Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.5.1021

Efficient method for finding patched vulnerability with code filtering in Apple iOS  

Jo, Je-gyeong (Chung-Nam National University)
Ryou, Jae-cheol (Chung-Nam National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.5, 2015 , pp. 1021-1026 More about this Journal
Abstract
Increasing of damage by phishing, government and organization response more rapidly. So phishing use malware and vulnerability for attack. Recently attack that use patch analysis is increased when Microsoft announce patches. Cause of that, researcher for security on defense need technology of patch analysis. But most patch analysis are develop for Microsoft's product. Increasing of mobile environment, necessary of patch analysis on mobile is increased. But ordinary patch analysis can not use mobile environment that there is many file and small size. So we suggest this research that use code filtering instead of Control Flow Graph and Abstract Syntax Tree.
Keywords
Smart Phone; iOS; Patch; Vulnerability; Code Filtering;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Dullien, Thomas, and Rolf Rolles. "Graph-based comparison of executable objects," SSTIC 5, 2005
2 Diaphora, "https://github.com/joxeankoret/diaphora"
3 Chan-Kyu Park, Hyong-Shik Kim, Tae jin Lee, Jae-Cheol Ryou, "Function partitioning methods for malware variant similarity comparison," Journal of The Korea Institute of Information Security & Cryptology, pp.321-330, Apr. 2015
4 Dale G Peterson. "Patch Tuesday leads to exploit Wednesday," Digital Bond, Oct. 2009
5 Matt Oh, "Exploit Spotting : Locating Vulnerabilities Out Of Vendor Patches Automatically," Blackhat USA, Jul. 2010