• Title/Summary/Keyword: Malicious Application

Search Result 192, Processing Time 0.024 seconds

The Threat Analysis and Security Guide for Private Information in Web Log (웹 로그 데이터에 대한 개인정보 위협분석 및 보안 가이드)

  • Ryeo, Sung-Koo;Shim, Mi-Na;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.6
    • /
    • pp.135-144
    • /
    • 2009
  • This paper discusses an issue of serious security risks at web log which contains private information, and suggests solutions to protect them. These days privacy is core information to produce value-added in information society. Its scope and type is expanded and is more important along with the growth of information society. Web log is a privacy information file enacted as law in South Korea. Web log is not protected properly in spite of that has private information It just is treated as residual product of web services. Many malicious people could gain private information in web log. This problem is occurred by no classified data and improper development of web application. This paper suggests the technical solutions which control data in development phase and minimizes that the private information stored in web log, and applies in operation environment. It is very efficient method to protect private information and to observe the law.

Machine Learning-Based Detection of Cache Side Channel Attack Using Performance Counter Monitor of CPU (Performance Counter Monitor를 이용한 머신 러닝 기반 캐시 부채널 공격 탐지)

  • Hwang, Jongbae;Bae, Daehyeon;Ha, Jaecheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.6
    • /
    • pp.1237-1246
    • /
    • 2020
  • Recently, several cache side channel attacks have been proposed to extract secret information by exploiting design flaws of the microarchitecture. The Flush+Reload attack, one of the cache side channel attack, can be applied to malicious application attacks due to its properties of high resolution and low noise. In this paper, we proposed a detection system, which detects the cache-based attacks using the PCM(Performance Counter Monitor) for monitoring CPU cache activity. Especially, we observed the variation of each counter value of PCM in case of two kinds of attacks, Spectre attack and secret recovering attack during AES encryption. As a result, we found that four hardware counters were sensitive to cache side channel attacks. Our detector based on machine learning including SVM(Support Vector Machine), RF(Random Forest) and MLP(Multi Level Perceptron) can detect the cache side channel attacks with high detection accuracy.

A Study on the Inference of Detailed Protocol Structure in Protocol Reverse Engineering (상세한 프로토콜 구조를 추론하는 프로토콜 리버스 엔지니어링 방법에 대한 연구)

  • Chae, Byeong-Min;Moon, Ho-Won;Goo, Young-Hoon;Shim, Kyu-Seok;Lee, Min-Seob;Kim, Myung-Sup
    • KNOM Review
    • /
    • v.22 no.1
    • /
    • pp.42-51
    • /
    • 2019
  • Recently, the amount of internet traffic is increasing due to the increase in speed and capacity of the network environment, and protocol data is increasing due to mobile, IoT, application, and malicious behavior. Most of these private protocols are unknown in structure. For efficient network management and security, analysis of the structure of private protocols must be performed. Many protocol reverse engineering methodologies have been proposed for this purpose, but there are disadvantages to applying them. In this paper, we propose a methodology for inferring a detailed protocol structure based on network trace analysis by hierarchically combining CSP (Contiguous Sequential Pattern) and SP (Sequential Pattern) Algorithm. The proposed methodology is designed and implemented in a way that improves the preceeding study, A2PRE, We describe performance index for comparing methodologies and demonstrate the superiority of the proposed methodology through the example of HTTP, DNS protocol.

A Technique for Protecting Android Applications using Executable Code Encryption and Integrity Verification (실행코드 암호화 및 무결성 검증을 적용한 안드로이드앱 보호 기법)

  • Shim, HyungJoon;Cho, Sangwook;Jeong, Younsik;Lee, Chanhee;Han, Sangchul;Cho, Seong-je
    • Journal of Software Assessment and Valuation
    • /
    • v.10 no.1
    • /
    • pp.19-26
    • /
    • 2014
  • In this paper, we propose a method for protecting Android applications against reverse engineering attacks. In this method, the server encrypts the original executable code (DEX) included in an APK file, inserts into the APK file a stub code that decrypts the encrypted DEX later at run-time, and distributes the modified APK file. The stub code includes an integrity validation code to detect attacks on itself. When a user installs and executes the APK file, the stub code verifies the integrity of itself, decrypts the encrypted DEX, and loads it dynamically to execute. Since the original DEX is distributed as an encrypted one, we can effectively protect the intellectual property. Further, by verifying the integrity of the stub code, we can prevent malicious users from bypassing our method. We applied the method to 15 Android apps, and evaluated its effectiveness. We confirmed that 13 out of them operates normally.

Improving prediction performance of network traffic using dense sampling technique (밀집 샘플링 기법을 이용한 네트워크 트래픽 예측 성능 향상)

  • Jin-Seon Lee;Il-Seok Oh
    • Smart Media Journal
    • /
    • v.13 no.6
    • /
    • pp.24-34
    • /
    • 2024
  • If the future can be predicted from network traffic data, which is a time series, it can achieve effects such as efficient resource allocation, prevention of malicious attacks, and energy saving. Many models based on statistical and deep learning techniques have been proposed, and most of these studies have focused on improving model structures and learning algorithms. Another approach to improving the prediction performance of the model is to obtain a good-quality data. With the aim of obtaining a good-quality data, this paper applies a dense sampling technique that augments time series data to the application of network traffic prediction and analyzes the performance improvement. As a dataset, UNSW-NB15, which is widely used for network traffic analysis, is used. Performance is analyzed using RMSE, MAE, and MAPE. To increase the objectivity of performance measurement, experiment is performed independently 10 times and the performance of existing sparse sampling and dense sampling is compared as a box plot. As a result of comparing the performance by changing the window size and the horizon factor, dense sampling consistently showed a better performance.

Outlier Detection Method for Mobile Banking with User Input Pattern and E-finance Transaction Pattern (사용자 입력 패턴 및 전자 금융 거래 패턴을 이용한 모바일 뱅킹 이상치 탐지 방법)

  • Min, Hee Yeon;Park, Jin Hyung;Lee, Dong Hoon;Kim, In Seok
    • Journal of Internet Computing and Services
    • /
    • v.15 no.1
    • /
    • pp.157-170
    • /
    • 2014
  • As the increase of transaction using mobile banking continues, threat to the mobile financial security is also increasing. Mobile banking service performs the financial transaction using the dedicate application which is made by financial corporation. It provides the same services as the internet banking service. Personal information such as credit card number, which is stored in the mobile banking application can be used to the additional attack caused by a malicious attack or the loss of the mobile devices. Therefore, in this paper, to cope with the mobile financial accident caused by personal information exposure, we suggest outlier detection method which can judge whether the transaction is conducted by the appropriate user or not. This detection method utilizes the user's input patterns and transaction patterns when a user uses the banking service on the mobile devices. User's input and transaction pattern data involves the information which can be used to discern a certain user. Thus, if these data are utilized appropriately, they can be the information to distinguish abnormal transaction from the transaction done by the appropriate user. In this paper, we collect the data of user's input patterns on a smart phone for the experiment. And we use the experiment data which domestic financial corporation uses to detect outlier as the data of transaction pattern. We verify that our proposal can detect the abnormal transaction efficiently, as a result of detection experiment based on the collected input and transaction pattern data.

An Examination of 'Fun' that the Audience Have Watching Reality Audition Programs : Focusing on the Application of the 'Fun Evolving Model' to K-POP STAR(Season 3) (리얼리티 오디션 프로그램 수용자들이 느끼는 '재미(fun)'에 대한 고찰 : K-POP STAR(시즌3)의 재미진화모형 적용을 중심으로)

  • Choi, Young jun
    • The Journal of the Korea Contents Association
    • /
    • v.15 no.6
    • /
    • pp.13-23
    • /
    • 2015
  • A study on the 'FUN' of TV reality audition programs. "Why are the audience so enthusiastic about the survival audition programs?" "What fun do the audition program audience have?" In order to find the answers for such questions, this study applied 'the 4-step fun evolving model' and thereby, categorized audience's fun-seeking behavioral modes, and therewith, examined how such fun-seeking behavioral modes would change by step over time. As a result, it was found that the audition program audience had faithfully followed the 4 fun types (watching, having, doing and becoming), and that their fun-seeking behavioral modes had changed by step over time in SBS "K-POP START" (Season 3) in 2013. Such findings suggest that the audition program fans accommodated 'the fun evolving model.' Their step of 'watching' evolved gradually into the step of 'having' both on-line and off-line (support of participants/malicious or good-will replies, participation in blogs/twitters, photo materials collection activities) and that of 'doing' (application for the jury group, organization of fan club, crazy fan activities, participation in phone voting, etc.), while increasing their fun.

Lightweight Authentication Scheme for Secure Data Transmission in Terrestrial CNPC Links (지상 CNPC 링크에서 안전한 데이터 전송을 위한 경량화된 인증기법)

  • Kim, Man Sik;Jun, Moon-Seog;Kang, Jung Ho
    • KIPS Transactions on Software and Data Engineering
    • /
    • v.6 no.9
    • /
    • pp.429-436
    • /
    • 2017
  • Unmanned Aerial Vehicles (UAV) that are piloted without human pilots can be commanded remotely via frequencies or perform pre-inputted missions. UAVs have been mainly used for military purposes, but due to the development of ICT technology, they are now widely used in the private sector. Teal Group's 2014 World UAV Forecast predicts that the UAV market will grow by 10% annually over the next decade, reaching $ 12.5 billion by 2023. However, because UAVs are primarily remotely controlled, if a malicious user accesses a remotely controlled UAV, it could seriously infringe privacy and cause financial loss or even loss of life. To solve this problem, a secure channel must be established through mutual authentication between the UAV and the control center. However, existing security techniques require a lot of computing resources and power, and because communication distances, infrastructure, and data flow are different from UAV networks, it is unsuitable for application in UAV environments. To resolve this problem, the study presents a lightweight UAV authentication method based on Physical Unclonable Functions (PUFs) that requires less computing resources in the ground Control and Non-Payload Communication (CNPC) environment, where recently, technology standardization is actively under progress.

Dynamic Evaluation Methods for SMS Phishing Blocking App Based on Detection Setup Function (감지설정기능을 적용한 스미싱 차단앱의 동적 평가방법에 관한 연구)

  • Kim, Jang Il;Kim, Myung Gwan;Kwon, Young Man;Jung, Yong Gyu
    • Journal of Service Research and Studies
    • /
    • v.5 no.2
    • /
    • pp.111-118
    • /
    • 2015
  • Although the development of mobile devices are made us a free life, they were displayed the subject of this financial crime and attacking forces in the other side. Among finance-related crime is become a serious crime that are targeting smartphones by SMS phishing, phishing, pharming, voice phishing etc. In particular, SMS phishing is increased according to phenomenon using the nature of a text message in the mobile. SMS phishing is become new crime due to the burden to the smartphone user. Their crime is also the advanced way from the existing fraud, such as making the malicious apps. Especially it generates loopholes in the law by a method such as using a foreign server. For safe from SMS phishing attacks, proactive pre-diagnosis is even more important rather than post responses. It is necessary to deploy blocking programs for detecting SMS phishing attacks in advance to do this. In this paper we are investigating the process of block types and block apps that are currently deployed and presenting the evaluation of the application of the detection block setting app.

The Secure Path Cycle Selection Method for Improving Energy Efficiency in Statistical En-route Filtering Based WSNs (무선 센서 네트워크에서 통계적 여과 기법의 에너지 효율을 향상시키기 위한 보안 경로 주기 선택 기법)

  • Nam, Su-Man;Sun, Chung-Il;Cho, Tae-Ho
    • Journal of the Korea Society for Simulation
    • /
    • v.20 no.4
    • /
    • pp.31-40
    • /
    • 2011
  • Sensor nodes are easily exposed to malicious attackers by physical attacks. The attacker can generate various attacks using compromised nodes in a sensor network. The false report generating application layers injects the network by the compromised node. If a base station has the injected false report, a false alarm also occurs and unnecessary energy of the node is used. In order to defend the attack, a statistical en-route filtering method is proposed to filter the false report that goes to the base station as soon as possible. A path renewal method, which improves the method, is proposed to maintain a detection ability of the statistical en-route filtering method and to consume balanced energy of the node. In this paper, we proposed the secure path cycle method to consume effective energy for a path renewal. To select the secure path cycle, the base station determines through hop counts and the quantity of report transmission by an evaluation function. In addition, three methods, which are statistical en-route filter, path selection method, and path renewal method, are evaluated with our proposed method for efficient energy use. Therefore, the proposed method keeps the secure path and makes the efficiency of energy consumption high.