper, we defined the growth types by analyzing the growth processes of users with actual game data. We proposed the framework that classify hard-core users and game bots in the growth patterns. We applied the framework in the actual data. As a result, we classified five growth types and detected game bots from hard-core users with 93% precision. Earlier studies show that hard-core users are also detected as a bot. We clearly separated game bots and hard-core users before full growth.

A Design of Certificate Password Recovery Using Decentralized Identifier (DID를 사용한 인증서 암호 복구)

  • Kim, Hyeong-uk;Kim, Sang-jin;Kim, Tae-jin;Yu, Hyeong-geun
    • Journal of Venture Innovation
    • /
    • v.2 no.2
    • /
    • pp.21-29
    • /
    • 2019
  • In the public certificate technology commonly used in Korea, users have a cumbersome problem of always resetting when they forget their password. In this paper, as a solution to this problem, we propose a secure authentication certificate password recovery protocol using blockchain, PKI, and DID for distributed storage. DID is a schema for protecting block ID in blockchain system. The private key used in the PKI is configured as a user's biometric, for example, a fingerprint, so that it can completely replace the memory of the complex private key. To this end, based on the FIDO authentication technology that most users currently use on their smartphones, the process of authenticating a user to access data inside the block minimizes the risk of an attacker taking over the data.

An Investigation of Consumer Product Co-use Patterns - Focusing on air-fresheners and deodorizer - (생활화학제품 동시 사용현황 조사 - 방향제와 탈취제를 중심으로 -)

  • Lee, Daeyeop;Lim, Hyunwoo;Kim, Joo-Hyon;Kim, Taksoo;Hwang, Moonyoung;Seok, Kwangseol;Seo, Jungkwan
    • Journal of Environmental Health Sciences
    • /
    • v.44 no.3
    • /
    • pp.275-282
    • /
    • 2018
  • Objective: Since certain chemicals are widely applied in a variety of consumer products, exposure via simultaneous use of multiple consumer products can put human health at risk. For this reason, use patterns of consumer products are an important factor inhuman health risk assessment. The aim of this study is to investigate co-use patterns of air-fresheners and deodorizers in Korea in order to estimate potential cumulative exposure. Methods: To collect the information on use patterns of air-fresheners and deodorizers, ten air-fresheners and 14 deodorizers were selected. A total of 3,000 participants were recruited and asked through on line questionnaires whether they had simultaneously used the selected air-fresheners and deodorant products in their daily lives. Results: Among the 3,000 participants, 45.6% had used more than two air fresheners and 46.3% used more than two deodorizers. The most common types of air fresheners used concurrently include liquid and candle types for indoor environments, while those of deodorizers were fabric trigger sprays and refrigerator gels. In addition, 73.7% used more than two products without product categories. Fabric trigger sprays were contained in all of the high-ranking product combinations. Conclusions: This study showed that many consumers concurrently used air-fresheners and deodorizers in their daily routines. For accurate exposure assessment, co-use patterns of consumer products should be further investigated.

A Study on the Vulnerability of Security Keypads in Android Mobile Using Accessibility Features (안드로이드 접근성(Accessibility) 기능을 이용한 보안키패드의 취약점 공격 및 대응 방안)

  • Lee, Jung-Woong;Kim, In-Seok
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.1
    • /
    • pp.177-185
    • /
    • 2016
  • As the fintech industry is growing at an incredible rate, mobile phones are positioned as the most important tool for financial transaction. However, with a rising number of malware applications, the types of attack and illegal access to mobile device are becoming more diverse and sophisticated. This paper studies the potential keylogger attack by exploiting the Accessibility Service in Android framework. This type of attack allows the malicious individual to use keylogger on the victim's Android mobile phone to steal passwords during mobile financial transaction regardless of security keypad setting. Lastly the paper proposes solutions to counter these types of attack by verifying the accessibility usage and amending the application guideline for accessibility.

A study of RMT buyer detection for the collapse of GFG in MMORPG (MMORPG에서 GFG 쇠퇴를 위한 현금거래 구매자 탐지 방안에 관한 연구)

  • Kang, Sung Wook;Lee, Jin;Lee, Jaehyuk;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.4
    • /
    • pp.849-861
    • /
    • 2015
  • As the rise in popularity of online games, the users start exchanging rare items for real money. As RMT (Real Money Trade) is prevalent, GFG (Gold Farming Group) who abuse RMT shows up. GFG causes social problems such as identity theft, privacy leaks. Because they needs many bot characters to gather game items. In addition, GFG induce RMT that makes in-game problems such as a destroying game economy, account hacking. Therefore, It is very important work to collapse GFG at the perspective of social and in-game. In this paper, we proposed a fundamental method for detecting RMT buyers for the collapse of GFG at the perspective of buyer by Law of Demand and Supply. We found two type of RMT by analyzing actual game data and detected RMT buyers with high recall ratio of 98% by ruled-based detection.