과제정보
연구 과제 주관 기관 : 한국연구재단, 한국에너지기술평가원
참고문헌
- A. Shostack, "Experiences threat modeling at microsoft," ln Modeling Security Workshop, Dept. of Computing, Lancaster University, UK. September 2008.
- C. Kruegel, R. William, and G. Vigna, "Detecting kernel-Ievel rootkits through binary analysis," Computer Security Applications Conference, 20th Annual. IEEE, 2004.
- J. F. Levine, J. B. Grizzard, and H. L. Owen, "Detecting and categorizing kernel-Ievel rootkits to aid future detection," IEEE Security & Privacy, 4(1) pp. 24-32, 2006 https://doi.org/10.1109/MSP.2006.11
- J. Joy, A. John, and J. Joy, "Rootkit detection mechanism: A survey," Advances in Parallel Distributed Computing Springer Berlin Heidelberg, pp. 366-374, 2011.
- J. Gotzfried, and T. Muller, "Analysing Android's Full Disk Encryption Feature," JoWUA, 5(1), pp. 84-100, 2014.
- P. Kleissner, "Stoned bootkit," Black Hat USA, pp. 5-7, 2009
- D. E. Rodionov, A. Matrosov, and D. Harley, "Bootkits: Past, Present and Future," In VB Conference, 2014.
- Desnos, A., Filiol, E., & Lefou, I. "Detecting (and creating!) a HVM rootkit (aka BluePill-like).", Journal in computer virology, 7(1), pp. 23-49, 2011. https://doi.org/10.1007/s11416-009-0130-8
- F. Zhang, H. Wang, K. Leach, and A. Stavrou, "A framework to secure peripherals at runtime," European Symposium on Research in Computer Security, Springer International Publishing, 2014.
- T. Hudson, and L. Rudolph, "Thunderstrike: EFI firmware bootkits for apple macbooks," Proceedings of the 8th ACM International Systems and Storage Conference ACM, 2015.
- Z. Zhou, J. Fan, N. Zhang, R. Xu, "Advance and development of computer firmware security research," Proceedings of the 2009 International Symposium on Information Processing (ISIP'09) Huangshan, PR China, 2009.
- Wikipedia contributors, "Rooting (Android OS)," Wikipedia, The Free Encyclopedia, 31 Dec. 2016.
- A. Silberschatz, P. B. Galvin, G. Gagne, and A. Silberschatz, " Operating system concepts," Vol. 4, Reading: Addison-wesley, 1998.
- K. R. Linberg, " Software developer perceptions about software project failure: a case study," Journal of Systems and Software, 49(2), pp. 177-192, 1999. https://doi.org/10.1016/S0164-1212(99)00094-1
- J. Zaddach, and A. Costin, "Embedded devices security and firmware reverse engineering," Black-Hat USA, 2013.
- S. Kim, J. Park, K. Lee, I. You, and K. Yim, "A brief survey on rootkit techniques in malicious codes," Journal of Internet Services and Information Security, 3(4), pp. 134-147, 2012.
- A. Trosov, E. Rodionov, "Defeating x64: Modern Trends of Kernel-Mode Rootkits," http://go.eset.com/us/resources/white-papers/Ekoparty2011_preso.pdf.
- D. Lobo, P. Watters, X. W. Wu, and L. Sun, "Windows rootkits: Attacks and countermeasures," Cybercrime and Trustworthy Computing Workshop (CTC), 2010 2th IEEE, 2010.
- R. Hund, T. Holz, and F. C. Freiling, "Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms," USENIX Security Symposium, 2009.
- R. Riley, X. Jiang, and D. Xu, "Guest-transparent prevention ofkemel rootkits with vmm-based memory shadowing," International Workshop on Recent Advances in lntrusion Detection, Springer Berlin Heidelberg, 2008.
- S. Kamouskos, "Stuxnet worm impact on industrial cyber-physical system security," IECON 37th Annual Conference on IEEE lndustrial Electronics Society, IEEE, 2011.
- D. Kim, "Cyber security issues imposed on nuclear power plants," Annals of Nuclear Energy 65 pp. 141-143, 2014. https://doi.org/10.1016/j.anucene.2013.10.039
- G.P. H. Sandaruwan, P. S. Ranaweera, and V. A. Oleshchuk, "PLC security and critical infrastructure protection," lndustrial and Information Systems (ICIIS), 2013 8th IEEE lnternational Conference on IEEE, 2013.
- Z. Basnight, J. Butts, J. Lopez, and T. Dube, "Firmware modification attacks on programmable logic controllers," lnternational Journal of Critical lnfrastructure Protection 6(2), pp. 76-84, 2013 https://doi.org/10.1016/j.ijcip.2013.04.004
- C. Schuett, J. Butts, and S. Dunlap, "An evaluation of modification attacks on programmable logic controllers," lnternational Journal of Critical lnfrastructure Protection 7(1), pp. 61-68, 2014 https://doi.org/10.1016/j.ijcip.2014.01.004
- OWASP Internet of Things (IoT) Project, https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project.
- D. Miessler, "Securing the Internet of Things: Mapping Attack Surface Areas Using the OWASP IoT Top 10," RSA Conference 2015.
- Smartphone OS Market Share 2016 Q3, http://www.idc.com/promo/smartphone-market-share/os;jsessionid=A1558D921E60EA5452D56F6F43AF44C4.
- McAfee, "Mobile Threat Report: What's on the Horizon for 2016", 2016
- Q. R. Haroon, "How to Root Your Android Phone Device Or Tablet," http://www.addictivetips.com/mobile/how-to-root-your-android-phone-device.
- A. John, "What is Rooting on Android? The Advantages and Disadvantages," http://droidlessons.com/what-is-rooting-on-androidthe-advantages-and-disadvantages.
- D. Scott, " Rooting for Dumrnies: A Beginner's Guide to Rooting your Android Device," http://www.androidauthority.com/rooting-for-Dummies-a-Beginners-Guide-to-root-your-Android-Phone-or-Tablet-10915.
- TRENDMICRO, "Android Flaw Discovered: 950 Million Users at Risk from 'Stagefright'," https://www.trendmicro.com/vinfo/us/security/news/mobile-safety/android-flaw-discovered-950-million-users-at-risk.
- China lnternet Watch, "80% China's Mobile Users Rooted Smartphones in 2014," https://www.chinainternetwatch.com/12926/80-china-smartphone-users-rooted.
- J. J. Drake, Z. Lanier, C. Mulliner, P. O. Fora, S. A. Ridley and G. Wicherski, "Android hacker's handbook. John Wiley & Sons", 2014.
- S. T. Sun, A. Cuadros, and K. Beznosov, "Android rooting: Methods, detection, and evasion," Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices ACM, 2015.
- Fastboot, http://www.xda-developers.com/tag/fastboot.
- ODIN, http://www.xda-developers.com/tag/odin.
- Factory Images for Nexus Devices, https://developers.google.com/android/images.
- TCG, "TCG Specification Architecture Overview, Specification Revision 1.4, 2nd August 2007", http://www.trustedcomputinggroup.org.
- UEFI, http://www.uefi.org.
- Secure Boot Flow, http://luleimi.blog.163.com/blog/static/175219645201281722831871.
- G. Fedorkow, "What's the Difference between Secure Boot and Measured Boot?," https://forums.juniper.net/t5/Security-Now/What-s-the-Difference-between-Secure-Boot-and-Measured-Boot/ba-p/281251.
- G. Fedorkow, "What is a Trusted Platform Module (TPM)?," http://forums.juniper.net/t5/Security-Now/What-is-a-Trusted-Platform-Module-TPM/ba-p/281128.
- OMTP, "Advanced trusted environment: OMTP TR1," May 2009.
- J. Lloyd, "Global Platform Device Technology Further Supports the Trusted Execution Environment," http://globalplatform.org/mediapressview.asp?id=800.
- TEE, ''Trusted Executed Environment(TEE)", https://www.trustonic.com/technology/trusted-execution-environment.
- GLOBALPLATFORM, ''The Trusted Executin Environmnet: Delivering Enhanced Security at a Lower Cost to the Mobile Market," http://www.globalplatform.org/documents/whitepapers/GlobalPlatform_TEE_Whitepaper_2015.pdf.
- J. Levine, J. Grizzard, and H. Owen, "A methodology to detect and characterize kemel level rootkit exploits involving redirection of the system call table," lnformation Assurance Workshop 2004, Proceedings Second IEEE International lEEE, 2004.
- G. H. Kim, and E. H. Spafford, "The design and implementation of tripwire: A file system integrity checker," Proceedings ofthe 2nd ACM Conference on Computer and Communications Security ACM, 1994.
- R. Wichmann, "A comparison of several host/file integrity monitoring programs," http://www.la-samhna.de/library/scanners.html.
- J. F. Levine, J. B. Grizzard, and H. L. Owen, "Detecting and categorizing kernel-level rootkits to aid future detection," IEEE Security & Privacy 4(1), pp.24-32, 2006. https://doi.org/10.1109/MSP.2006.11
- Y. M. Wang, D. Beck,B. Vo, R. Roussev and C. Verbowski, "Detecting stealth software with strider ghostbuster," Dependable Systems and Networks, 2005, Proceedings. International Conference on IEEE, 2005.
- T. Garfinkel, and M. Rosenblum, "A Virtual Machine Introspection Based Architecture for Intrusion Detection," NDSS. Vol. 3. No. 2003, 2003.
- K. Lim, Y Jeong, S. Cho, M. Park, S. Han, "An Android Application Protection Scheme against Dynamic Reverse Engineering Attacks," JoWUA Vol.7, No.3 pp. 53-76, 2016.
- S. Smalley, and R. Craig, "Security Enhanced (SE) Android: Bringing Flexible MAC to Android," NDSS, Vol. 310, 2013.
- 정윤식, 임경환, 조성제, "SEAndroid의 한계," 한국정보과학회 학술발표논문집, pp.129-131, 2016.