• Journal of the Korea Convergence Society
• /
• v.8 no.4
• /
• pp.25-36
• /
• 2017

As smartphone users have increased in recent years, various applications have been developed and used especially for Android-based mobile devices. However, malicious applications developed by attackers for malicious purposes are also distributed through 3rd party open markets, and damage such as leakage of personal information or financial information of users in mobile terminals is continuously increasing. Therefore, to prevent this, a method is needed to distinguish malicious apps from normal apps for Android-based mobile terminal users. In this paper, we analyze the existing researches that detect malicious apps by extracting the system call events that occur when the app is executed. Based on this, we propose a technique to identify malicious apps by analyzing the sequence similarity of kernel layer events occurring in the process of running an app on commercial Android mobile devices.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.1-10
• /
• 2020

The mobile application based on the Android platform is simple to decompile, making it possible to create malicious applications similar to normal ones, and can easily distribute the created malicious apps through the Android third party app store. In this case, the Android malicious application in the smartphone causes several problems such as leakage of personal information in the device, transmission of premium SMS, and leakage of location information and call records. Therefore, it is necessary to select a optimal model that provides the best performance among the machine learning techniques that have published recently, and provide a technique to automatically identify malicious Android apps. Therefore, in this paper, after adopting the feature engineering to Android apps on official test set, a total of four performance evaluation experiments were conducted to select the machine learning model that provides the optimal performance for Android malicious app detection.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.397-400
• /
• 2012

To activate the use of the mobile Internet, its service must be changed itself, as well as improvement of its use environment, and the changing direction must orient 'SMART SERVICE', which it provides in the fastest, easiest, most comfortable way by selecting the core information users want most. This paper suggests that the users of smartphones access diverse contents out of the mobile apps anytime and anywhere and use them conveniently, by activating social communication among the users of school information through the mobile app development suitable for Android OS.

• Information and Communications Magazine
• /
• v.29 no.8
• /
• pp.65-71
• /
• 2012

스마트폰을 비롯한 다양한 모바일 기기 보급이 급속도로 증가하고 있고, 이들 기기에 저장된 각종 개인정보에 대한 불법적 접근을 노라는 악성 앱들로 인한 피해가 발생하고 있다. 이들 위변조 앱 출현의 원인 중의 하나는 앱 실행화일의 역컴파일이 쉽기 때문이다. 앱 역컴파일이 쉽게 이루어지지 않도록 하기 위한 기술 중의 하나가 코드 난독화 기술이다. 따라서, 본 고에서는 일반적인 난독화 기술들을 분류하고, 현존하는 안드로이드, 아이폰, 윈도폰에 적용가능한 난독화 도구들의 기능에 대하여 조사 분석한다.

• Journal of Software Assessment and Valuation
• /
• v.15 no.1
• /
• pp.11-24
• /
• 2019

Using cross-platform development frameworks, mobile app developers can easily implement mobile apps for multiple platforms in one step. The frameworks also provides adversaries with the ability to write malicious code once, and then run it anywhere for other platforms. In this paper, we analyze the ratio of benign and malicious apps written by cross-platform development frameworks for Android apps collected from AndroZoo's site. The analysis results show that the percentage of benign apps written in the frameworks continues to increase, accounting for 45% of all benign apps in 2018. The percentage of malicious apps written in the frameworks accounted for 25% of all malicious apps in 2015, but that percentage has declined since then. This study provides useful information to make a suitable choice when app developers face several challenges in cross platform app development.

• Review of KIISC
• /
• v.23 no.2
• /
• pp.35-42
• /
• 2013

최근 모바일 게임서비스의 이용자가 증가함에 따라 스미싱 등 결제부정행위에 악용되는 사례들이 증가하고 있다. 이에 따라 안드로이드 환경에서 동작하는 스마트폰 내 모바일 게임 서비스에 대한 보안 요구사항이 게임앱 개발사, 게임서비스 제공사, 유통플랫폼 기업들에 요구되고 있다. 모바일 게임 서비스 보안은 PC 상에서의 게임보안과 어떤 차이점들이 존재하며 모바일 게임 내에 존재하는 취약점들의 유형은 어떤 것들이 있는지 살펴보고, 이에 대한 대안 및 기술적 한계를 살펴보도록 한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.1
• /
• pp.17-24
• /
• 2023

Mobile apps frequently request permission to access sensitive data for user convenience. However, while using mobile applications, sensitive and personal data has been leaked even if users do not allow it. To deal with this problem, Google App Store has required developers to disclose how the mobile app handles user data in a privacy policy. However, users are not certain that the privacy policy describes all the app's behavior. They have no choice but to rely on the privacy policy to confirm how the app uses data. This study designed a system that checks the reliability of privacy policies by analyzing the privacy policy texts and mobile apps. First, the system extracts and analyzes the privacy policy texts to check which personal data the privacy policy discloses that the mobile apps can collect. After analyzing which data apps can access using android static analysis, we compare both results to analyze the reliability of privacy policies. For the experiment, we collected the APK files and metadata of about 13K android apps registered in the Google Play Store and preprocessed the apps by four conditions. According to the comparison between privacy policies and mobile app behavior, many apps can access more personal data than disclosed in the privacy policy.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.05a
• /
• pp.429-432
• /
• 2012

Mobile devices diffusion begins by the iPhone and spreads by the Android. A widely used mobile devices is Smartphone(iPhone, Android, Bada, WindowPhone7, BlackBerry, etc) and Tablet(iPad, Android). In the past, we have developed a dedicated application for device. But, Now we must develop a application by considering the characteristics of the operating system. Accordingly, many problems occurred and other developmet methods have emerged. In this paper, we learn about MobileHybridApp development tool-oriented One Source Multi Use-and compare the differences, propose a method to develop context-sensitive.

• Review of Korean Society for Internet Information
• /
• v.13 no.1
• /
• pp.30-38
• /
• 2012

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1457-1465
• /
• 2017

With the growing of smart devices market, malicious behavior has gradually expanded its scope. Accordingly, many studies have been conducted to analyze malicious apps and automated analysis tools have been released. However these tools cause the side effects that the application protection tools such as ProGuard, DexGuard become vulnerable to analyzers or attackers. This paper suggests the protection mechanism to apply to the Android apps using security token, rather than general-purpose protection solutions that can be applied in malicious apps. The main features of this technique are that Android app is not properly loaded in the memory when the security token is abnormal or is not inserted and protected parts using the technique are not exposed.