• Title/Summary/Keyword: Malicious Application

Search Result 192, Processing Time 0.025 seconds

Development of LLDB module for potential vulnerability analysis in iOS Application (iOS 어플리케이션의 잠재적 취약점 분석을 위한 LLDB 모듈 개발)

  • Kim, Min-jeong;Ryou, Jae-cheol
    • Journal of Internet Computing and Services
    • /
    • v.20 no.4
    • /
    • pp.13-19
    • /
    • 2019
  • In order to register an application with Apple's App Store, it must pass a rigorous verification process through the Apple verification center. That's why spyware applications are difficult to get into the App Store. However, malicious code can also be executed through normal application vulnerabilities. To prevent such attacks, research is needed to detect and analyze early to patch potential vulnerabilities in applications. To prove a potential vulnerability, it is necessary to identify the root cause of the vulnerability and analyze the exploitability. A tool for analyzing iOS applications is the debugger named LLDB, which is built into Xcode, the development tool. There are various functions in the LLDB, and these functions are also available as APIs and are also available in Python. Therefore, in this paper, we propose a method to efficiently analyze potential vulnerabilities of iOS application by using LLDB API.

Hybrid Trust Computational Model for M2M Application Services (M2M 애플리케이션 서비스를 위한 하이브리드형 신뢰 평가 모델)

  • Kim, Yukyong
    • Journal of Software Assessment and Valuation
    • /
    • v.16 no.2
    • /
    • pp.53-62
    • /
    • 2020
  • In the end-user domain of an IoT environment, there are more and more intelligent M2M devices that provide resources to create and share application services. Therefore, it can be very useful to manage trust by transferring the role of the existing centralized service provider to end users in a P2P environment. However, in a decentralized M2M computing environment where end users independently provide or consume services, mutual trust building is the most important factor. This is because malicious users trying to build malfunctioning services can cause security problems in M2M computing environments such as IoT. In this paper, we provide an integrated analysis and approach for trust evaluation of M2M application services, and an optimized trust evaluation model that can guarantee reliability among users of the M2M community.

A Practical Attack on In-Vehicle Network Using Repacked Android Applications (커넥티드 카 환경에서 안드로이드 앱 리패키징을 이용한 자동차 강제 제어 공격)

  • Lee, Jung Ho;Woo, Samuel;Lee, Se Young;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.3
    • /
    • pp.679-691
    • /
    • 2016
  • As vehicle started to contain many different communication devices, collecting external information became possible in IoT environment. In such environment, remotely controling vehicle is possible when vehicle information is obtained by looking in to vehicle network through smart device. However, android based smart device applications are vulnerable to malicious modulation and redistribution. Modulated android application can lead to vehicle information disclosure that could bring about vehicle control accident which becomes threat to drivers. furthermore, since vehicles today does not contain security methods to protect it, they are very vulnerable to security threats which can cause serious damage to users and properties. In this paper, many different vehicle management android applications that are sold in Google Play has been analyzed. With this information, possible threats that could happen in vehicle management applications are being analysed to prove the risks. the experiment is done on actual vehicle to prove the risks. Also, access control method to protect the vehicle against malicious actions that could happen through external network in IoT environment is suggested in the paper.

(An HTTP-Based Application Layer Security Protocol for Wireless Internet Services) (무선 인터넷 서비스를 위한 HTTP 기반의 응용 계층 보안 프로토콜)

  • 이동근;김기조;임경식
    • Journal of KIISE:Information Networking
    • /
    • v.30 no.3
    • /
    • pp.377-386
    • /
    • 2003
  • In this paper, we present an application layer protocol to support secure wireless Internet services, called Application Layer Security(ALS). The drawbacks of the two traditional approaches to secure wireless applications motivated the development of ALS. One is that in the conventional application-specific security protocol such as Secure HyperText Transfer Protocol(S-HTTP), security mechanism is included in the application itself. This gives a disadvantage that the security services are available only to that particular application. The other is that a separate protocol layer is inserted between the application and transport layers, as in the Secure Sockets Layer(SSL)/Transport Layer Security(TLS). In this case, all channel data are encrypted regardless of the specific application's requirements, resulting in much waste of network resources. To overcome these problems, ALS is proposed to be implemented on top of HTTP so that it is independent of the various transport layer protocols, and provides a common security interface with security applications so that it greatly improves the portability of security applications. In addition, since ALS takes advantages of well-known TLS mechanism, it eliminates the danger of malicious attack and provides applications with various security services such as authentication, confidentiality integrity and digital signature, and partial encryption. We conclude this paper with an example of applying ALS to the solution of end-to-end security in a present commercial wireless protocol stack, Wireless Application Protocol.

Adaptive Intrusion Tolerance Model and Application for Distributed Security System (분산보안시스템을 위한 적응형 침입감내 모델 및 응용)

  • 김영수;최흥식
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.6C
    • /
    • pp.893-900
    • /
    • 2004
  • While security traditionally has been an important issue in information systems, the problem of the greatest concern today is related to the availability of information and continuity of services. Since people and organizations now rely on distributed systems in accessing and processing critical services and mission, the availability of information and continuity of services are becoming more important. Therefore the importance of implementing systems that continue to function in the presence of security breaches cannot be overemphasized. One of the solutions to provide the availability and continuity of information system applications is introducing an intrusion tolerance system. Security mechanism and adaptation mechanism can ensure intrusion tolerance by protecting the application from accidental or malicious changes to the system and by adapting the application to the changing conditions. In this paper we propose an intrusion tolerance model that improves the developmental structure while assuring security level. We also design and implement an adaptive intrusion tolerance system to verify the efficiency of our model by integrating proper functions extracted from CORBA security modules.

Process Algebra Based Formal Method for SDN Application Verification (SDN 응용 검증을 위한 프로세스 알지브라 기반 정형 기법)

  • Shin, Myung-Ki;Yi, Jong-Hwa;Choi, Yunchul;Lee, Jihyun;Lee, Seung-Ik;Kang, Miyoung;Kwak, Hee Hwan;Choi, Jin-Young
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.39B no.6
    • /
    • pp.387-396
    • /
    • 2014
  • Recently, there have been continuous efforts and progresses regarding the research on diverse network control and management platforms for SDN (Software Defined Networking). SDN is defined as a new technology to enable service providers/network operators easily to control and manage their networks by writing a simple application program. In SDN, incomplete or malicious programmable entities could cause break-down of underlying networks shared by heterogeneous devices and stake-holders. In this sense, any misunderstanding or diverse interpretations should be completely avoided. This paper proposes a new framework for SDN application verification and a prototype based on the formal method, especially with process algebra called pACSR which is an extended version of Algebra of Communicating Shared Resources (ACSR).

A Study of Development of Diagnostic System for Web Application Vulnerabilities focused on Injection Flaws (Injection Flaws를 중심으로 한 웹 애플리케이션 취약점 진단시스템 개발)

  • Kim, Jeom-Goo;Noh, Si-Choon;Lee, Do-Hyeon
    • Convergence Security Journal
    • /
    • v.12 no.3
    • /
    • pp.99-106
    • /
    • 2012
  • Today, the typical web hacking attacks are cross-site scripting(XSS) attacks, injection vulnerabilities, malicious file execution and insecure direct object reference included. Web hacking security systems, access control solutions, access only to the web service and flow inside but do not control the packet. So you have been illegally modified to pass the packet even if the packet is considered as a unnormal packet. The defense system is to fail to appropriate controls. Therefore, in order to ensure a successful web services diagnostic system development is necessary. Web application diagnostic system is real and urgent need and alternative. The diagnostic system development process mu st be carried out step of established diagnostic systems, diagnostic scoping web system vulnerabilities, web application, analysis, security vulnerability assessment and selecting items. And diagnostic system as required by the web system environment using tools, programming languages, interfaces, parameters must be set.

A Study on MD5 Security Routing based on MANET (MANET 기반 MD5 보안 라우팅에 관한 연구)

  • Lee, Cheol-Seung
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.7 no.4
    • /
    • pp.797-803
    • /
    • 2012
  • Recently demands in construction of the stand-alone networks and interconnection between convergence devices have led an increase in research on and much attention has been paid to the application of MANET as a Ubiquitous network which is growing fast. With performance both as hosts and routers, easy network configuration, and fast response, mobile nodes participating in MANET are suitable for Embedded computing, but have vulnerable points, such as lack of network scalability and dynamic network topology due to mobility, passive attacks, active attacks, which make continuous security service impossible. In this study, hashed AODV routing is used to protect from counterfeiting messages by malicious nodes in the course of path finding and setting, and disguising misrouted messages as different mobile nodes and inputting them into the network.

End-to-end Transmission Performance of VoIP Traffics based on Mobility Pattern over MANET with IDS (IDS가 있는 MANET에서 이동패턴에 기반한 VoIP 트래픽의 종단간 전송성능)

  • Kim, Young-Dong
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.9 no.7
    • /
    • pp.773-778
    • /
    • 2014
  • IDS(Intrusion Detection System) can be used as a countermeasure for blackhole attacks which cause degrade of transmission performance by causing of malicious intrusion to routing function of networks. In this paper, effects of IDS for transmission performance based on mobility patterns is analyzed for MANET(Mobile Ad-hoc Networks), a suggestion for effective countermeasure is considered. Computer simulation based on NS-2 is used in performance analysis, VoIP(Voice over Internet Protocol) as an application service is chosen for performance measure. MOS(Mean Opinion Score), call connection ratio and end-to-end delay is used as performance parameter.

A Study on the Secure Coding for Security Improvement of Delphi XE2 DataSnap Server (델파이 XE2 DataSnap 서버의 보안성 개선을 위한 시큐어 코딩에 관한 연구)

  • Jung, Myoung-Gyu;Park, Man-Gon
    • Journal of Korea Multimedia Society
    • /
    • v.17 no.6
    • /
    • pp.706-715
    • /
    • 2014
  • It is used to lead to serious structural vulnerability of the system security of security-critical system when we have quickly developed software system according to urgent release schedule without appropriate security planning, management, and assurance processes. The Data Set and Provider of DataSnap, which is a middleware of Delphi XE2 of the Embarcadero Technologies Co., certainly help to develop an easy and fast-paced procedure, but it is difficult to apply security program and vulnerable to control software system security when the connection structure Database-DataSnap server-SQL Connection-SQL Data set-Provider is applied. This is due to that all kinds of information of Provider are exposed on the moment when DataSnap Server Port is sure to malicious attackers. This exposure becomes a window capable of running SQL Command. Thus, it should not be used Data Set and Provider in the DataSnap Server in consideration of all aspects of security management. In this paper, we study on the verification of the security vulnerabilities for Client and Server DataSnap in Dlephi XE2, and we propose a secure coding method to improve security vulnerability in the DataSnap server system.