Communications of the Korean Institute of Information Scientists and Engineers (정보과학회지)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

시스템 소프트웨어에 대한 보안 위협과 대책

  • Published : 2017.02.17
Download PDF
⟨ Previous Next ⟩

Abstract

Keywords

Acknowledgement

Supported by : 한국연구재단, 한국에너지기술평가원

References

  1. A. Shostack, "Experiences threat modeling at microsoft," ln Modeling Security Workshop, Dept. of Computing, Lancaster University, UK. September 2008.
  2. C. Kruegel, R. William, and G. Vigna, "Detecting kernel-Ievel rootkits through binary analysis," Computer Security Applications Conference, 20th Annual. IEEE, 2004.
  3. J. F. Levine, J. B. Grizzard, and H. L. Owen, "Detecting and categorizing kernel-Ievel rootkits to aid future detection," IEEE Security & Privacy, 4(1) pp. 24-32, 2006 https://doi.org/10.1109/MSP.2006.11
  4. J. Joy, A. John, and J. Joy, "Rootkit detection mechanism: A survey," Advances in Parallel Distributed Computing Springer Berlin Heidelberg, pp. 366-374, 2011.
  5. J. Gotzfried, and T. Muller, "Analysing Android's Full Disk Encryption Feature," JoWUA, 5(1), pp. 84-100, 2014.
  6. P. Kleissner, "Stoned bootkit," Black Hat USA, pp. 5-7, 2009
  7. D. E. Rodionov, A. Matrosov, and D. Harley, "Bootkits: Past, Present and Future," In VB Conference, 2014.
  8. Desnos, A., Filiol, E., & Lefou, I. "Detecting (and creating!) a HVM rootkit (aka BluePill-like).", Journal in computer virology, 7(1), pp. 23-49, 2011. https://doi.org/10.1007/s11416-009-0130-8
  9. F. Zhang, H. Wang, K. Leach, and A. Stavrou, "A framework to secure peripherals at runtime," European Symposium on Research in Computer Security, Springer International Publishing, 2014.
  10. T. Hudson, and L. Rudolph, "Thunderstrike: EFI firmware bootkits for apple macbooks," Proceedings of the 8th ACM International Systems and Storage Conference ACM, 2015.
  11. Z. Zhou, J. Fan, N. Zhang, R. Xu, "Advance and development of computer firmware security research," Proceedings of the 2009 International Symposium on Information Processing (ISIP'09) Huangshan, PR China, 2009.
  12. Wikipedia contributors, "Rooting (Android OS)," Wikipedia, The Free Encyclopedia, 31 Dec. 2016.
  13. A. Silberschatz, P. B. Galvin, G. Gagne, and A. Silberschatz, " Operating system concepts," Vol. 4, Reading: Addison-wesley, 1998.
  14. K. R. Linberg, " Software developer perceptions about software project failure: a case study," Journal of Systems and Software, 49(2), pp. 177-192, 1999. https://doi.org/10.1016/S0164-1212(99)00094-1
  15. J. Zaddach, and A. Costin, "Embedded devices security and firmware reverse engineering," Black-Hat USA, 2013.
  16. S. Kim, J. Park, K. Lee, I. You, and K. Yim, "A brief survey on rootkit techniques in malicious codes," Journal of Internet Services and Information Security, 3(4), pp. 134-147, 2012.
  17. A. Trosov, E. Rodionov, "Defeating x64: Modern Trends of Kernel-Mode Rootkits," http://go.eset.com/us/resources/white-papers/Ekoparty2011_preso.pdf.
  18. D. Lobo, P. Watters, X. W. Wu, and L. Sun, "Windows rootkits: Attacks and countermeasures," Cybercrime and Trustworthy Computing Workshop (CTC), 2010 2th IEEE, 2010.
  19. R. Hund, T. Holz, and F. C. Freiling, "Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms," USENIX Security Symposium, 2009.
  20. R. Riley, X. Jiang, and D. Xu, "Guest-transparent prevention ofkemel rootkits with vmm-based memory shadowing," International Workshop on Recent Advances in lntrusion Detection, Springer Berlin Heidelberg, 2008.
  21. S. Kamouskos, "Stuxnet worm impact on industrial cyber-physical system security," IECON 37th Annual Conference on IEEE lndustrial Electronics Society, IEEE, 2011.
  22. D. Kim, "Cyber security issues imposed on nuclear power plants," Annals of Nuclear Energy 65 pp. 141-143, 2014. https://doi.org/10.1016/j.anucene.2013.10.039
  23. G.P. H. Sandaruwan, P. S. Ranaweera, and V. A. Oleshchuk, "PLC security and critical infrastructure protection," lndustrial and Information Systems (ICIIS), 2013 8th IEEE lnternational Conference on IEEE, 2013.
  24. Z. Basnight, J. Butts, J. Lopez, and T. Dube, "Firmware modification attacks on programmable logic controllers," lnternational Journal of Critical lnfrastructure Protection 6(2), pp. 76-84, 2013 https://doi.org/10.1016/j.ijcip.2013.04.004
  25. C. Schuett, J. Butts, and S. Dunlap, "An evaluation of modification attacks on programmable logic controllers," lnternational Journal of Critical lnfrastructure Protection 7(1), pp. 61-68, 2014 https://doi.org/10.1016/j.ijcip.2014.01.004
  26. OWASP Internet of Things (IoT) Project, https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project.
  27. D. Miessler, "Securing the Internet of Things: Mapping Attack Surface Areas Using the OWASP IoT Top 10," RSA Conference 2015.
  28. Smartphone OS Market Share 2016 Q3, http://www.idc.com/promo/smartphone-market-share/os;jsessionid=A1558D921E60EA5452D56F6F43AF44C4.
  29. McAfee, "Mobile Threat Report: What's on the Horizon for 2016", 2016
  30. Q. R. Haroon, "How to Root Your Android Phone Device Or Tablet," http://www.addictivetips.com/mobile/how-to-root-your-android-phone-device.
  31. A. John, "What is Rooting on Android? The Advantages and Disadvantages," http://droidlessons.com/what-is-rooting-on-androidthe-advantages-and-disadvantages.
  32. D. Scott, " Rooting for Dumrnies: A Beginner's Guide to Rooting your Android Device," http://www.androidauthority.com/rooting-for-Dummies-a-Beginners-Guide-to-root-your-Android-Phone-or-Tablet-10915.
  33. TRENDMICRO, "Android Flaw Discovered: 950 Million Users at Risk from 'Stagefright'," https://www.trendmicro.com/vinfo/us/security/news/mobile-safety/android-flaw-discovered-950-million-users-at-risk.
  34. China lnternet Watch, "80% China's Mobile Users Rooted Smartphones in 2014," https://www.chinainternetwatch.com/12926/80-china-smartphone-users-rooted.
  35. J. J. Drake, Z. Lanier, C. Mulliner, P. O. Fora, S. A. Ridley and G. Wicherski, "Android hacker's handbook. John Wiley & Sons", 2014.
  36. S. T. Sun, A. Cuadros, and K. Beznosov, "Android rooting: Methods, detection, and evasion," Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices ACM, 2015.
  37. Fastboot, http://www.xda-developers.com/tag/fastboot.
  38. ODIN, http://www.xda-developers.com/tag/odin.
  39. Factory Images for Nexus Devices, https://developers.google.com/android/images.
  40. TCG, "TCG Specification Architecture Overview, Specification Revision 1.4, 2nd August 2007", http://www.trustedcomputinggroup.org.
  41. UEFI, http://www.uefi.org.
  42. Secure Boot Flow, http://luleimi.blog.163.com/blog/static/175219645201281722831871.
  43. G. Fedorkow, "What's the Difference between Secure Boot and Measured Boot?," https://forums.juniper.net/t5/Security-Now/What-s-the-Difference-between-Secure-Boot-and-Measured-Boot/ba-p/281251.
  44. G. Fedorkow, "What is a Trusted Platform Module (TPM)?," http://forums.juniper.net/t5/Security-Now/What-is-a-Trusted-Platform-Module-TPM/ba-p/281128.
  45. OMTP, "Advanced trusted environment: OMTP TR1," May 2009.
  46. J. Lloyd, "Global Platform Device Technology Further Supports the Trusted Execution Environment," http://globalplatform.org/mediapressview.asp?id=800.
  47. TEE, ''Trusted Executed Environment(TEE)", https://www.trustonic.com/technology/trusted-execution-environment.
  48. GLOBALPLATFORM, ''The Trusted Executin Environmnet: Delivering Enhanced Security at a Lower Cost to the Mobile Market," http://www.globalplatform.org/documents/whitepapers/GlobalPlatform_TEE_Whitepaper_2015.pdf.
  49. J. Levine, J. Grizzard, and H. Owen, "A methodology to detect and characterize kemel level rootkit exploits involving redirection of the system call table," lnformation Assurance Workshop 2004, Proceedings Second IEEE International lEEE, 2004.
  50. G. H. Kim, and E. H. Spafford, "The design and implementation of tripwire: A file system integrity checker," Proceedings ofthe 2nd ACM Conference on Computer and Communications Security ACM, 1994.
  51. R. Wichmann, "A comparison of several host/file integrity monitoring programs," http://www.la-samhna.de/library/scanners.html.
  52. J. F. Levine, J. B. Grizzard, and H. L. Owen, "Detecting and categorizing kernel-level rootkits to aid future detection," IEEE Security & Privacy 4(1), pp.24-32, 2006. https://doi.org/10.1109/MSP.2006.11
  53. Y. M. Wang, D. Beck,B. Vo, R. Roussev and C. Verbowski, "Detecting stealth software with strider ghostbuster," Dependable Systems and Networks, 2005, Proceedings. International Conference on IEEE, 2005.
  54. T. Garfinkel, and M. Rosenblum, "A Virtual Machine Introspection Based Architecture for Intrusion Detection," NDSS. Vol. 3. No. 2003, 2003.
  55. K. Lim, Y Jeong, S. Cho, M. Park, S. Han, "An Android Application Protection Scheme against Dynamic Reverse Engineering Attacks," JoWUA Vol.7, No.3 pp. 53-76, 2016.
  56. S. Smalley, and R. Craig, "Security Enhanced (SE) Android: Bringing Flexible MAC to Android," NDSS, Vol. 310, 2013.
  57. 정윤식, 임경환, 조성제, "SEAndroid의 한계," 한국정보과학회 학술발표논문집, pp.129-131, 2016.