• Journal of KIISE
• /
• v.41 no.9
• /
• pp.707-714
• /
• 2014

In general, the benign apps transmit privacy information to the external to provide service to users as the malicious app does. In other words, the behavior of benign apps is similar to the one of malicious apps. Thus, the benign app can be easily manipulated for malicious purposes. Therefore, the malicious apps as well as the benign apps should notify the users of the possibility of privacy information leakage before installation to prevent the potential malicious behavior. In this paper, We propose the method to detect leakage of privacy information on the android app by analyzing API inter-dependency and shortest distance. Also, we present LeakDroid which detects leakage of privacy information on Android with the above method. Unlike dynamic approaches, LeakDroid analyzes Android apps on market site. To verify the privacy information leakage detection of LeakDroid, we experimented the well-known 250 malicious apps and the 1700 benign apps collected from Android Third party market. Our evaluation result shows that LeakDroid reached detection rate of 96.4% in the malicious apps and detected 68 true privacy information leakages inside the 1700 benign apps.

• Journal of Convergence Society for SMB
• /
• v.2 no.1
• /
• pp.51-58
• /
• 2012

Android platform is a powerful operating system developed on Linux 2.6 Kernel, and provides many features such as comprehensive libraries, a multimedia environment, and powerful interface for phone applications. Since Android is an open operating system, which can be installed in any vendors's equipments. Current smartphones as well as netbooks, navigations, car PCs, tablet PCs, Industrial PCs are used in various fields. It is difficult a lot that to mount to other devices on the Android platform or new devices. In this Paper, The process that data that occurred from a hardware was passed to the highest application and Android platform system for managing hardware devices were analyzed. Building Android & driver compilation environment, How to support the protocol for the use of WiFi in the kernel, How to Mount a WiFi device in the kernel, Device driver registration for the Android platform, WiFi Management Service Daemon (wpa_supplicant) and IP allocation services daemon (dhcpcd) registration, How to create a socket for communication between the daemon (wpa_supplicant) and HAL have been presented. In the experiment using the proposed method, WiFi devices were mounted on the Android platform in the X-86 & ARM family. Understanding the whole process of control flow in Android hierarchy is very important to porting a new device on it. The process included in this paper can help technicians who might encounter the obstacles in their porting works.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1551-1559
• /
• 2015

Recently, the performance of smart devices is almost similar to that of the existing PCs, thus the users of smart devices can perform similar works such as messengers, SNSs(Social Network Services), smart banking, etc. originally performed in PC environment using smart devices. Although the development of smart devices has led to positive impacts, it has caused negative changes such as an increase in security threat aimed at mobile environment. Specifically, the threats of mobile devices, such as leaking private information, generating unfair billing and performing DDoS(Distributed Denial of Service) attacks has continuously increased. Over 80% of the mobile devices use android platform, thus, the number of damage caused by mobile malware in android platform is also increasing. In this paper, we propose android based malware detection mechanism using time-series analysis, which is one of statistical-based detection methods.We use auto-regressive moving-average model which is extracting accurate predictive values based on existing data among time-series model. We also use fast and exact malware detection method by extracting possible malware data through Z-Score. We validate the proposed methods through the experiment results.

• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.28 no.6
• /
• pp.25-34
• /
• 2010

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.177-185
• /
• 2016

As the fintech industry is growing at an incredible rate, mobile phones are positioned as the most important tool for financial transaction. However, with a rising number of malware applications, the types of attack and illegal access to mobile device are becoming more diverse and sophisticated. This paper studies the potential keylogger attack by exploiting the Accessibility Service in Android framework. This type of attack allows the malicious individual to use keylogger on the victim's Android mobile phone to steal passwords during mobile financial transaction regardless of security keypad setting. Lastly the paper proposes solutions to counter these types of attack by verifying the accessibility usage and amending the application guideline for accessibility.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.6
• /
• pp.2707-2712
• /
• 2012

Desktop-based computing environment is changed into mobile computing using smart phone and cloud computing providing common behavior and big data by network. Because of this transformation software development and operating environment is changed into heterogeneous distributed environment. As a result, dynamic service composition or changement is required. However, there is few research of techniques supporting service composition or changement dynamically in this situation. This paper suggests a technique for customizing services dynamically of mobile applications based on android platform. Especially we propose a customization technique of service by applying ontology technique to improve sharing and reuse of service. We applied proposed technique into meeting notification system, and obtain that it can be customized into various services such as email, sms, twitter service, and so on.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.11
• /
• pp.1323-1330
• /
• 2014

As for civil service support, the interaction between citizens as well as the government and citizens has an important value, and the participation between citizens be very important. The interaction between these citizens can lead to spreading the use of the app by getting them to share their status information with an specified number of people in the public service such as a social network service. Mobile-based social network service has various built-in sensors to increase the interaction between the government and citizens and post the status information of users on SNS. In this regard, this paper proposed a social network application for civil services based on the Android by using location-based context information. Experimental results showed that since the application proposed in this paper can be applied to low-performance system and exhibits high performance, it can allow users located at a short distance to detect new information and share contents by adding the content to SNS which is the closest to the location of users.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.11
• /
• pp.870-878
• /
• 2013

The objective of this paper is to develop mobile-based PACS(Picture Archiving Communication System: mPACS) for diagnostic medical image service available via Android-based mobile smartphone. The proposed mPACS provides an integrated platform for mobile application of diagnostic medical images stored in hospital PACS, and allows the smartphone to store, retrieve, manipulate and transfer the diagnostic medical images. Then, the mPACS platform includes the following features for use in the Android framework (i. e., diagnostic medical image processing) : transfer protocols between PACS, mPACS and smartphone, image format converter, JPEG and JPEG2000 coders, text and avatar search, and etc. This mPACS is shown to be useful and effective in providing a solution for mobile-based diagnostic medical image service.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.72-80
• /
• 2016

Recently, IM(Instant Messenger) of KakaoTalk is being used on smart devices such as smartphones. Because IM service can carry user and/or suspector's various information including life style, geographical position, psychology and crime history, forensic analysis on IM service is desirable. But, forensic analysis for KakaoTalk is not well studied yet. This paper studies a proper forensic method for KakaoTalks, finds artifacts location, reconstruct the list of contacts and the chronology of the messages that have been exchanged by users. Proposed methodology and analyzed information can provide a basic platform for forensic tool.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.5
• /
• pp.275-281
• /
• 2012

A streaming service is considered as an important fact to listen musics at mobile device in the popular smart-phone era. An apple's HTTP Live Streaming method is used in iOS and a RTSP(Real-time Streaming Protocol) method is used in Android OS. A Wowza Media Sever will be used to support both apple and android mobile streaming. This paper describes a design and implementation of smart-phone app. to record user's songs by userself with smart-phone recording function, upload to the streaming server and to service real-time mobile streaming play for an user's selected song and provide song sharing SNS functions.