• Title/Summary/Keyword: Malicious Application

Search Result 192, Processing Time 0.028 seconds

A Study on Database Access Control using Least-Privilege Account Separation Model (최소 권한 계정 분리 모델을 이용한 데이터베이스 엑세스 제어 연구)

  • Jang, Youngsu
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.3
    • /
    • pp.101-109
    • /
    • 2019
  • In addition to enabling access, database accounts play a protective role by defending the database from external attacks. However, because only a single account is used in the database, the account becomes the subject of vulnerability attacks. This common practice is due to the lack of database support, large numbers of users, and row-based database permissions. Therefore if the logic of the application is wrong or vulnerable, there is a risk of exposing the entire database. In this paper, we propose a Least-Privilege Account Separation Model (LPASM) that serves as an information guardian to protect the database from attacks. We separate database accounts depending on the role of application services. This model can protect the database from malicious attacks and prevent damage caused by privilege escalation by an attacker. We classify the account control policies into four categories and propose detailed roles and operating plans for each account.

Research on Secure Coding and Weakness for Implementation of Android-based Dynamic Class Loading (안드로이드 동적 클래스 로딩 기법을 이용한 개발단계에서의 보안약점 및 시큐어 코딩 연구)

  • Kim, Hyunjo;Choi, Jin-Young
    • Journal of Korea Multimedia Society
    • /
    • v.19 no.10
    • /
    • pp.1792-1807
    • /
    • 2016
  • Android application is vulnerable to reverse engineering attack. And by this, it is easy to extract significant module from source code and repackage it. To prevent this problem, dynamic class loading technique, which is able to exclude running code from distributed source code and is able to load running code dynamically during runtime can be used. Recently, this technique was adapted on variety of fields and applications like updating pre-loaded android application, preventing from repacking malicious application, etc. Despite the fact that this technique is used on variety of fields and applications, there is fundamental lack on the study of potential weakness or related secure coding. This paper would deal with potential weaknesses during the implementation of dynamic class loading technique with analysing related international/domestic standard of weaknesses and suggest a secure way for the implementation of dynamic class loading technique. Finally, we believe that this technique described here could increase the level of trust by decreasing the weakness related to dynamic class loading technique.

An Effective Technique for Protecting Application Data using Security Enhanced (SE) Android in Rooted Android Phones (루팅된 안드로이드 폰에서 SEAndroid를 이용한 효과적인 앱 데이터 보호 기법)

  • Jeong, Youn-sik;Cho, Seong-je
    • Journal of KIISE
    • /
    • v.44 no.4
    • /
    • pp.352-362
    • /
    • 2017
  • This paper analyzes security threats in Security Enhanced (SE) Android and proposes a new technique to efficiently protect application data including private information on rooted Android phones. On an unrooted device, application data can be accessed by the application itself according to the access control models. However, on a rooted device, a root-privileged shell can disable part or all of the access control model enforcement procedures. Therefore, a root-privileged shell can directly access sensitive data of other applications, and a malicious application can leak the data of other applications outside the device. To address this problem, the proposed technique allows only some specific processes to access to the data of other applications including private information by modifying the existing SEAndroid Linux Security Module (LSM) Hook function. Also, a new domain type of process is added to the target system to enforce stronger security rules. In addition, the proposed technique separates the directory type of a newly installed application and the directory type of previously installed applications. Experimental results show that the proposed technique can effectively protect the data of each application and incur performance overhead up to or less than 2 seconds.

Study on Mechanism of Preventing Application Piracy on the Android Platform (안드로이드 어플리케이션 위변조 방지를 위한 방안 연구)

  • Lee, Kwang-Hyoung;Kim, Jae-Yong
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.15 no.11
    • /
    • pp.6849-6855
    • /
    • 2014
  • Recently, with the increasing use of smart phones, security issues, such as safety and reliability of the use of the Android application has become a topic to provide services in various forms. An Android application is performed using several important files in the form of an apk file. On the other hand, they may be subject to unauthorized use, such as the loss of rights and privileges due to the insertion of malicious source code of these apk files. This paper examines the Android environment to study ways to define the threats related to the unauthorized use of the application source code, and based on the results of the analysis, to prevent unauthorized use of the application source code. In this paper, a system is provided using a third body to prevent and detect applications that have been counterfeited or forged illegally and installed on Android devices. The application provides services to existing systems that are configured with only the service server that provides users and applications general, This paper proposes the use of a trusted third party for user registration and to verify the integrity of the application, add an institution, and provide a safe application.

A Big Data Application for Anomaly Detection in VANETs (VANETs에서 비정상 행위 탐지를 위한 빅 데이터 응용)

  • Kim, Sik;Oh, Sun-Jin
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.14 no.6
    • /
    • pp.175-181
    • /
    • 2014
  • With rapid growth of the wireless mobile computing network technologies, various mobile ad hoc network applications converged with other related technologies are rapidly disseminated nowadays. Vehicular Ad Hoc Networks are self-organizing mobile ad hoc networks that typically have moving vehicle nodes with high speeds and maintaining its topology very short with unstable communication links. Therefore, VANETs are very vulnerable for the malicious noise of sensors and anomalies of the nodes in the network system. In this paper, we propose an anomaly detection method by using big data techniques that efficiently identify malicious behaviors or noises of sensors and anomalies of vehicle node activities in these VANETs, and the performance of the proposed scheme is evaluated by a simulation study in terms of anomaly detection rate and false alarm rate for the threshold ${\epsilon}$.

Security Scheme for Prevent malicious Nodes in WiMAX Environment (WiMAX 환경에서 악의적 노드 예방을 위한 보안 기법)

  • Jeong, Yoon-Su;Kim, Yong-Tae;Park, Gil-Cheol;Lee, Sang-Ho
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.13 no.2
    • /
    • pp.382-389
    • /
    • 2009
  • As the use of mobile device is popularized, the needs of variable services of WiMAX technique and the importance of security is increasing. There is a problem that can be easily attacked from a malicious attack because the action is achieved connectionlessly between neighbor link establishing procedure and TEK exchange procedure in mobile WiMAX even though typical 1 hop network security technique is adapted to WiMAX for satisfying these security requirement. In this paper, security connected mechanism which safely connects neighbor link establishing procedure of WiMAX and TEK exchange procedure additional to the basic function provided by IEEE 802.16e standard to satisfy security requirement of mobile WiMAX is proposed. The proposed mechanism strengthens the function of security about SS and BS by application random number and private value which generated by SS and BS to public key of neighbor link establishing procedure and TEK exchange procedure. Also, we can prevent from inside attack like man-in-the-middle which can occur in the request of TEK through cryptographic connection of neighbor link establishing procedure and TEK exchange procedure.

Reversible Watermarking For Relational Databases using DE (Difference Expansion) Algorithm (DE 알고리즘을 사용한 관계형 데이터베이스를 위한 가역 워터마킹)

  • Kim, Cheonshik
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.3
    • /
    • pp.7-13
    • /
    • 2015
  • Generally, watermarking can be used copyright for contents such as audios, videos, images, and texts. With the development of Internet, many malicious attackers illegally copy relational databases synchronized applications Therefore, it is needed for the protection of databases copyright, because databases involve various sensitive information such as personal information, information industry, and secret national intelligence. Thus, the protection of relational databases is a major research field in the databases research topics. In this paper, we will review previous researches related the protection of relational databases and propose new method for relational data. Especially, we propose watermarking scheme for databases using reversible method in this paper. As an experimental result, the proposed scheme is very strong to malicious attacks. In addition, we proved our proposed scheme is to apply real application.

A Designing Method of Intranet Security Architecture Model for Network Security Efficiency (보안 효율성 제고를 위한 인트라넷 네트워크 아키텍쳐 모델)

  • Noh, Si-Choon
    • Convergence Security Journal
    • /
    • v.10 no.1
    • /
    • pp.9-17
    • /
    • 2010
  • Internet network routing system is used to prevent spread and distribution of malicious data traffic. The penetration of malicious code and the function of security blocking are performed on the same course of traffic pathway. The security architecture is the concept to distinguish the architecture from the group handling with the traffic on the structure of network which is performed with the function of penetration and security. The security architecture could be different from the criterion of its realm and function, which requires the development and the application of security mechanism for every architecture. For the establishment of security architecture it is needed to show what criterion of net work should be set up. This study is based on analysis of diagnostic weakness structure in the network security architecture and research the criterion for topology factor, security architecture structure map selection, and blocking location and disinfection net. It is shown to increase the effective rate blocking the virus with the proposed method in this paper rather than the traditional network architecture.

Analysis of Security Requirements for Secure Update of IVI(In-Vehicle-Infotainment) Using Threat Modeling and Common Criteria (위협모델링과 공통평가기준을 활용한 인포테인먼트의 안전한 업데이트 보안요구사항 분석)

  • Kang, Soo-young;Kim, Seung-joo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.3
    • /
    • pp.613-628
    • /
    • 2019
  • In-Vehicle Infotainment provides navigation and various functions through the installation of the application. And infotainment is very important to control the entire vehicle by sending commands to the ECU. Infotainment supports a variety of wireless communication protocols to install and update applications. So Infotainment is becoming an attack surface through wireless communcation protocol for hacker's access. If malicious software is installed in infotainment, it can gain control of the vehicle and send a malicious purpose command to the ECU, affecting the life of the driver. Therefore, measures are needed to verify the security and reliability of infotainment software updates, and security requirements must be derived and verified. It must be developed in accordance with SDL to provide security and reliability, and systematic security requirements must be derived by applying threat modeling. Therefore, this paper conducts threat modeling to derive infotainment update security requirements. Also, the security requirements are mapped to the Common Criteria to provide criteria for updating infotainment software.

App Store security policy trends (앱스토어 보안정책 동향)

  • Bae, Jung-Min;Bae, Yu-Mi;Jung, Sung-Jae;Jang, Rea-Young;Soh, Woo-Young
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.05a
    • /
    • pp.587-590
    • /
    • 2014
  • Spread of smart devices increases, the App Store market is formed so huge, even at this point, every day the scale is increasing now. As a result, for the benefit of companies and private individuals, malicious apps that threaten the security of smart devices, have appeared occasionally in the App Store. Security of the terminal, has issued various solutions through research at many universities and companies, and country. However, solutions for research and policy approaches that are blocking the procedure to register the application malicious app, so that it is not registered in the App Store, Only company that operates the app store is doing it. And the reference is also insufficient, various problems have occurred. In this study, after analyzing the problem of the security policy of the current App Store, presenting the breaking point.

  • PDF