• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.169-176
• /
• 2016

Android platform is designed to be user-friendly, yet sometimes its convenience introduces vulnerabilities that normal users cannot justify. In this paper, after making an overview of popular open source analysis tools for android applications, we point out the dangerous use of Permission Group in current Google Policy, and suggest a technique to mitigate the risks of privilege escalation that attackers are taking advantage of. By conducting the investigation of 21,064 malware samples, we conclude that the proposed technique is considered effective in detecting insecure application update, as well as giving users the heads-up in security awareness.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.258-261
• /
• 2017

안드로이드 애플리케이션 개발 시 특정 기능을 수행하기 위해 필수적으로 AndroidManifest.xml 파일에 권한을 등록한다. 등록된 권한은 애플리케이션 설치 시 사용자에게 동의를 요구하며 애플리케이션을 설치하기 위해 해당 애플리케이션이 요구하는 사용 권한 모두를 동의해야 한다. 애플리케이션이 요구하는 권한에 동의하지 않을 경우 애플리케이션 설치가 취소되며, 권한 요구에 대한 동의 없이 애플리케이션을 설치할 수 없다. 이러한 이유로 대부분의 사용자는 애플리케이션이 본래의 기능과 맞지 않는 필요 범위 이상으로 요구하는 권한까지도 상세하게 살펴보지 않고 동의하여 본래의 기능과 관계없는 권한을 통해 개인정보 유출, 비정상적인 과금 유발 등 다양한 보안위협이 발생한다. 본 논문에서는 안드로이드 애플리케이션의 APK 파일을 통해 애플리케이션이 요구하는 권한과 실제 애플리케이션이 기능 제공을 위해 사용하는 API 목록을 확인하여 애플리케이션이 필요 범위 이상으로 요구하는 권한을 분석한다. 또한, 애플리케이션 업데이트 시 API 추가로 인해 발생할 수 있는 보안위협을 분석한다. 이를 통해 필요 범위 이상으로 요구하는 권한으로 발생할 수 있는 보안위협에 대해 사전에 인지하여 이를 방지할 수 있도록 한다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.12
• /
• pp.948-952
• /
• 2009

Recently, a new distributed grid scheme, called DS-GRID(distributed S-GRID), has been proposed to manage the location information of moving objects in a spatial network[1]. However, because DS-GRID uses uniform grid cells, it cannot handle skewed data which frequently occur in the real application. To solve this problem, we propose a dynamic distributed grid scheme which splits a grid cell dynamically based on the density of moving objects. In addition, we propose a k-nearest neighbor processing algorithm for the proposed scheme. Finally, it is shown from the performance analysis that our scheme achieves better retrieval and update performance than the DS-GRID when the moving objects are skewed.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.13 no.11
• /
• pp.2441-2446
• /
• 2009

Wireless Sensor Network collects a data from the specific area and the control is composed of small sensor nodes. Like this sensors to after that is established at the beginning are operated with the battery, the operational duration until several years must be continued from several months and will be able to apply the resources which is restricted in efficiently there must be. In this paper RHC (rounting history cache) applies in Directed Diffusion which apply a data central concept a reliability and an efficiency in data transfer course set. RHC algorithms which proposes each sensor node updated RHC of oneself with periodic and because storing the optimization course the course and, every event occurrence hour they reset the energy is wasted the fact that a reliability with minimization of duplication message improved.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.696-699
• /
• 2018

This paper introduces a system that enables pupillary tracing and communication with patients with amyotrophic lateral sclerosis (ALS) who can not move free. Face and pupil are tracked using OpenCV, and eye movements are detected using DE1-SoC board. We use the webcam, track the pupil, identify the pupil's movement according to the pupil coordinate value, and select the character according to the user's intention. We propose a system that can use relatively low development cost and FPGA can be reusable, and can select a text easily to mobile phone by using Bluetooth.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.2
• /
• pp.75-86
• /
• 2017

Docker, which is one of the various virtualization technology in server systems, is getting popular as it provides more lightweight environment for service operation than existing virtualization technology. It supports easy way of establishment, update, and migration of server environment with the help of image and container concept. As the adoption of docker technology increases, the attack motive for the server for the distribution of docker images and the incident case of attacking docker-based hosts would also increase. Therefore, the method and procedure of digital forensic investigation of docker-based host including the way to extract the filesystem of containers when docker daemon is inactive are presented in this paper.

• Journal of Institute of Control, Robotics and Systems
• /
• v.15 no.8
• /
• pp.867-875
• /
• 2009

A wireless sensor network inherently comprises a plurality of sensor nodes widely deployed for sensing environmental information. To add new functions or to correct some faulty functions of an existing wireless sensor network, the firmware for each sensor node needs to be updated. Firmware update would be quite troublesome if it requires the gathering, reprogramming, and redeploy of all of already deployed sensor nodes. Over-the-air programming (OTA) facilitates the firmware update process, thereby allowing convenient maintenance of an already-deployed sensor network. This paper proposes and implements a remote firmware update mechanism for a TDMA-based wireless sensor network, in which the firmware for sensor nodes constituting the TDMA-based sensor network can be easily updated and the update process can be conveniently monitored from a remote site. We verify the validity of the proposed firmware update method via experiments and introduce three wireless sensor networks installed in outdoor sites in which the proposed firmware update mechanism has been exploited.

• The Journal of Society for e-Business Studies
• /
• v.12 no.1
• /
• pp.89-97
• /
• 2007

Recently, a large number of authentication schemes based on smart cards have been proposed, using the thinking of OTP (one-time password) to withstand replay attack. Unfortunately, if these schemes implement on PCs instead of smart cards, most of themcannot withstand impersonation attack and Stolen-Verifier attack since the data on PCs is easy to read and steal. In this paper, a secure authentication scheme based on a security key and a renewable token is proposed to implement on PCs. A comparison with other schemes demonstrates the proposed scheme has following merits: (1) Withstanding Stolen-Verifier attack (2) Withstanding Impersonation attack (3) Providing mutual authentication; (4) Easy to construct secure session keys.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.4
• /
• pp.29-34
• /
• 2010

As the nature of the embedded system, it is operated by user specified requirements, the dynamic action(behavior) is needed when the user's requirements change or unexpected situations occur. In this paper, it is proposed that design and implementation of SOA(Service-oriented architecture) based S/W services for dynamic behavior of embedded System. In this proposed technique, the status of embedded system can be checked through Web services, and in the cases of exceptional situations, the required proper actions can be newly updated through Web services. Through this technique, the burden of users concerning exceptional situations can be reduced, and the convenience of use can increased as well.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5C
• /
• pp.673-682
• /
• 2004

The adaptive beam-forming is promising approach for noise reduction in hearing aids. This approach has come in the focus of interest only recently, because of the availability of new and powerful digital signal processors. The adaptation U using usually a Least Mean Squares algorithm, updates the weight vector. In this Paper, we propose a fast wavelet based adaptive algorithm using variable step size algorithm which varies adaptive constant by the change of signal environment. We compared the performance of the proposed algorithm with the known adaptive algorithm using computer simulation of multi channel adaptive bemformer in hearing aids. As the result the proposed algorithm is suitable for adaptive signal processing area using hearing aids and has advantages reducing computational complexity. And we show the beam-forming system using proposed algorithm converges stably in a sudden change of system environment.