• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.15 no.1
• /
• pp.61-68
• /
• 2015

Recently, with increasing use of smartphones, the security threats also have increased rapidly. Especially, the compromised smartphone is very dangerous because it could be exploited in a DDOS attacks such as cyberterrorism as well as in the leakage of personal information. However, most bot detection mechanisms are still unsuitable for smartphone with its lower computing capability and limited battery capacity because they incur additional computational overheads or require pre-defined signatures. In this paper, we present an efficient bot detection mechanism in smartphones. Our mechanism detects effectively bots in outgoing traffic by using a correlation between user events and network traffic. We have implemented its prototype in Android smartphone and measured its performance. The evaluation results show that our mechanism provides low overhead to detect bots in smartphones.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.4
• /
• pp.829-838
• /
• 2015

As the number of smartphone users have increased, many kinds of malwares have emerged. Unlike existing malwares, spyware can be installed normally after user authentication and agreement according to security policy. For this reason, it is not easy to catch spywares involving harmful functionalities to users by using existing malware detection system. Therefore, our paper focuses on study about detecting mainly wiretapping spywares among them by developing a new wiretapping detection model and application. Specifically, this study conducts to find out power consumption on each application and modular and network consumption to detect voice wiretapping so Open Source Project Power Tutor is used to do this. The risk assessment of wiretapping is measured by gathered all power consumption data from Open Source Project Power Tutor. In addition, developed application in our study can detect at-risk wiretapping spyware through collecting and analyzing data. After we install the application to the smartphone, we collect needed data and measure it.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.3
• /
• pp.131-137
• /
• 2014

The advent of various smart devices like smart phones and tablets has triggered the changes in information systems of medical centers. Especially, diversifying devices of clients and the need for N-Screen services increase necessities for sharing effectively information in medical centers. However, developing and managing clients for each OS like iOS and Android cost high and make it hard to provide seamless service through multi devices. Also, in the aspect of security it is necessary to share information between clients and health information systems. In this paper, we develop a smart health information client based real-time health information sharing framework. The developed client is based on hybrid app, that enables to share information in real time between N devices through health information sharing framework and to adopted to developments of various clients.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.95-110
• /
• 2018

With the widespread use of smartphones, various personal information of users is being recorded on a smartphone in real time. For the purpose of preventing the loss of important personal information of users, manufacturer provides a smartphone backup applications. Recently, not only backup programs for PC but also backup mobile apps for smart phones have been provided. From the point of view acquiring forensic data, it is important not to compromise the acquisition possibilities and the integrity of the original data. Especially, in the case of Android smartphones, various studies are being carried out to acquire the data without damaging the integrity of the original data. However, there are limitations to apply the existing research methods. In this paper, we describe the process of acquiring data using the backup mobile app provided by the manufacturer without compromising the integrity of the latest smartphone.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.5
• /
• pp.1181-1186
• /
• 2013

Mobile network has become an essential tool for mutual communications, so a survey research published that most of the smartphone users use Mobile Instant Messenger every day. In this paper, we developed a wire-wireless integrated web messenger that can be used in various platform of mobile devices and desktop computer for communicating between users of some companies. We defined a multi-organization as several independent companies. Our web messenger was developed for communicating of users of a multi-organization. So one of functions of our web messenger is to restrict access to some particular departments in each company for the security of their company. Developed web messenger worked reliably from variety of web browsers on most of platforms such as android, iOs and desktop computers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.3
• /
• pp.353-363
• /
• 2021

As the Untact era is rapidly changing, collaboration tools are increasing their utilization and value as digital technologies for non-face-to-face work. While instant messenger-based collaboration tools support a variety of functions, crime and accident concerns are also increasing in proportion to their convenience, such as information leakage and security incidents. Meanwhile, the digital forensics perspective on collaborative tools is not enough, so forensics research is needed. This study analyzes significant artifacts in the two operating environments through Windows and Android forensics research on Microsoft Teams, the collaboration tool with the highest share in the world. Also, based on differences in artifacts and data attributes according to the operating environment, by applying 'differential forensic', we proved that the usefulness of evidence can be improved by presenting a complementary analysis method and timeline configuration through information linkage.

• Smart Media Journal
• /
• v.10 no.4
• /
• pp.9-14
• /
• 2021

In the case of the existing remote collaboration, the remote support service-oriented system is not suitable for the use of the field-oriented multi-person remote collaboration system. This paper is a remote collaboration system development for various industrial sites. We develop remote support and work management that faces the various needs of industrial sites, real-time video remote support between workers, and real-time voice work sharing between workers. In addition, The goal of the development aims to increase the usability by strengthening the security function through encryption in the video and to develop a more efficient system. Finally, the development contents are the remote management and the support software development, Android app development for worker, WebRTC-based remote collaboration system construction and development, and prototype development. These products are expected to increase demand and increase sales by installing and operating at industrial sites, and can promote manpower training, understanding trending technologies, and improving capabilities.