• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.9
• /
• pp.1955-1964
• /
• 2011

With fast deployment of high-speed networks and various online services, the demand for massive content distribution is also growing fast. An approach that is increasingly visible in communication research community and in industry domain is peer-to-peer (P2P) networks. The P2P swarming technique enables a content distribution system to achieve higher throughput, avoid server or network overload, and be more resilient to failure and traffic fluctuation. Moreover, as a P2P-based architecture pushed the computing and bandwidth cost toward the network edge, it allows scalability to support a large number of subscribers on a global scale, while imposing little demand for equipment on the content providers. However, the P2P swarming burdens message exchange overheads on the system. In this paper, we propose a new protocol which provides confidentiality, authentication, integrity, and access control to P2P swarming. We implemented a prototype of our protocol on Android smart phone platform. We believe our approach can be straightforwardly adapted to existing commercial P2P content distribution systems with modest modifications to current implementations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.975-985
• /
• 2014

As financial transactions with a smartphone has become increasing, a myriad of security threats have emerged against smartphones. Among the many types of security threats, Smishing has evolved to be more sophisticated and diverse in design. Therefore, financial institutions have recommended that users doesn't install applications with setting of "Unknown sources" in the system settings menu and install application which detects Smishing. Unfortunately, these kind of methods come with their own limitations and they have not been very effective in handling Smishing. In this paper, we propose a systematic method to detect Smishing, in which the RIL(Radio Interface Layer) collects a text message received and then, checks if message databases stores text message in order to determine whether Smishing malware has been installed on the system. If found, a system call (also known as a hook) is used to block the outgoing text message generated by the malware. This scheme was found to be effective in preventing Smishing as found in our implementation.

• KIISE Transactions on Computing Practices
• /
• v.21 no.3
• /
• pp.215-222
• /
• 2015

In this paper, the Digital DoorLock by Internet of Things (DDiT) is introduced. In order to implement DDiT, an integrated micro-controller platform, Arduino is used to control an existing digital doorlock and an android type smart phone is adopted as a mobile platform. One of the advantages of DDiT is that it can be added to an existing digital doorlock and a smart phone application is used as a digital key. Owing to the smart phone application, several other types of applications could also be made. Therefore, DDiT could be used effectively and conveniently in ordinary homes as well as in high security applications such as in hotels, institutes, and companies.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3756-3777
• /
• 2019

Recent internet development is helping malware researchers to generate malicious code variants through automated tools. Due to this reason, the number of malicious variants is increasing day by day. Consequently, the performance improvement in malware analysis is the critical requirement to stop the rapid expansion of malware. The existing research proved that the similarities among malware variants could be used for detection and family classification. In this paper, a Cross-Platform Malware Variant Classification System (CP-MVCS) proposed that converted malware binary into a grayscale image. Further, malicious features extracted from the grayscale image through Combined SIFT-GIST Malware (CSGM) description. Later, these features used to identify the relevant family of malware variant. CP-MVCS reduced computational time and improved classification accuracy by using CSGM feature description along machine learning classification. The experiment performed on four publically available datasets of Windows OS and Android OS. The experimental results showed that the computation time and malware classification accuracy of CP-MVCS was higher than traditional methods. The evaluation also showed that CP-MVCS was not only differentiated families of malware variants but also identified both malware and benign samples in mix fashion efficiently.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06b
• /
• pp.52-54
• /
• 2011

급속하게 성장하고 있는 스마트폰 시장에서 사용자의 수가 늘어감에 따라 다양한 이슈들이 대두되고 있다. 특히 스마트폰에는 많은 개인정보들이 저장되어 있어, 분실 또는 악성 코드로 인한 정보 유출로 막대한 금전적 피해를 야기할 수 있기 때문에 보안 기법에 대한 연구 필요성이 강조되고 있다. 개방형플랫폼을 지향하고 있는 모바일 운영체제 안드로이드는 다른 폐쇄형 플랫폼보다 보안 취약점이 노출 될 가능성이 높고 실제로 이로 인한 피해 사례들이 보고되고 있다. 본 논문에서는 안드로이드를 플랫폼에서 보안을 강화하기 위해 연구된 여러 보안 기법들을 살펴보고 특징에 따라 분류해본다.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.744-747
• /
• 2015

최근 스마트폰을 이용한 홈네트워크, 스마트워크 등 다양한 인터랙션 환경이 연구됨에 따라 스마트폰의 범위는 단일기기를 넘어 환경 자체로 확대되고 있는 추세이다. 특히, 스마트폰에 탑재되는 운영 체제 중 안드로이드는 서드파티를 이용한 어플리케이션 설치, 소스코드 공개 등의 개방성을 강조하여 세계 시장점유율 90% 이상을 차지하고 있다. 하지만 안드로이드는 어플리케이션 설치 시 사용자의 동의를 얻을 경우 언제든지 해당 권한에 대한 사용이 가능한 Coarse-grained 접근제어 정책을 사용하고 있어 다양한 보안 문제들이 발생하고 있다. 따라서 본 논문에서는 안드로이드 플랫폼 수준의 보안 정책을 강화할 수 있도록 권한을 검사하고 보안 정책을 사용자의 수준에 맞게 수립하는 보안 모듈을 제안한다.

• Annual Conference of KIPS
• /
• 2010.11a
• /
• pp.1108-1111
• /
• 2010

구글 안드로이드 플랫폼은 오픈소스 형태로 응용프로그램을 손쉽게 개발할 수 있는 환경을 제공하며 이러한 특징으로 인해 빠른 속도로 시장 점유율을 높이고 있다. 하지만 오픈 소스의 특징으로 인해 보안 취약점에 대한 우려가 증가하고 있다. 안드로이드 고유의 보안모델은 응용프로그램의 시스템자원에 대한 부적절한 접근을 제어하기 위한 권한을 중심으로 이루어진다. 본 연구에서는 안드로이드의 권한 기반 보안모델에 대한 취약성을 테스트 코드수행과 플랫폼 소스분석을 통해 알아보고 이에 대해 간단한 해결방안을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.1
• /
• pp.145-154
• /
• 2014

In this paper, we propose a novel anti-malware system based on behavior profiling, called Andro-profiler. Andro-profiler consists of mobile devices and a remote server, and is implemented in Droidbox. Our aim is to detect and classify malware using an automatic classifier based on behavior profiling. First, we propose the representative behavior profiling for each malware family represented by system calls coupled with Droidbox system logs. This is done by executing the malicious application on an emulator and extracting integrated system logs. By comparing the behavior profiling of malicious applications with representative behavior profiling for each malware family, we can detect and classify them into malware families. Andro-profiler shows over 99% of classification accuracy in classifying malware families.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.378-381
• /
• 2011

The group management system with Wireless Sensor Network and android application is proposed in this paper. The proposed system was composed of personal devices with sensor nodes of WSN, manager device of android platform, and the web server. The sensor node used by each group member send a data packet to the manager device every 2 seconds. The leader device displays and transmits entire information to the web server. The web server represents these information through web page. Therefore, guardians can assure their group member's safety and security on the web page. The RSSI value of each sensor node converted by computed log-normal path loss model into distance value and displays on the manager device and the web page.

• Journal of Internet Computing and Services
• /
• v.13 no.2
• /
• pp.51-57
• /
• 2012

The warming up of the recent competition in the smart phone industry followed by rapid increase of open platforms and app stores have led the mobile terminals to adopt the general purpose operating system. The mobile device utilizing this OS is vulnerable to mobile malignant code which is highly transferable. As a result, the scale of mobile attack and harm increase. However, compared to the malicious code and virus which keep increasing, the elements for security to prevent are insufficient. Therefore, this paper describe about the Context Aware Service that eliminates the potentially risky elements on the smart phone service, which could threaten the usability of the service including invasion of personal information. The proposed system prevents from disclosure of personal information by giving the procedure of information, and realizes the service that is able to change the sequence of identifying the users' information to prepare for emergency.