• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06c
• /
• pp.298-300
• /
• 2012

세계적으로 스마트폰 이용인구가 증가함에 따라 모바일 악성코드를 통한 정보유출이 빈번히 발생되고 있다. 유출된 정보는 금전적 이득을 얻기 위해 악의적으로 사용되고 있으며, 피해 사례는 지속적으로 증가하고 있다. 제안하는 모바일 악성코드 탐지 모듈은 모바일 사용자의 정보유출을 방지하기 위해 Signature 방법을 사용한다. 또한, 새로운 애플리케이션의 설치 전과 설치 후의 정보를 DB로 저장하여 악성코드 감염 여부를 모니터링한다. 정보유출을 방지하기 위한 모바일 악성코드 탐지 모듈은 사용자의 정보를 안전하게 보호하여 신뢰할 수 있는 스마트폰 사용 환경을 마련해준다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1572-1593
• /
• 2018

The diversity and fast growth of Internet traffic volume are highly influenced by mobile and computer applications being developed. Moreover, the developed applications are too dynamic to be identified and monitored by network administrators. Several approaches have been proposed to identify network applications, however, are still not robust enough to identify modern applications. This paper proposes both, TSA (Traffic collection, Signature generation and Applications identification) system and a derived algorithm so called CSP (Contiguous Sequential Patterns) to identify applications for management and security in IP networks. The major focus of this paper is the CSP algorithm which is automated in two modules (Signature generation and Applications identification) of the proposed system. The proposed CSP algorithm generates DNA-like unique signatures capable of identifying applications and their individual services. In this paper, we show that the algorithm is suitable for generating efficient signatures to identify applications and application services in high accuracy.

• Journal of Information Processing Systems
• /
• v.9 no.2
• /
• pp.247-258
• /
• 2013

A new secure network communication technique that has been designed for mobile wireless services, is presented in this paper. Its network services are mobile, distributed, seamless, and secure. We focus on the security of the scheme and achieve anonymity and reliability by using cryptographic techniques like blind signature and the electronic coin. The question we address in this paper is, "What is the best way to protect the privacy and anonymity of users of mobile wireless networks, especially in practical applications like e-commerce?" The new scheme is a flexible solution that answers this question. It efficiently protects user's privacy and anonymity in mobile wireless networks and supports various applications. It is employed to implement a secure e-auction as an example, in order to show its advantages in practical network applications.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.575-584
• /
• 2003

Due to hardware resource limit and system incompatibility of the mobile device, and low bandwidth of wireless communication, there are a few difficulties in introducing the digital contract system based on wired communication to M-Commerce. To get over the difficulties, this paper defines a digital contract based upon XML and then addresses the design and implementation of M-XContract, a digital contract system for the mobile environment. M-XContract system has been constructed with the digital contract server, M-ESign module which contracts with the customer on the PDA and transfers the contract digitally signed to the server, M-EDecoder module which shows the contract to the customer from the server, and X-Auth which is a contract authoring tool. To evaluate the run-time performance of the M-XContract, we measured the digital signature generation time and transfer time to the server. The evaluation results show that the M-Xcontract is an efficient model for the mobile contract system.

• The Journal of the Korea Contents Association
• /
• v.18 no.4
• /
• pp.305-313
• /
• 2018

With the explosive growth of smart phones and efficiency, the Android of an open mobile operating system is gradually increasing in the use and the availability. Android systems has proven its availability and stability in the mobile devices, the home appliances's operating systems, the IoT products, and the mechatronics. However, as the usability increases, the malicious code based on Android also increases exponentially. Unlike ordinary PCs, if malicious codes are infiltrated into mobile products, mobile devices can not be used as a lock and can be leaked a large number of personal contacts, and can be lead to unnecessary billing, and can be cause a huge loss of financial services. Therefore, we proposed a method to detect and delete malicious files in real time in order to solve this problem. In this paper, we also designed a method to detect and delete malicious codes in a more effective manner through the process of installing Android-based applications and signature-based malicious code detection method. The method we proposed and designed can effectively detect malicious code in a limited resource environment, such as mobile environments.

• The Journal of Society for e-Business Studies
• /
• v.10 no.1
• /
• pp.121-134
• /
• 2005

The MANET has many problems in security despite of its many advantages such as supporting the mobility of nodes, independence of the fixed infrastructure, and quick network establishment. In particular, in establishing security, the traditional certification service has many difficult problems in applying to the MANET because of its safety, expandability, and availability. In this paper, a secure and effective distributed certification service method was proposed using the Secret Sharing scheme and the Threshold Digital Signature scheme in providing certification services in the MANET. In the proposed distributed certification service, certain nodes of relatively high safety among the mobile nodes consisting of the MANET, were set as privileged nodes, from which the process of issuing a certification started. The proposed scheme solved problem that the whole network security would be damaged by the intrusion to one node in the Centralized Architecture and the Hierarchical Architecture. And it decreased the risk of the exposure of the personal keys also in the Fully Distributed Architecture as the number of the nodes containing the partial confidential information of personal keys decreased. By the network simulation, the features and availability of the proposed scheme was evaluated and the relation between the system parameters was analyzed.

• Journal of the Institute of Convergence Signal Processing
• /
• v.15 no.2
• /
• pp.30-36
• /
• 2014

Quality and resolution of camera in mobile device is improved significantly. In this paper, we propose block-based information hide techniques without image distortion for mobile device to solve image degradation in conventional watermarking methods. Information of image is composed with text such as camera maker, model, date, time, etc. Each text is converted to $8{\times}8$ pixel blocks and is added to the bottom of image. Generally image including block based information for image authentication are compressed using JPEG in mobile device. The vertical line value in JPEG header is modified by original size of image sensor. This technique can hide the block based authentication information using general decoder. In the experimental results, JPEG file size is slightly increased within 0.1% for the proposed block based authentication information encoding. Finally proposed methods can be adopted for various embedded systems using medical image, smart phone and DSLR camera.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1104-1106
• /
• 2007

IPv6 환경에서 SEcure Neighbor Discovery(SEND) 프로토콜은 Neighbor Discovery 프로토콜의 위협 요소를 제거하고 단말 노드의 안전한 통신을 위한 환경을 제공함으로써 보다 안정적으로 인터넷 서비스를 제공할 수 있게 되었다. 하지만 SEND 프로토콜을 Mobile IPv6와 연동하는 과정에서 모바일 노드가 다른 네트워크로 이동하였을 경우 SEND 프로토콜 동작 과정에서의 취약점을 발견하고 기존의 방식과 차별화된 RSA기반의 위임 정보에 기반한 대리 서명 기법을 사용하여 문제를 해결하였다.

• The KIPS Transactions:PartC
• /
• v.14C no.4
• /
• pp.331-340
• /
• 2007

Mobile network environments are the environments where mobile devices are distributed invisible in our daily lives so that we can conventionally use mobile services at my time and place. The fact that we can work with mobile devices regardless of time and place, however, means that we are also in security threat of leaking or forging the information. In particular, without solving privacy concern, the mobile network environments which serve convenience to use, harmonized without daily lives, on the contrary, will cause a serious malfunction of establishing mobile network surveillance infrastructure. On the other hand, as the mobile devices with various sizes and figures, public key cryptography techniques requiring heavy computation are difficult to be applied to the computational constrained mobile devices. In this paper, we propose efficient PKI-based user authentication and java-based cryptography module for the privacy-preserving in mobile network environments. Proposed system is support a authentication and digital signature to minimize encrypting and decrypting operation by compounding session key and public key based on Korean standard cryptography algorithm(SEED, KCDSA, HAS160) and certificate in mobile network environment. Also, it has been found that session key distribution and user authentication is safety done on PDA.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.1461-1464
• /
• 2005

In contrast with conventional networks, mobile ad hoc networks usually do not provide online access to trusted authorities or to centralized servers, and they exhibit frequent partitioning due to link and node failures and node mobility. For these reasons, traditional security solutions that require online trusted authorities or certificate repositories, but those are not well-suited for securing ad hoc networks. Moreover, a fundamental issue of securing mobile ad hoc networks is to ensure mobile nodes can authenticate each other. Because of its strength and efficiency, public key and digital signature is an ideal mechanism to construct the authentication service. Although this is already mature in the internet application, providing public key based authentication is still very challenging in mobile ad hoc networks. In this paper I propose a secure public key authentication service based on clustering model and trust model to protect nodes from getting false public keys of the others efficiently when there are malicious nodes in the network.