• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1145-1157
• /
• 2012

Google Android employs a security model based on application permissions to control accesses to system resources and components of other applications from a potentially malicious program. But, this model has security vulnerabilities due to lack of user comprehension and excessive permission requests by 3rd party applications. Broadcast intent message is widely used as a primary means of communication among internal application components. However, this mechanism has also potential security problems because it has no security policy related with it. In this paper, we first present security breach scenarios caused by inappropriate use of application permissions and broadcast intent messages. We then analyze and compare usage patterns of application permissions and broadcast intent message for popular applications on Android market and malwares, respectively. The analysis results show that there exists a characteristic set for application permissions and broadcast intent receiver that are requested by typical malwares. Based on the results, we propose a scheme to detect applications that are suspected as malicious and notify the result to users at installation time.

• Journal of Broadcast Engineering
• /
• v.10 no.4 s.29
• /
• pp.610-620
• /
• 2005

The current study investigates factors affecting intent to use of T-Commerce in enhanced TV programs. from the perspective of e-commerce users who have experienced terrestrial data broadcasting services. The research model hypothesizes the relationship among independent variables such as perceived usefulness, perceived ease of use, and the dependent variable, intent to use of T-Commerce. In addition, the moderating effect of user innovativeness is also analyzed. The results reveal the significant and positive relationship between perceived usefulness of e-commerce and intent to use of T-Commerce. Besides, the moderating role of user innovativeness is confined to the effect of the perceived usefulness on intent of use of T-Commerce. The findings of this study provide an implication that customer attracting strategies for potential T-Commerce users have to be differentiated based on the status in the T-Commerce development process.

• Management & Information Systems Review
• /
• v.31 no.4
• /
• pp.217-236
• /
• 2012

This study attempts to suggest a model on the factors of the experiential intent. We propose a model that includes (1) the entertainment, aesthetic, empathy, information as exogenous constructs, (2) utilitarian value and hedonic value, as mediating constructs (3) experiential intent, as endogenous construct. To test the model, we analyze the data using the LISREL structural modeling. The results of our analyses suggest, as expected, that program traits -entertainment, aesthetic, empathy, information- influence utilitarian value and hedonic value, in turn, utilitarian value and hedonic value influence the experiential intent. We conclude with a discussion of managerial implications, including the potential to advance understanding the factors of experiential intent on broadcast program.

• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.61-67
• /
• 2012

Accordingly the number of smart-phone-based malicious codes is also increasing and their techniques for malicio us purpose are getting more clever and evolved. Among them, the malicious codes related to Android take the major portion and it can be estimated that they are based on open source so that the access to the system is easy. Intent is a technique to support the communication between application's components by transmitting message subjects in Android. Intent provides convenience to developers, but it can be utilized as security vulnerability that allows the developer with a malicious purpose to control the system as intended. The vulnerability of intent security is that personal information can be accessed using discretionally its proper function given to application and smart phone's functions can be maliciously controlled. This paper improves with the Intent security vulnerability caused by the smart phone users' discretional use of custom kernel. Lastly, it verifies the malicious behaviors in the process of installing an application and suggests a technique to watch the Intent security vulnerability in realtime after its installation.

• Proceedings of the KAIS Fall Conference
• /
• 2009.05a
• /
• pp.454-457
• /
• 2009

The intent of this paper is to describe a neural network structure called multi dynamic neural network(MDNN), and examine how it can be used in developing a learning scheme for computing robot inverse kinematic transformations. The architecture and learning algorithm of the proposed dynamic neural network structure, the MDNN, are described. Computer simulations are demonstrate the effectiveness of the proposed learning using the MDNN.

• Journal of KIISE
• /
• v.43 no.2
• /
• pp.212-221
• /
• 2016

Android apps suffer from intent vulnerabilities in that they abnormally stop execution when Android components such as, activity, service, and broadcast receiver, take malformed intents. This paper proposes a method to prevent intent vulnerabilities by allowing programmers to write a specification on intents that a component expects to have, and by checking intents against the specification in runtime. By declaring intent specifications, we can solve the problem that one may miss writing conditional statements, which check the validity of intents, or one may mix those statements with another regular code, so making it difficult to maintain them. We perform an experiment by applying the proposed method to 7 Android apps, and confirm that many of abnormal termination of the apps because of malformed intents can be avoided by the intent specification based runtime assertion.

• Journal of KIISE
• /
• v.44 no.6
• /
• pp.595-600
• /
• 2017

Android applications are composed of one or more components. The components within an application or several applications may interact with each other primarily through intents. Such interactions may cause security and reliability issues such as broadcast theft, activity hijacking, and intent spoofing. These problems need to be resolved through testing techniques using various interaction test scenarios before an application gets launched. However, with the existing test scenario generation approach, some infeasible test scenarios may be generated since they do not consider the re-execution order based on activity setting when pressing the back button. This paper proposes a test case generation technique which removes infeasible interaction paths by utilizing the activity stack information.

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.4
• /
• pp.165-170
• /
• 2016

Using the intent of the Android application, an application can execute other application's components. However, if interaction between these components are not processed normally, such problems as incorrect component execution and unhandled system broadcast may be occurred. In this paper, to generate test scenarios for inter application interaction, a testing approach is proposed using a merged intent list and a single merged diagram. The proposed method can effectively be carried out to check the abnormal interaction among the applications which was not considered in existing testing approaches.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.666-668
• /
• 2013

Recently, the kind and number of malicious code, which operates in Operation System of smart devices, are rapidly increasing along with the fast supplement of smart devices. Especially, smart devices based on Android OS have high potential of danger to expose to malicious code as it has an easy access to system authority. When using intent, the global message system provided from Android, inter approach between applications is available, and possible to access to created data by the device. Intent provides convenience to application development in the aspect of reusability of component however, it could be appointed as a risk element in security-wise. Therefore, if intent is used in malicious purpose, it is easy to lead the condition where is weak on security. That is, it is possible to control as accessing to resources which application is carrying to operate by receiving intents as making smart device uncontrollable or consuming system resources. Especially, in case of system authority is achieved, the risks such as smart device control or personal information exposure become bigger when misusing broadcast intent through malicious code. This paper proposes a corresponding method of security vulnerability of Android intent that monitors the appearance of intent with intent pattern inspection, detects and blocks unidentified pattern intent.

• Proceedings of the KAIS Fall Conference
• /
• 2007.05a
• /
• pp.150-153
• /
• 2007

The intent of this paper is to describe a neural network structure called multi dynamic neural network(MDNN), and examine how it can be used in developing a learning scheme for computing robot inverse kinematic transformations. The architecture and learning algorithm of the proposed dynamic neural network structure, the MDNN, are described. Computer simulations are demonstrate the effectiveness of the proposed learning using the MDNN.