Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Establishment of a public safety network app security system

재난안전망 앱 보안 체계 구축

  • Baik, Nam-Kyun (Department of Information Security, Busan University of Foreign Studies)
  • Received : 2021.08.08
  • Accepted : 2021.09.11
  • Published : 2021.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Korea's security response to application service app is still insufficient due to the initial opening of the public safety network. Therefore, preemptive security measures are essential. In this study, we proposed to establish a 'public safety network app security system' to prevent potential vulnerabilities to the app store that distributes app in public safety network and android operating system that operate app on dedicated terminal devices. In order for an application service app to be listed on the public safety network mobile app store, a dataset of malicious and normal app is first established to extract characteristics and select the most effective AI model to perform static and dynamic analysis. According to the analysis results, 'Safety App Certificate' is certified for non-malicious app to secure reliability for listed apps. Ultimately, it minimizes the security blind spots of public safety network app. In addition, the safety of the network can be secured by supporting public safety application service of certified apps.

우리나라는 재난안전통신망 개통 초기로 응용서비스 앱에 대한 보안 대응은 아직은 미흡한 실정이기에, 이에 대한 선제적 보안 대응이 반드시 필요하다. 본 연구에서는 재난안전통신망에서 앱을 유통하는 앱 스토어와 전용 단말에서 앱이 동작되는 안드로이드 운영체제에 대한 잠재적 취약점을 사전 예방하고자 '재난안전망 앱 보안 체계 구축'을 제안하였다. 응용서비스 앱이 재난안전통신망 모바일 앱스토어에 등재하고자 하기 위해서는, 우선 악성 및 정상 앱에 대한 데이터 셋을 구축하여 피쳐를 추출하고 가장 효과적인 AI 모델을 선정하여 정적 및 동적 분석을 수행한다. 분석 결과에 따라 악성 앱이 아닌 경우에 대해서 '안전 앱 인증서'를 인증하여 공인 앱에 대한 신뢰성을 확보한다. 궁극적으로 재난안전통신망 앱의 보안 사각지대를 최소화하고 인증된 앱의 재난안전 응용 서비스 지원으로 재난상황에 대한 통신망의 안전성을 확보할 수 있다.

Keywords

Acknowledgement

This work was supported by a research grant of the Busan University of Foreign Studies in 2021

References

  1. Notification No. 2021-21 of the Ministry of the Interior and Safety, Regulations on the Operation and Use of Public Safety Network, 2021.
  2. Understanding the Public Safety Network [Internet]. Available: https://www.youtube.com/watch?v=S-om7tOS_sg, 2021.
  3. National Science and Technology Council, 3rd Comprehensive Plan for Technology Development of Disaster and Safety Management (Proposal), 2018.
  4. Statcounter-Mobile OS [Internet]. Available: https://gs.statcounter.com.
  5. KISA Report, Security that has supported Android to Android [Internet]. Available: https://www.kisa.or.kr/public/library/IS_List.jsp, KISA, 2020.
  6. American Disaster Network [Internet]. Available: https://www.firstnet.gov.
  7. LTE Overview [Internet]. Available: https://www.firstnet.gov, 2014.
  8. KOREA INFORMATION SOCIETY DEVELOPMENT INSTITUTE, FirstNet's 2015 National Public Safety Broadband Annual Report, Information and Communication Policy Trends, vol. 28 no. 5, 2015.
  9. Guide for Google Play Protect [Internet]. Available: https://play.google.com/store/apps/details?id=com.protect.guide.
  10. Protect your device from harmful apps with Google Play Protect [Internet]. Available: https://support.google.com/googleplay/answer/2812853?hl=ko.