• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.10
• /
• pp.445-460
• /
• 2013

Mobile applications today are being offered as various services depending on the mobile device and mobile environment of users. This increase in mobile applications has shifted the spotlight to their vulnerability. As an effective method of security verification, this paper proposes "phase-wise security verification for the implementation of mobile applications". This method allows additional security verification by covering specific items across a wider range compared to existing methods. Based on the identified weaknesses, it detects the cause of vulnerability and monitors the related settings.

• Journal of Internet Computing and Services
• /
• v.20 no.2
• /
• pp.61-68
• /
• 2019

Although the number of smartphone users is continuously increasing due to the advantage of being able to easily use most of the Internet services, the number of counterfeit applications is rapidly increasing and personal information stored in the smartphone is leaked to the outside. Because Android app was developed with Java language, it is relatively easy to create counterfeit apps if attacker performs the de-compilation process to reverse app by abusing the repackaging vulnerability. Although an obfuscation technique can be applied to prevent this, but most mobile apps are not adopted. Therefore, it is fundamentally impossible to block repackaging attacks on Android mobile apps. In addition, personal information stored in the smartphone is leaked outside because it does not provide a forgery self-verification procedure on installing an app in smartphone. In order to solve this problem, blockchain is used to implement a process of certificated application registration and a fake app identification and detection mechanism is proposed on Hyperledger Fabric framework.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.35-46
• /
• 2013

As mobile terminal environment gets matured, the use of Android platform based mobile terminals has been growing high. Recently, the number of attacks by malicious application is also increasing as Android platform is vulnerable to private information leakage in nature. Most of these malicious applications are easily distributed to general users through open market or internet and an attacker inserts malicious code into malicious app which could be harmful tool to steal private data and banking data such as SMS, contacts list, and public key certificate to a remote server. To cope with these security threats more actively, it is necessary to develop countermeasure system that enables to detect security vulnerability existing in mobile device and take an appropriate action to protect the system against malicious attacks. In this sense, this paper aggregates diverse system events from multiple mobile devices and also implements a system to detect attacks by malicious application.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.05a
• /
• pp.568-571
• /
• 2013

스마트 폰의 보급량이 증가함에 따라 모바일 악성코드의 위협도 높아졌다. 여러 스마트 폰 플랫폼 중 안드로이드 플랫폼은 높은 점유율과 개방형 플랫폼이라는 특성상 다른 플랫폼에 비해 악의적인 공격에 취약하다. 안드로이드 앱이 스마트 폰에 설치, 실행되기 위해서는 개발자의 서명이 요구된다. 안드로이드 서명체계는 다중 서명을 허용하는데, 다중서명 체계상 악용될 수 있는 취약점이 존재한다. 본 연구에서는 안드로이드 코드서명의 취약점을 이용하여 악성코드를 실행시키고 다른 앱을 감염시키는 악성 앱을 개발하여 취약점의 악용 가능성에 대해 연구하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.184-186
• /
• 2022

Recently, as interest in personal information protection has increased, various apps for personal information protection have emerged. These apps protect data in various formats, such as photos, videos, and documents containing personal information, using encryption and hide functions. These apps can have a positive effect on personal information protection, but in digital forensics, they act as anti-forensic because they can be difficult to analyze data during the investigation process. In this paper, finds out PIN, an access control function, through reverse engineering on Calculator - photo vault, one of the personal information protection apps, and files such as photos and documents to which encryption and hide were applied. In addition, the vulnerability to this app was analyzed by research decryption for database files where logs for encrypted and hide files are stored.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.