Browse > Article
http://dx.doi.org/10.6109/jkiice.2021.25.10.1369

Possibility of Information Leakage through Analysis of Chinese Antivirus Software  

Park, Wonhyung (Department of Information Security Protection, Sangmyung University)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.25, no.10, 2021 , pp. 1369-1374 More about this Journal
Abstract
Recently, controversy has been raised over the security and safety of Chinese-made network equipment (Huawei 5G), apps (TikTok, etc.). In particular, according to the results of the Ministry of Defense investigation in 2020, malicious codes were found in CCTVs made in China that were delivered as military surveillance equipment used as a coast guard system, and specific information was remotely transmitted to a Chinese server. The safety issues of these Chinese security products can be questioned as being systematically led by the state rather than by companies or individuals. In this paper, we perform network and process level analysis of 360 Total Security(360 TS), a Chinese antivirus software. In addition, it compares and analyzes the domestic cloud-based vaccine V3 Lite product. Through this, the safety of Chinese security solutions is checked and information leakage and risks are suggested.
Keywords
Chinese software; Network analysis; Information leakage; Vulnerability; 360 total security;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. C. Na and G. P. Kumar, "Quality of Service in Meta Cloud," Asia-pacific Journal of Convergent Research Interchange, vol. 1, no. 3, pp. 53-57, Sep. 2015.
2 Malicious Phishing Message Alert. Digital Times [Internet]. Available:.http://www.dt.co.kr/contents.html?article_no=2017032902101560041001.
3 Chinese Certificate Authority to Ban Google Chrome, Chinese SSL Certificate Authorities, East Security [Internet]. Available: https://blog.alyac.co.kr/782.
4 J. H. Kim, "A Study on Comparative and Analysis of Malicious Code Detection in Anti-virus Software based on Cloud Computing," Konkuk University, MS, 2014.
5 S. H. Kim and J. Yoo, "A Study on Prediction of Malicious Code Infectionin Websites Using Markov Chain," Journal of Security Engineering, vol. 14, no. 1, 2017.
6 Qihoo 360. namuwiki [Internet]. Available: https://namu.wiki/w/%EC%B9%98%ED%9B%84360.
7 Do you agree to access location information for banking?. Economy NEWS [Internet]. Available: http://www.meconomynews.com/news/article.html?no=18909.
8 V. Sujatha, "Auditing of Storage Security on Encryption TORAGE SECURITY ON ENCRYPTION," Asia-pacific Journal of Convergent Research Interchange, vol. 3, no. 2, Jun, 2017.
9 What is Cloud Diagnostics?. Blog [Internet]. Available: https://arrestlove.tistory.com/351.
10 Cloud Computing [Internet]. Available: http://en.wikipedia.org/wiki/Cloud_computing.