• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.881-893
• /
• 2020

CFI(Control Flow Integrity) is a mitigation mechanism that protects programs by verifying control flows. IFCC(Indirect Function Call Checks) and SCS(Shadow Call Stack), CFI supported by LLVM Clang compiler, were introduced to protect applications in Android. IFCC protects function calls and SCS protects function returns. In this paper, we propose attacks to bypass CFI on the application environment with IFCC and SCS. Even if IFCC and SCS were applied to user applications, it was confirmed that there were many code segments not protected by IFCC and SCS in the application memory. We execute code in CFI unprotected segments to construct 1) bypassing IFCC to call a protected function, 2) modulating return address via SCS bypass. We identify code segments not protected by IFCC and SCS in Android10 QP1A. 191005.007.A3. We also implement proof-of-concept exploits to demonstrate that modulation of control flow is possible in an environment where IFCC and SCS are applied.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.45-55
• /
• 2019

DEX file and share objects (also known as the SO file) are important components that define the behaviors of an Android application. DEX file is implemented in Java code, whereas SO file under ELF file format is implemented in native code(C/C++). The two layers - Java and native can communicate with each other at runtime. Malicious applications have become more and more prevalent in mobile world, they are equipped with different evasion techniques to avoid being detected by anti-malware product. To avoid static analysis, some applications may perform malicious behavior in native code that is difficult to analyze. Existing researches fail to extract the call relationship which includes both Java code and native code, or can not analyze multi-DEX application. In this study, we design and implement a system that effectively extracts the call relationship between Java code and native code by analyzing DEX file and SO file of Android application.

• Journal of Software Assessment and Valuation
• /
• v.10 no.1
• /
• pp.19-26
• /
• 2014

In this paper, we propose a method for protecting Android applications against reverse engineering attacks. In this method, the server encrypts the original executable code (DEX) included in an APK file, inserts into the APK file a stub code that decrypts the encrypted DEX later at run-time, and distributes the modified APK file. The stub code includes an integrity validation code to detect attacks on itself. When a user installs and executes the APK file, the stub code verifies the integrity of itself, decrypts the encrypted DEX, and loads it dynamically to execute. Since the original DEX is distributed as an encrypted one, we can effectively protect the intellectual property. Further, by verifying the integrity of the stub code, we can prevent malicious users from bypassing our method. We applied the method to 15 Android apps, and evaluated its effectiveness. We confirmed that 13 out of them operates normally.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.9 no.5
• /
• pp.277-283
• /
• 2014

In this paper, we propose a control system for synchronizing attitude between an Android smartphone and a mobile robot. The control system is comprised of a smartphone and a mobile robot. The smartphone transports its attitude to the mobile robot and receives the attitude of mobile robot through bluetooth communication. Further, the smartphone displays the mobile robot on the screen by using embedded camera, which can be used as a pseudo augmented reality. Comparing the received attitude data from smartphone, the mobile robot measures its attitude by an AHRS(attitude heading reference system) and controls its attitude. Experiments show that the synchronization performance of the proposed system is maintained in the error range of $1^{\circ}$.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2012.05a
• /
• pp.137-140
• /
• 2012

본 논문에서는 소프트웨어 제작 경험이 없는 사용자들이 쉽게 application을 만들고 이를 스마트폰에 설치해 사용할 수 있도록 하는 Android 기반의 application 제작 툴을 개발하였다. 개발된 툴을 이용하여 전화번호부, 사진첩, 100일 기념 application을 제작했고 스마트폰에서 동작을 확인하였다. 본 논문에서 개발된 툴을 이용하면 사용자는 프로그래밍 없이도 화면 구성 및 여러 동작을 구현해내고 스마트폰에 부착되어 있는 센서들을 활용하는 application 을 쉽게 제작할 수 있다.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.8 no.4
• /
• pp.227-233
• /
• 2013

In this paper, we propose an implementation of pH reader on Android smart phone by using Eclipse and SDK. After taking a picture of pH spectrum and tested litmus paper at the same time, we save the picture. From the picture, reference values in RGB and YUB of all pH color in the spectrum are obtained and then those of a chosen point by user in the litmus paper are to be compared with. The distances between the reference colors and the litmus paper's color are measured by Euclidean distance in RGB or YUB coordinate. The nearest two pH values are taken to find the weighted average of the result. Series of test show the proposed scheme is feasible and has performance within 10% error.

• Journal of Information Technology Services
• /
• v.12 no.2
• /
• pp.103-118
• /
• 2013

Harmful contents on a mobile platform are becoming serious problems to young people due to the prevalence of smart phones with the fast development of mobile technology. Mobile applications and contents are so much optimized on the mobile environment that young men are exposed to many harmful contents. A system for blocking harmful contents is suggested in this study. The system includes a local proxy function, filtering module, and local database in order to increase the blocking efficiency. The local proxy function and the filtering module are implemented on an Android platform, and the local database are running on a PC-based server. The suggested system perfectly blocks harmful contents, and shows relatively high speed.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.21 no.5
• /
• pp.588-594
• /
• 2011

This paper presents the development of application and management system for guiding job information based on android smart-phone. The real-time informations which are provided from the job portal site, become known by using the smart-phone, and the sever system for saving and managing the related informations has been implemented. Especially, the relay and synchronization protocol of job informations have been designed and the system for managing a transmitting and receiving information is also designed and modelled. The developed application has been made up for and registered in the application store for making good use.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.8 no.10
• /
• pp.1545-1552
• /
• 2013

This paper presents an implementation of embedded platform based ARM A8-cortex processor for android supporting. The development board for S5PV210 is a platform that is suitable for code development of SAMSUNG's S5PV210 32bit RICS micro controller(ARMv7) architecture for hand-held device and general applications. Embedded platform development board offers various function and high efficiencies. In addition to the high performance, the embedded platform offers low current consumption, ensuring low costs and power.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.6
• /
• pp.2781-2798
• /
• 2019

Thanks to internet, as one of indispensable parts of our lives, many devices that we use in our daily lives like TV, air conditioner, refrigerator, washing machine, can be monitored and controlled remotely by becoming more intelligent via Internet of Things (IoT) technology. Smart Home applications as one of the elements of smart cities, are individually the most demanded application without question. In this study, Smart Energy Management (SEM) system, based on NodeMCU and Android, has been designed for SEM, which is a part of the smart home application. With this system, household energy consumption can be monitored in real time, as well as having the ability to record the data comprising of operation times and energy consumption information for each device. Additionally, it is ensured to meet the energy needs on a maximized level possible, during the hours when the energy costs are lower owing to the SEM system. The Android interface provides the users with the opportunity to monitor and change their electricity consumption habits in order to optimize the energy efficiency, along with the opportunity to draw up of a daily and weekly schedule.