• Journal of the Korea Society of Computer and Information
• /
• v.21 no.3
• /
• pp.39-45
• /
• 2016

In this paper, we propose a log management service model for efficient developments of android applications. The proposed model consists of two major parts which are the log collector and the log manager service. The log collector can capture the log information of a target application without modifications, because the collector is composed by aspect-oriented programming. The collected logs are transformed to chunk of data, and the chunk of data is sent to the log management service. The log management service is an android service component and an independent application in another process. So, the log management service can reduce the workload of logging in the target application. Through a case study, we show that the proposed log management service model can reduce the log processing time compared to other models without modifications of a target application.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.6 no.3
• /
• pp.190-200
• /
• 2011

Android platform provides a content provider and a cursor mechanism to access the internal SQLite engine. Content providers not only store and retrieve data but also make it accessible to applications. Applications can only share data through content provider, since there's no common storage area that Android packages can access. Cursor is an interface that provides random read-write access to the result set returned by a database query. However, this cursor possesses two major limitations. First, a cursor does not support a join clause among cursors, since the cursor can only access a single table in the content provider. Second, the cursor is not capable of creating user-customized field in the predefined content providers. In this paper, we propose the unified cursor architecture that merges several cursors into a single virtual cursor. Cursor translation look-aside buffer (TLB), column windowing mechanism and virtual data management are the three major techniques we have adopted to implement our structure. And we also propose a delayed synchronization method between an application and a proposed unified cursor. An application can create a user-customized field and sort multiple tables using a unified cursor on Android platform.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.1
• /
• pp.213-219
• /
• 2011

Due to the rapid growth of smartphone market, the security threats are also increased. One of the smartphone security threats is that w1Verified applications are distributed on the smartphone market. In the case of Andoroid market, Google have no Application Approval Process that can detect malicious android application so many malicious android applications are distributed in the Android market. To reduce this security threat, it is essential the skill to detect the malicious activities of application. In this paper, we propose the android application analysis method for malicious activity detection and we introduce the implementation of our method which can automatically analyze the android application.

• Journal of KIISE
• /
• v.44 no.4
• /
• pp.352-362
• /
• 2017

This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1201-1215
• /
• 2015

Obfuscation tools can be used to protect android applications from reverse-engineering in android environment. However, obfuscation tools can also be misused to protect malicious applications. In order to evade detection of anti-virus, malware authors often apply obfuscation techniques to malicious applications. It is difficult to analyze the functionality of obfuscated malicious applications until it is deobfuscated. Therefore, a study on deobfuscation is certainly required to address the obfuscated malicious applications. In this paper, we analyze APKs which are obfuscated by commercial obfuscation tools and propose the deobfuscation method that can statically identify obfuscation options and deobfuscate it. Finally, we implement automatic identification and deobfuscation tool, then show the results of evaluation.

• Journal of KIISE
• /
• v.42 no.9
• /
• pp.1100-1108
• /
• 2015

Classes.dex, which is the executable file for android operation system, has Java bite code format, so that anyone can analyze and modify its source codes by using reverse engineering. Due to this characteristic, many android applications using classes.dex as executable file have been illegally copied and distributed, causing damage to the developers and software industry. To tackle such ill-intended behavior, this paper proposes a technique to encrypt classes.dex file using an AES(Advanced Encryption Standard) encryption algorithm and decrypts the applications encrypted in such a manner in order to prevent reverse engineering of the applications. To reinforce the file against reverse engineering attack, hash values that are obtained from substituting a hash equation through the combination of salt values, are used for the keys for encrypting and decrypting classes.dex. The experiments demonstrated that the proposed technique is effective in preventing the illegal duplication of classes.dex-based android applications and reverse engineering attack. As a result, the proposed technique can protect the source of an application and also prevent the spreading of malicious codes due to repackaging attack.

• Journal of KIISE
• /
• v.42 no.8
• /
• pp.1022-1030
• /
• 2015

The context-awareness of mobile applications yields several issues for testing, since mobile applications should be able to be tested in any environment and under any contextual input. In previous studies of testing for Android applications as an event-driven system, many researchers have focused on using generated test cases considering only Graphical User Interface (GUI) events. However, it is difficult to find failures that could be detected when considering the changes in the context in which applications run. It is even more important to consider various contexts since the mobile applications adapt and use the new features and sensors of mobile devices. In this paper, we provide a method of systematically generating various executing contexts from permissions. By referring to the lists of permissions, the resources used by the applications for running Android applications can be easily inferred. To evaluate the efficiency of our testing method, we applied the method on two open source projects and showed that it contributes to improve the statement code coverage.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.5
• /
• pp.1-8
• /
• 2013

Smartphone enables diverse applications to be used in mobile environments. In spite of the high performance of smartphones, battery life has become one of the major constraints in mobility. Therefore, power efficiency of the smartphone is one of the most important factors in determining the efficiency of the smartphone. In this paper, in order to analyze the power efficiency of the smartphone, we have various experiments according to several configuration parameters such as processor, display and OS. We also use diverse applications. As a result, power consumption is dependent on the processor complexity and display size. However, power consumption shows the unpredictable pattern according to the OS. Smartphone using android OS consumes high power when internet and image processing applications are executed, but It consumes low power when music and camera applications are executed. In contrary, smartphone based on iOS consumes high power when game and internet applications are executed but it consumes low power when camera and processing applications are executed. In general, smartphone using iOS is more power efficient than smartphone based on android OS, because smartphone using iOS is optimized in the perspective of the hardware and OS.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.6
• /
• pp.335-343
• /
• 2015

As the usage of mobile devices becomes diverse, a number of attacks on Android also have increased. Among the attacks, Android can be compromised by flashing a new image of compromised Android Linux. In order to solve this problem, we propose SeBo (Secure Boot System) which prevents compromised Android Linux by guaranteeing secure boot environment for mobile devices based on ARM TrustZone architecture. SeBo checks the hash value of the Android Linux image before the Android Linux executes. SeBo detects all the attacks within 5 seconds. Moreover, since SeBo only trusts the Secure Bootloader from Secure World, SeBo can reduce the additional overhead of checking the Normal Bootloader from Normal World.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.654-662
• /
• 2013

Android applications can be easily decompiled owing to their structural characteristics, in which applications are developed using Java and are self-signed so that applications modified in this way can be repackaged. It will be crucial that this inherent vulnerability may be used to an increasing number of Android-based financial service applications, including banking applications. Thus, code obfuscation techniques are used as one of solutions to protect applications against their forgery. Currently, many of applications distributed on Android market are using ProGuard as an obfuscation tool. However, ProGuard takes care of only the renaming obfuscation, and using this method, the original opcodes remain unchanged. In this paper, we thoroughly analyze obfuscation mechanisms applied in ProGuard, investigate its limitations, and give some direction about its improvement.