• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.205-214
• /
• 2019

Android uses app cache files to improve app execution performance. However, this optimization technique may raise security issues that need to be examined. In this paper, we present a practical design of "Android app cache manipulation attack" to intentionally modify the cache files of a target app, which can be misused for stealing personal information and performing malicious activities on target apps. Even though the Android framework uses a checksum-based integrity check to protect app cache files, we found that attackers can effectively bypass such checks via the modification of checksum of the target cache files. To demonstrate the feasibility of our attack design, we implemented an attack tool, and performed experiments with real-world Android apps. The experiment results show that 25 apps (86.2%) out of 29 are vulnerable to our attacks. To mitigate app cache manipulation attacks, we suggest two possible defense mechanisms: (1) checking the integrity of app cache files; and (2) applying anti-decompilation techniques.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.07a
• /
• pp.215-218
• /
• 2021

심캐시(Shimcache, AppCompatCache) 파일은 Windows 운영체제에서 응용 어플리케이션 간의 운영체제 버전 호환성 이슈를 관리하는 파일이다. 호환성 문제가 발생한 응용 어플리케이션에 대한 정보가 심캐시에 기록되며 프리패치 (Prefetch) 파일이나 레지스트리의 UserAssist 키 등과 같이 응용 어플리케이션의 실행 흔적을 기록한다는 점에서 포렌식적 관점에서 중요한 아티팩트이다. 본 논문에서는 심캐시의 구조를 분석하여 심캐시 파일을 통해 얻을 수 있는 응용 어플리케이션의 정보를 소개하고, 기존 툴 상용도구의 개선을 통해 완전 삭제 등 안티 포렌식 도구의 실행 흔적을 탐지하는 방법을 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.11-23
• /
• 2022

Collaboration tools are used widely as non-face-to-face work increases due to social distancing after COVID-19. The tools are being developed in a cross-platform manner with 'Electron', an open source framework based on Chromium, to ensure accessibility on multiple devices. Electron Apps, applications built with Electron framework, store data in a manner similar to Chromium-based web browsers, so the data can be acquired in the same way as the data is acquired from a web browser. In this paper we analyze the data structure of web storage and suggest a method to get the message from Electron Apps focused on collaboration tools such as Jandi, Slack, and Microsoft Teams. For Jandi, we get the message from Cache by using previously developed tools, and in the case of Slack and Microsoft Teams, we get the message from IndexedDB by using the message carving tool we developed.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.6 no.2
• /
• pp.319-324
• /
• 2011

Recently, development of app for smartphone is much and many apps provide information by reproduced with achieved information from internet site. There is a need of method dependent on reproduced data by app. For solving these requirements, this paper first identifies problems such as lower hardware performance and limited bandwidth when legacy web pages are accessed by smart phones. This paper suggests three methods, "real time," "cache," and "static" to develop application programs for smart phones by considering identified problems.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.183-185
• /
• 2016

안드로이드 운영체제에서 앱과 시스템의 성능을 향상시키기 위해 효율적인 메모리 관리가 요구된다. 기존 연구는 앱 단위로 메모리를 관리하였으나 앱이 사용하는 이미지, 동영상과 같은 리소스를 저장하는 메모리 공간인 앱 리소스 캐시에 대한 분석이 없었다. 본 논문은 앱 리소스 캐시의 구조, 리소스 캐싱의 동작을 분석하고, 빈번히 접근되는 리소스의 캐싱이 앱과 시스템 성능에 어떠한 영향을 미치는지 분석한다.

• Electronics and Telecommunications Trends
• /
• v.35 no.3
• /
• pp.55-65
• /
• 2020

With the development of nonvolatile memory technology, Intel has released the Optane datacenter persistent memory module (DCPMM) that can be deployed in the dual in-line memory module. The results of research and experiments on Optane DCPMMs are significantly different from the anticipated results in previous studies through emulation. The DCPMM can be used in two different modes, namely, memory mode (similar to volatile DRAM: Dynamic Random Access Memory) and app direct mode (similar to file storage). It has buffers in 256-byte granularity; this is four times the CPU (Central Processing Unit) cache line (i.e., 64 bytes). However, these properties are not easy to use correctly, and the incorrect use of these properties may result in performance degradation. Optane has the same characteristics of DRAM and storage devices. To take advantage of the performance characteristics of this device, operating systems and applications require new approaches. However, this change in computing environments will require a significant number of researches in the future.

• Journal of Advanced Navigation Technology
• /
• v.23 no.2
• /
• pp.158-165
• /
• 2019

The existing web page was downloaded and provided to the user every time the user requested the page. Therefore, if the same page is repeatedly requested by the user, only the download for the same resource is repeated. This is a factor that causes unnecessary consumption of data. We focus on reducing data consumption caused by unnecessary requests between users and servers, and improving content delivery speed. Therefore, in this paper, we propose a caching system and an algorithm that can reduce the data consumption while maintaining the latest cache by comparing the hash value using the hash function that can detect the change of the file requested by the user.

• Journal of Advanced Navigation Technology
• /
• v.23 no.1
• /
• pp.55-60
• /
• 2019

The web is one of the most intimate technologies in people's daily lives, and most of the time, people are sharing data on the web. Simple messenger, news, video, as well as various data are now spreading through the web. In addition, with the emergence of Web assembly technology, the programs that run in the existing native environment start to enter the domain of the Web, and the data shared by the Web is now getting wider and larger in terms of VR / AR contents and big data. Therefore, in this paper, we have studied how to effectively deliver web contentsto users who use Web service by using service worker that can operate independently without being dependent on browser and cache API that can effectively store data in web browser.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2015.05a
• /
• pp.656-659
• /
• 2015

Recently, due to the standard of a new browser developed by the Google and Mozilla "Service Worker", future users is expected to be able to make use of favorite Web sites offline. Google's is, Web sites have developed a standard of a new browser so as to always respond to user requests. Service Worker, websites that provide space capable of offline work to the user's browser to store various document information, to provide the necessary resources. Then, in order to greatly reduce the data exchange operations between the browser and the server, the speed of the Web page increases. Not only cooks as native app that can use the Web application offline, in that us to also further enhance the characteristics of an existing Web application that is running without installing destructive high technology. Service worker specifications, use experience of Web application is very can be improved, is an innovative technology indicates the version of the web evolve as the future of the platform. Service Worker is not included in HTML5 standard final, is currently being continued standardization. Future Service Worker technology I expect what kind of thing unfolds when applied to the Web browser.