• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.313-317
• /
• 2014

Smart-phone, PC or tablet platforms, such as smart terminals spread to the masses trying to capitalize. Smart TV also is increasing. In Korea, market size of TV is growing fast with growth of risk of hacking. In this paper, several kinds of Smart TV hacking cases are presented with the possibility of attacks against the vulnerability analysis and countermeasures. Most of the Linux operating system is open. Thus, it is vulnerable for latest hacking techniques. Most are based on the Linux OS to enhance security mount Sand-Box. However, bypass procedure using the technique, or APT attacks can avoid San-Box technique. New hacking techniques and a variety of ways will occur in the future. Therefore, this paper will develop Smart TV, and it analysis of a security threat and establishes better prepared in the future because new hacking attacks are expected to prepare more.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.267-270
• /
• 2013

Hacking damage is increasing year by year in the Internet payment service credit card applying the digital signature method of PKI-based first domestic, secure payment, was 180 million won in 2012. Revenues have soared for phishing that Smishing using smartphone after entering 2013. Hacking accident to the secure payment system using Smishing has occurred took over personal information and financial direct damage. In this paper, we analyzed for Smishing, to prevent the damage of secure payment using Smishing to study the hacking attack of secure payment. In addition, it would be studies to allow through the smartphone, online payment safer and more convenient.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.432-435
• /
• 2011

Hacking 공격자에 대한 수사실무에서는 Proxy Server를 연동한 해외에서의 우회공격에 대한 기법과 기술을 알아야 MAC address 또는 Real IP에 대한 역추적이 가능하다. 즉 Proxy Server를 여러 번 거치면서 자신의 Real IP를 숨기고 ARP Spoofing 기법을 사용하여 MAC address를 속이기 때문이다. 본 논문에서는 해외에서의 해킹 공격자들이 어떻게 공격자의 Real IP를 숨기고, ARP Spoofing 기법을 응용하여 공격을 시도하는 기법과 기술을 연구한다. 또한 Proxy Server를 통한 우회공격에서 ARP Spoofing 공격을 보안하는 방법을 연구한다. 본 논문 연구가 해외로 부터의 Hacking과 방어를 위한 기술 발전에 기여 할 것 이다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.772-775
• /
• 2004

After Morris' Internet Worm in 1988, the stack buffer overflow hacking became generally known to hackers and it has been used to attack systems and servers very frequently. Recently, many researches tried to prevent it, and several solutions were developed such as Libsafe and StackGuard; however, these solutions have a few problems. In this paper we present a new stack buffer overflow attack prevention technique that uses the system call monitoring mechanism and memory address where the system call is made.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.171-177
• /
• 2006

The hacking aspect of recent times is changing, the phishing attack which uses a social engineering technique is becoming the threat which is serious in Information Security. It cheats the user and it acquires a password or financial information of the individual and organization. The phishing attack uses the home page which is fabrication and E-mail and acquires personal information which is sensitive and financial information. This study proposes the establishment of National Fishing Response Center, complement of relation legal system Critical intelligence distribution channel of individual and enterprise.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.6
• /
• pp.1360-1364
• /
• 2013

Internet phone, communication cost and easy-to-use low-cost compared to the PSTN is a mobile phone of a conventional, and use of the Internet phone is spreading. Construction as part of the broadband convergence network(BCN), Internet service provider(KT, SKT, LGU+) has converted to Internet phone telephone network to all government agencies. In addition, members of the public also have an Internet phone service that you are using. In this paper, we analyze the hacking attack on IP-PBX in the IETF SIP-based that are used in Internet telephony, to the study. The test bed is constructed in the same way as the Internet telephone system to perform studies carried hacking attacks on IP-PBX, analyze the results and to extract evidence forensics. When used in crime by hacking the Internet telephone, we propose a method which can be used as evidence in forensic having legal effect.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.19-26
• /
• 2006

Recently, web server hacking is trending toward web application hacking which uses comparatively vulnerable web applications based on open sources. And, it is possible to hack databases using web interfaces because web servers are usually connected databases. Web application attacks use vulnerabilities not in web server itself, but in web application structure, logical error and code error. It is difficult to defend web applications from various attacks by only using pattern matching detection method and code modification. In this paper, we propose a method to secure the web applications based on profiling which can detect and filter out abnormal web application requests.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.102-110
• /
• 2001

대부분의 해킹 공격은 공격 대상 프로그램의 소스코드 보안취약점에 의해서 발생하지만 프로그램 개발시에 소스코드 보안성에 대해서는 고려되지 않았다. 이러한 문제점으로 인하여 해킹 공격의 근본적인 원인을 해결할 수 없었다. 본 논문에서는 취약점의 원인이 되는 코드를 컴파일시 생성된 어셈블리 코드 수준에서 탐지하는 방법을 제시하고자 한다. 취약한 코드를 컴파일러 수준에서 점검하는 것보다 어셈블리 코드 수준에서 점검하는 것은 어느 정도의 메모리 영역까지 점검할 수 있어 더 정확하다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.4
• /
• pp.737-744
• /
• 2012

Recently VoIP has provided voice(both wired and wireless from IP-based) as well as the transmission of multimedia information. VoIP used All-IP type, Gateway type, mVoIP etc. Wired and wireless VoIP has security vulnerabilities that VoIP call control signals, illegal eavesdropping, service misuse attacks, denial of service attack, as well as wireless vulnerabilities etc. from WiFi Zone. Therefore, the analysis of security vulnerabilities in wired and wireless VoIP and hacking incidents on security measures for research and study is needed. In this paper, VoIP (All-IP type, and for Gateway type) for system and network scanning, and, IP Phone to get the information and analysis of the vulnerability. All-IP type and Gateway type discovered about the vulnerability of VoIP hacking attacks (Denial of Service attacks, VoIP spam attacks) is carried out. And that is a real VoIP system installed and operated in the field of security measures through research and analysis is proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.215-223
• /
• 2019

The recent trend of cyber attack threat is mainly APT (Advanced Persistent Threat) attack. This attack is a combination of hacking techniques to try to steal important information assets of a corporation or individual, and social engineering hacking techniques aimed at human psychological factors. Spear phishing attacks, one of the most commonly used APT hacking techniques, are known to be easy to use and powerful hacking techniques, with more than 90% of the attacks being a key component of APT hacking attacks. The existing research for cyber security threat defense is mainly focused on the technical and policy aspects. However, in order to preemptively respond to intelligent hacking attacks, it is necessary to study different aspects from the viewpoint of social engineering. In this study, we analyze the correlation between human personality type (DISC) and cyber security threats, focusing on spear phishing attacks, and present countermeasures against security threats from a new perspective breaking existing frameworks.