Browse > Article
http://dx.doi.org/10.9708/jksci.2019.24.04.065

A Study on Privilege Elevation Attack Management for Smart Transaction Security on BlockChain Etherium Based System  

Min, Youn-A (Dept. of software, Gachon University)
Publication Information
Journal of the Korea Society of Computer and Information / v.24, no.4, 2019 , pp. 65-71 More about this Journal
Abstract
IAs smart device penetration rate is more than 90%, mobile transaction ratio using smart device is increasing. Smart contracts are used in various areas of real life including smart trading. By applying smart contracts to the platform for smart transactions through block-chain technology, the threat of hacking or forgery can be reduced. However, various threats to devices in smart transactions can pose a threat to the use of block chain Etherium, an important element in privilege and personal information management. Smart contract used in block chain Ethereum includes important information or transaction details of users. Therefore, in case of an attack of privilege elevation, it is very likely to exploit transaction details or forge or tamper with personal information inquiry. In this paper, we propose a detection and countermeasure method for privilege escalation attack, which is especially important for block chain for secure smart transaction using block chain Ethereum. When comparing the results of this study with the results of similar applications and researches, we showed about 12~13% improvement in performance and suggested the future countermeasures through packet analysis.
Keywords
Blockchain; Ethereum; privilege elevation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Ernst & Young Global Limited, https://www.ey.com/kr/ko/home
2 5Miles, https://www.5mils.com
3 Block Chain - Fancy or Innovative, http://news.khan.co. kr/kh_news/khan_art_view.html?artid=201902070600055&code=940100
4 Gartner, https://www.gartner.com/en
5 Mcafee, https://www.mcafee.com/ko-kr/index.html
6 Zhou,Y.,& Jiang,X, "Dissecting android malware:Charac terizationand evolution.InSecurityandPrivacy," 2012 IEEE Symposium pp.95-109, 2012.
7 JIANG. X, "Gingermaster: First andorid malware utilzing a root exploit on android 2.3," NC State University,2011.
8 William Enck & Peter Gilbert & Byung-Gon Chun, "TaintDroid:aninformation-flow trackingsystem forrealtimeprivacy monitoring on smartphones, " InProceeding sof the 9th USENIX conference on Operating systems design and implementation, pp.1-6, 2014.
9 Xu.R. & Saidi.H & Anderson.R, "Aurasium:Practical policy enforcement for android applications," InProceeding sof the 21st USENIX conferenceon Security symposium, pp.27-27, 2012.
10 Min.K.S, "Online shopping trend survey," National Statistical Office, 2019.
11 Lee.S.H, "Device Authentication for Smart Grid System Using Block Chain," KAIST, 2016.
12 The Cointelegraph, A Brief History of Ethereum From Vitalik Buterin's Idea to Release, https://cointelegraph.com/news/ethereum-101-from-idea-to-release
13 Information and Communication Policy Institute, "Online marketing trend, " 2018
14 Lim.M.H, "Impacts and Implications of Block Chain Technology," Information and Communication Technology Promotion Center, 2017.
15 Kang.S.J, "Understanding and Development Status of Block Chain Technology and Implications," The 4th Industrial Revolution and Soft Power Issue Report by the Information and Communication Industry Promotion Agency, No.13, 2018.
16 Block Chain & PinTech leads 'smart finance,' http://www.etnews.com/20180816000425