• Title/Summary/Keyword: 악성코드

Search Result 817, Processing Time 0.026 seconds

Internal Network Partition Security Model Based Authentication using BlockChain Management Server in Cloud Environment (클라우드 환경에서 블록체인관리서버를 이용한 인증기반 내부망 분리 보안 모델)

  • Kim, Young Soo;Lee, Byoung Yup
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.6
    • /
    • pp.434-442
    • /
    • 2018
  • Recently, the threat to the security and damage of important data leaked by devices of intranet infected by malicious code through the Internet have been increasing. Therefore, the partitioned intranet model that blocks access to the server for business use by implementing authentication of devices connected to the intranet is required. For this, logical net partition with the VDI(Virtual Desktop Infrastructure) method is no information exchange between physical devices connected to the intranet and the virtual device so that it could prevent data leakage and improve security but it is vulnerable to the attack to expose internal data, which has access to the server for business connecting a nonregistered device into the intranet. In order to protect the server for business, we suggest a blockchain based network partition model applying blockchain technology to VDI. It contributes to decrease in threat to expose internal data by improving not only capability to verify forgery of devices, which is the vulnerability of the VDI based logical net partition, but also the integrity of the devices.

An Efficient Decoy File Placement Method for Detecting Ransomware (랜섬웨어 탐지를 위한 효율적인 미끼 파일 배치 방법)

  • Lee, Jinwoo;Kim, Yongmin;Lee, Jeonghwan;Hong, Jiman
    • Smart Media Journal
    • /
    • v.8 no.1
    • /
    • pp.27-34
    • /
    • 2019
  • Ransomware is a malicious program code evolved into various forms of attack. Unlike traditional Ransomware that is being spread out using email attachments or infected websites, a new type of Ransomware, such as WannaCryptor, may corrupt files just for being connected to the Internet. Due to global Ransomware damage, there are many studies conducted to detect and defense Ransomware. However, existing research on Ransomware detection only uses Ransomware signature database or monitors specific behavior of process. Additionally, existing Ransomware detection methods hardly detect and defense a new Ransomware that behaves differently from the traditional ones. In this paper, we propose a method to detect Ransomware by arranging decoy files and analyzing the method how Ransomware accesses and operates files in the file system. Also, we conduct experiments using proposed method and provide the results of detection and defense of Ransomware in this paper.

Vulnerability analysis for AppLock Application (AppLock 정보 은닉 앱에 대한 취약점 분석)

  • Hong, Pyo-gil;Kim, Dohyun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.32 no.5
    • /
    • pp.845-853
    • /
    • 2022
  • As the memory capacity of smartphone increases, the type and amount of privacy stored in the smartphone is also increasing. but recently there is an increasing possibility that various personal information such as photos and videos of smartphones may be leaked due to malicious apps by malicious attackers or other people such as repair technicians. This paper analyzed and studied the security and vulnerability of these vault apps by analyzing the cryptography algorithm and data protection function. We analyzed 5.3.7(June 13, 2022) and 3.3.2(December 30, 2020) versions of AppLock, the most downloaded information-hidding apps registered with Google Play, and found various vulnerabilities. In the case of access control, there was a vulnerability in that values for encrypting patterns entered by users were hardcoded into plain text in the source code, and encrypted pattern values were stored in xml files. In addition, in the case of the vault function, there was a vulnerability in that the files and log files for storing in the vault were not encrypted.

Design of Comprehensive Security Vulnerability Analysis System through Efficient Inspection Method according to Necessity of Upgrading System Vulnerability (시스템 취약점 개선의 필요성에 따른 효율적인 점검 방법을 통한 종합 보안 취약성 분석 시스템 설계)

  • Min, So-Yeon;Jung, Chan-Suk;Lee, Kwang-Hyong;Cho, Eun-Sook;Yoon, Tae-Bok;You, Seung-Ho
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.18 no.7
    • /
    • pp.1-8
    • /
    • 2017
  • As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

A Study on the Influence of Information Security on Consumer's Preference of Android and iOS based Smartphone (정보보안이 안드로이드와 iOS 기반 스마트폰 소비자 선호에 미치는 영향)

  • Park, Jong-jin;Choi, Min-kyong;Ahn, Jong-chang
    • Journal of Internet Computing and Services
    • /
    • v.18 no.1
    • /
    • pp.105-119
    • /
    • 2017
  • Smartphone users hit over eighty-five percentage of Korean populations and personal private items and various information are stored in each user's smartphone. There are so many cases to propagate malicious codes or spywares for the purpose of catching illegally these kinds of information and earning pecuniary gains. Thus, need of information security is outstanding for using smartphone but also user's security perception is important. In this paper, we investigate about how information security affects smartphone operating system choices by users. For statistical analysis, the online survey with questionnaires for users of smartphones is conducted and effective 218 subjects are collected. We test hypotheses via communalities analysis using factor analysis, reliability analysis, independent sample t-test, and linear regression analysis by IBM SPSS statistical package. As a result, it is found that hardware environment influences on perceived ease of use. Brand power affects both perceived usefulness and perceived ease of use and degree of personal risk-accepting influences on perception of smartphone spy-ware risk. In addition, it is found that perceived usefulness, perceived ease of use, degree of personal risk-accepting, and spy-ware risk of smartphone influence significantly on intention to purchase smartphone. However, results of independent sample t-test for each operating system users of Android or iOS do not present statistically significant differences among two OS user groups. In addition, each result of OS user group testing for hypotheses is different from the results of total sample testing. These results can give important suggestions to organizations and managers related to smartphone ecology and contribute to the sphere of information systems (IS) study through a new perspective.

Relative Importance Analysis of Management Level Diagnosis for Consignee's Personal Information Protection (수탁사 개인정보 관리 수준 점검 항목의 상대적 중요도 분석)

  • Im, DongSung;Lee, Sang-Joon
    • Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
    • /
    • v.8 no.2
    • /
    • pp.1-11
    • /
    • 2018
  • Recently ICT, new technologies such as IoT, Cloud, and Artificial Intelligence are changing the information society explosively. But personal information leakage incidents of consignee's company are increasing more and more because of the expansion of consignment business and the latest threats such as Ransomware and APT. Therefore, in order to strengthen the security of consignee's company, this study derived the checklists through the analysis of the status such as the feature of consignment and the security standard management system and precedent research. It also analyzed laws related to consignment. Finally we found out the relative importance of checklists after it was applied to proposed AHP(Analytic Hierarchy Process) Model. Relative importance was ranked as establishment of an internal administration plan, privacy cryptography, life cycle, access authority management and so on. The purpose of this study is to reduce the risk of leakage of customer information and improve the level of personal information protection management of the consignee by deriving the check items required in handling personal information of consignee and demonstrating the model. If the inspection activities are performed considering the relative importance of the checklist items, the effectiveness of the input time and cost will be enhanced.

The comparison of lesion localization methods in breast lymphoscintigraphy (Breast lymphoscintigraphy 검사 시 체표윤곽을 나타내는 방법의 비교)

  • Yeon, Joon ho;Hong, Gun chul;Kim, Soo yung;Choi, Sung wook
    • The Korean Journal of Nuclear Medicine Technology
    • /
    • v.19 no.2
    • /
    • pp.74-80
    • /
    • 2015
  • Purpose Breast lymphoscintigraphy is an important technique to present for body surface precisely, which shows a lymph node metastasis of malignant tumors at an early stage and is performed before and after surgery in patients with breast cancer. In this study, we evaluated several methods of body outline imaging to present exact location of lesions, as well as compared respective exposure doses. Materials and Methods RANDO phantom and SYMBIA T-16 were used for obtaining imaging. A lesion and an injection site were created by inserting a point source of 0.11 MBq on the axillary sentinel lymph node and 37 MBq on the right breast, respectively. The first method for acquiring the image was used by drawing the body surface of phantom for 30 sec using $Na^{99m}TcO_4$ as a point source. The second, the image was acquired with $^{57}Co$ flood source for 30 seconds on the rear side and the left side of the phantom, the image as the third method was obtained using a syringe filled with 37 MBq of $Na^{99m}TcO_4$ in 10 ml of saline, and as the fourth, we used a photon energy and scatter energy of $^{99m}Tc$ emitting from phantom without any addition radiation exposure. Finally, the image was fused the scout image and the basal image of SPECT/CT using MATLAB$^{(R)}$ program. Anterior and lateral images were acquired for 3 min, and radiation exposure was measured by the personal exposure dosimeter. We conducted preference of 10 images from nuclear medicine doctors by the survey. Results TBR values of anterior and right image in the first to fifth method were 334.9 and 117.2 ($1^{st}$), 266.1 and 124.4 ($2^{nd}$), 117.4 and 99.6 ($3^{rd}$), 3.2 and 7.6 ($4^{th}$), and 565.6 and 141.8 ($5^{th}$). And also exposure doses of these method were 2, 2, 2, 0, and $30{\mu}Sv$, respectively. Among five methods, the fifth method showed the highest TBR value as well as exposure dose, where as the fourth method showed the lowest TBR value and exposure dose. As a result, the last method ($5^{th}$) is the best method and the fourth method is the worst method in this study. Conclusion Scout method of SPECT/CT can be useful that provides the best values of TBR and the best score of survey result. Even though personal exposure dose when patients take scout of SPECT/CT was higher than another scan, it was slight level comparison to 1 mSv as the dose limit to non-radiation workers. If the scout is possible to less than 80 kV, exposure dose can be reduced, and also useful lesion localization provided.

  • PDF