• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.12
• /
• pp.99-109
• /
• 2018

Tampering involves illegally removing technologies from a protected system through reverse engineering or developing a system without proper authorization. As tampering of a weapon system is a threat to national security, anti-tampering measures are required. Precedent studies on anti-tampering have discussed the necessity, related trends, application cases, and recent cybersecurity-based or other protection methods. In a domestic situation, the Defense Technology Protection Act focuses on how to prevent technology leakage occurring in related organizations through personnel, facilities and information systems. Anti-tampering design needs to determine which technologies are protected while considering the effects of development cost and schedule. The objective of our study is to develop methods of how to select target technologies and determine counter-measures to protect these technologies. Specifically, an evaluation matrix was derived based on the risk analysis concept to select the protection of target technologies. Also, based on the concept of risk mitigation, the classification of anti-tampering techniques was performed according to its applicability and determination of application levels. Results of the case study revealed that the methods proposed can be systematically applied for anti-tampering in weapon system development.

• Journal of Auto-vehicle Safety Association
• /
• v.10 no.1
• /
• pp.6-11
• /
• 2018

Recently, many drivers of two-wheeled motorcycles in leisure and express delivery industries etc. brought increasing issues for the motorcycle safety. This paper has studied the structural safety of two-wheeled motorcycles considering the regulations for stand, rear registration plate and anti-tampering measures. The authors have investigated and compared a variety of international and domestic regulations and specifications for structural safety of those components. Detailed experimental procedures of stand, mounting for rear registration plate and anti-tampering measures are proposed to secure the two-wheeled motorcycle safety and the outcomes of this study can be used to confirm the Korean motor vehicle safety standards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.2
• /
• pp.335-345
• /
• 2024

In the digital era, data security has become an increasingly critical issue, drawing significant attention. Particularly, anti-tampering technology has emerged as a key defense mechanism against indiscriminate hacking and unauthorized access. This paper explores case studies that exemplify the trends in the development and application of TPM (Trusted Platform Module) and software anti-tampering technology in today's digital ecosystem. By analyzing various existing security guides and guidelines, this paper identifies ambiguous areas within them and investigates recent trends in domestic and international research on software anti-tampering. Consequently, while guidelines exist for applying anti-tampering techniques, it was found that there is a lack of methods for evaluating them. Therefore, this paper aims to propose a comprehensive and systematic evaluation framework for assessing both existing and future software anti-tampering techniques. To achieve this, it using various verification methods employed in recent research. The proposed evaluation framework synthesizes these methods, categorizing them into three aspects (functionality, implementation, performance), thereby providing a comprehensive and systematic evaluation approach for assessing software anti-tampering technology in detail.

• Journal of Korea Society of Industrial Information Systems
• /
• v.29 no.3
• /
• pp.23-40
• /
• 2024

Hardware attacks involve physical reverse engineering efforts to steal sensitive information, such as encryption keys and circuit designs. Encryption and obfuscation are representative countermeasures, but they are nullified if adversaries manage to find the key. To address this issue, we propose e-Cryptex, which utilizes a Physically Unclonable Function (PUF) as an anti-tampering shield. PUF acts as a random number generator and relies on unique physical variants that cannot be replicated or restored to enhance anti-tampering mechanisms. e-Cryptex uses PUF as a shield to protect the system's structure and generate the key. Tampering with the shield will result in the destruction of the key. This paper demonstrates that e-Cryptex meets PUF security requirements and is effective in detecting of tampering attempts that pierce or completely destroy the shield. Each board consistently generates the same key under normal conditions, while also showing key uniqueness across different boards.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.4
• /
• pp.470-478
• /
• 2019

As the growth of the domestic defense industry is remarkable regarding technology level and export size, technology protection is necessary. Particularly, there is a need to apply anti-tamper measures to prevent critical technologies from illegally being taken out of weapon systems. However, there is no security protection strategy and system built yet in ROK. Precedent studies discussed the trend analysis and technical research for specific protective techniques, and the application of anti-tamper using limited procedures was provided. Recently, methods of how to select the technology for protection were studied based on risk management. Nonetheless, these studies cannot be associated with the acquisition process for the whole life-cycle, having difficulty with actual development and evaluation of the weapon systems. The objective of our study is to derive the system requirements of the weapon system for which anti-tamper measures have been determined to apply. Specifically, requirements items suitable for the development of anti-tamper weapon systems were derived based on ISO/IEC 19790, the CMVP standard for the development and verification of cryptographic modules. Also, its utilization in technical reviews and test & evaluations was presented. The usefulness of the research results was confirmed through inductive inference and comparative evaluation. The result can be expected to play a role in initiating extensive activities needed for technology protection of the weapon systems.

• Journal of the Korea Institute of Military Science and Technology
• /
• v.20 no.4
• /
• pp.579-586
• /
• 2017

The defense industry has become a global industry, and military technology is actively being traded between countries to increase their military capabilities. The Republic of Korea has been ranked one of the top 10 countries for exports of military technology. To maintain competitive advantages in the global defense industry, it is essential to protect key technologies employed by exported weapon systems. Various techniques have been developed for protection of confidential technologies in weapon systems, and the U.S. DoD has been leading the development of the protection techniques. This paper reviews current anti-tampering techniques that prevent leakage of key technology from weapon exportation or pillage. Based on the protection techniques employed by the U.S. DoD Anti-Tamper Executive Agent, this paper suggests novel design methods for protection of confidential technologies. The proposed design methods were tested on an actual weapon system.

• Journal of Internet of Things and Convergence
• /
• v.9 no.6
• /
• pp.23-28
• /
• 2023

Windows operating system generates various logs with timestamps. Timestamp tampering is an act of anti-forensics in which a suspect manipulates the timestamps of data related to a crime to conceal traces, making it difficult for analysts to reconstruct the situation of the incident. This can delay investigations or lead to the failure of obtaining crucial digital evidence. Therefore, various techniques have been developed to detect timestamp tampering. However, there is a limitation in detection if a suspect is aware of timestamp patterns and manipulates timestamps skillfully or alters system artifacts used in timestamp tampering detection. In this paper, a method is designed to detect changes in timestamps, even if a suspect alters the timestamp of a file on a storage device, it is challenging to do so with precision beyond millisecond order. In the proposed detection method, the first step involves verifying the timestamp of a file suspected of tampering to determine its write time. Subsequently, the confirmed time is compared with the file size recorded within that time, taking into consideration the performance of the storage device. Finally, the total capacity of files written at a specific time is calculated, and this is compared with the maximum input and output performance of the storage device to detect any potential file tampering.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.7
• /
• pp.1953-1967
• /
• 2024

Lately, there has been a notable surge in the defense industry's efforts to develop highly advanced intelligent systems. These systems encompass sophisticated computing platforms that boast an impressive level of autonomy. However, it's important to acknowledge that these very systems are not impervious to vulnerabilities stemming from both hardware and software tampering. Within the context of this discourse, our focus of the survey is directed towards the hardware security module. This component stands out for its capability to offer a significantly heightened level of protection when compared to conventional software-based techniques. Through the lens of this paper, we embark on a comprehensive survey of Trusted Platform Module (TPM), a hardware security module, shedding light on its potential to fortify the defense against threats that emerge from various vectors of attack.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.97-107
• /
• 2023

With the popularization of digital devices in the era of the 4th industrial revolution and the increase in cyber crimes targeting them, the importance of securing digital data evidence is emerging. However, the difficulty in securing digital data evidence is due to the use of anti-forensic techniques that increase analysis time or make it impossible, such as manipulation, deletion, and obfuscation of digital data. Such anti-forensic is defined as a series of actions to damage and block evidence in terms of digital forensics, and is classified into data destruction, data encryption, data concealment, and data tampering as anti-forensic techniques. Therefore, in this study, anti-forensic techniques are categorized into data concealment and deletion (obfuscation and encryption), investigate and analyze recent research trends, and suggest future anti-forensic research directions.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.5
• /
• pp.309-316
• /
• 2014

It is easy to reverse engineer an Android app package file(APK) and get its decompiled source code. Therefore, attackers obtains economic benefits by illegally using the decompiled source code, or modifies an app by inserting malware. To address these problems in Android, we propose an APK overwrite scheme that protects apps against illegal modification of themselves by using a new anti-reverse engineering technique. In this paper, the targets are the apps which have been written by any programmer. For a target app (original app), server system (1) makes a copy of a target app, (2) encrypts the target app, (3) creates a stub app by replacing the DEX (Dalvik Executable) of the copied version with our stub DEX, and then (4) distributes the stub app as well as the encrypted target app to users of smartphones. The users downloads both the encrypted target app and the corresponding stub app. Whenever the stub app is executed on smartphones, the stub app and our launcher app decrypt the encrypted target app, overwrite the stub app with the decrypted target one, and executes the decrypted one. Every time the target app ends its execution, the decrypted app is deleted. To verify the feasibility of the proposed scheme, experimentation with several popular apps are carried out. The results of the experiment demonstrate that our scheme is effective for preventing reverse engineering and tampering of Android apps.