Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.6.1345

Vulnerability Analysis Method of Software-based Secure USB  

Kim, Minho (Chonnam National University)
Hwang, Hyunuk (The Attached Institute of ETRI)
Kim, Kibom (The Attached Institute of ETRI)
Chang, Taejoo (The Attached Institute of ETRI)
Kim, Minsu (Mokpo National University)
Noh, Bongnam (Chonnam National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.6, 2012 , pp. 1345-1354 More about this Journal
Abstract
The modern society with the wide spread USB memory, witnesses the acceleration in the development of USB products that applied secure technology. Secure USB is protecting the data using the method as device-based access control, encryption of stored files, and etc. In terms of forensic analyst, to access the data is a lot of troubles. In this paper, we studied software-based data en/decryption technology and proposed for analysis mechanism to validation vulnerability that secured on removable storage media. We performed a vulnerability analysis for USB storage device that applied security mechanism. As a result, we found vulnerabilities that extracts a source file without a password.
Keywords
Digital Forensic; Secure USB; Data encryption; Vulnerability;
Citations & Related Records
연도 인용수 순위
  • Reference
1 USB 보안 기술 및 제품 동향, 주간기술동향 통권 1380호, 정보통신연구진흥원, 2009년 1월
2 Simson Garfinkel, "Anti-Forensics: Techniques, Detection and Countermeasures," 2nd International Conference on i-Warfare and Security, pp. 77-84, Nov. 2007.
3 정선훈, 한기인, 신현우, "중소기업 산업기밀관리 실태조사 보고서," 한국산업기술진흥협회, 2010년 12월
4 C. Hargreaves and H. Chivers, "Recovery of Encryption Keys from Memory Using a Linear Scan," The Third International Conference on Availability Reliability and Security, pp. 1369-1376, Mar. 2008.
5 Jewan Bang, Byeongyeong Yoo, and Sanjin Lee, "Secure USB Bypassing Tool," DFRWS 2010, pp. 114-120, Aug. 2010.
6 정한재, 최윤성, 전웅렬, 양비, 김승주, 원동호, "보안 USB 플래시 드라이브의 취약점 분석과 CC v3.1기반의 보호프로파일 개발," 한국정보보호학회 논문지, 17(6), pp. 99-119, 2007년 12월
7 Robin Snyder, "Some Security Alternatives for Encrypting Information on Storage Devices," InfoSecCD '06 Proceedings of the 3rd annual conference on Information security curriculum development, pp. 79-84, 2006.
8 J.Alex Halderman and Seth D.Schoen, "Cold-boot attacks on encryption keys," Communications of the ACM vol.52, no. 5, pp. 91-98, May. 2009.   DOI   ScienceOn
9 Stefan Balogh and Matej Pondelik, "Capturing Encryption Keys for Digital Analysis", IEEE:International Conference on Intelligent Data Acquisition and Advanced Computing Systems, vol 2, pp. 759-763. Sep. 2011.
10 이혜원, 박창욱, 이근기, 김권엽, 이상진, "포렌식 관점에서의 보안 USB 현황분석," 한국방송공학회 동계학술대회, pp.63-65, 2008년 2월