Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.2.213

An analysis of vulnerability and the method to secure on Android SNS applications from alteration of the code segments  

Lee, Sang Ho (School of Integrated Technology, Yonsei University)
Ju, Da Young (Yonsei Institute of Convergence Technology, Yonsei University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.2, 2013 , pp. 213-221 More about this Journal
Abstract
According to the rapid growth of the number of SNS(Social Networking Service) applications based on Android OS, the importance of its security is also raised. Especially, many applications using KaKaoTalk platform has been released in these days, and these are top ranked in the relative markets. However, security issues on SNS applications have not been resolved clearly. Therefore, it is crucial to provide means to cope with the security threats posed by code-segment modification in the development stage of Android OS based SNS applications. In this paper, we analyze the security threats by modifying SNS application code segments and suggest effective security techniques.
Keywords
SNS; game; application; android; code security; obfuscate;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Jerome Miecznikowski, Laurie Hendren, "Decompiling Java Byte code:Problems, Traps and Pitfalls," Proceedings of the 11th International Conference on Compiler Construction, pp 111- 127, Apr. 2002
2 Adobe, http://www.adobe.com/kr/ products/ air.html
3 Melon player crack - proof video, http://mu2.nayana.kr/-sangholee/xe/i ndex.php?document_srl=423
4 Java, http://java.decompiler.free.fr
5 Android-apktool,http://code.google.co m/p/android-apktool/
6 smali,http://code.google.com/p/smali
7 dex2jar,http://code.google.com/p/dex2j ar
8 애니팡( An y p a n g ) , h t t p : / / we b - m-anipang. sundaytoz. com
9 ProGuard,http://proguard.sourceforge. net/
10 모비즌(Mobizen), http://www.mobizen. com/
11 William Enck, "A study of Android Application Security," USENIX Security Symposium, Aug. 2011
12 Rabin Xu, "Aurasium: Pracitical Policy Enforcement for Android Applications," USENIX Security Symposium, Aug. 2012
13 Md Sazzadur Rahman, "Efficient and Scalable Socware Detection in Online Social Networks," USENIX Security Symposium, Aug. 2012
14 Teodoro Cipresso, "An introduction to software reverse engineering," Springer, 2010.
15 심원태, 김종명, 류재철, 노봉남, "안드로이드 앱 악성행위 탐지를 위한 분석 기법 연구," 정보보호학회논문지, 21(1), pp. 213-219, 2011년 2월.
16 김윤영, "국내 소셜 게임 시장 전망," 한국컴퓨터게임학회논문지, 24(1), pp.113-123, 2011년 3월
17 이병용, 최용수, "Obfuscation 기술의 현황 및 분석과 향후 개발 방향," 보안공학연구논문지, 5(3), pp.219-228 ,2008년 6월
18 Nomair A.Naeem, Laurie Hendren, "Programmer-friendly Decompiled Java," Proceedings of the 14th IEEE International Conference on Program Comprehension, pp.327-336, Jun. 2006