• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1175-1184
• /
• 2014

Android provides a message-passing mechanism called intent. While it helps easy developments of communications between intra and inter applications, it can be vulnerable to attacks. In particular, implicit intent, differing from explicit intent specifying a receiving component, does not specify a component that receives a message and insecure ways of using implicit intents may allow malicious applications to intercept or forge intents. In this paper, we focus on security vulnerabilities of implicit intent and review researched attacks and solutions. For the case of implicit intent using 'developer-created action', specific attacks and solutions have been published. However, for the case of implicit intent using 'Android standard action', no specific attack has been found and less studied. In this paper, we present a new attack on implicit intent using Android standard action and propose solutions to protect smart phones from this attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1341-1351
• /
• 2015

As the popularization of smartphone increases the number of various applications, the number of malicious applications also grows rapidly through the third party App Market or black market. This paper suggests an investigation filter, Androfilter, that detects the fabrication of APK file effectively. Whereas the most of antivirus software uses a separate server to collect, analyze, and update malicious applications, Androfilter assumes Google Play as the trusted party and verifies integrity of an application through a simple query to Google Play. Experiment results show that Androfilter blocks brand new malicious applications that have not been reported yet as well as known malicious applications.

• Journal of Broadcast Engineering
• /
• v.24 no.1
• /
• pp.105-117
• /
• 2019

Current Android smartphones include about 25 to 35 essential applications(unerasable) related to function and operation of the android smartphone itself and about 30 optional applications(removable) provided by carriers, Google and manufacturers. These applications were not able to be removed until the announcement of the smartphone applications pre-install guide from the government in January 2014, so there were memory limitations in installing new applications, causing consumer complaints by consuming data during the auto-update process of the pre-installed applications. After the announcement, we were able to delete optional applications but the complaints about the data consumption still did not disappear. Therefore, in this paper, we carried out the customer survey and analyzed the behavior information such as how carriers are operating pre-installed applications and what kind of applications customer prefers and how many applications customer wants to be pre-installed. And we proposed how to configure pre-install applications on smartphone for customer needs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.679-691
• /
• 2016

As vehicle started to contain many different communication devices, collecting external information became possible in IoT environment. In such environment, remotely controling vehicle is possible when vehicle information is obtained by looking in to vehicle network through smart device. However, android based smart device applications are vulnerable to malicious modulation and redistribution. Modulated android application can lead to vehicle information disclosure that could bring about vehicle control accident which becomes threat to drivers. furthermore, since vehicles today does not contain security methods to protect it, they are very vulnerable to security threats which can cause serious damage to users and properties. In this paper, many different vehicle management android applications that are sold in Google Play has been analyzed. With this information, possible threats that could happen in vehicle management applications are being analysed to prove the risks. the experiment is done on actual vehicle to prove the risks. Also, access control method to protect the vehicle against malicious actions that could happen through external network in IoT environment is suggested in the paper.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.4
• /
• pp.1017-1023
• /
• 2015

The amount of smart phones has increased exponentially. Due to the periodic release of high-performance smart phones and upgraded operating system, new smart phones become out-dated over 1 or 2 years. In order to solve environmental constraints of these smart phones, virtualization technology using Thin-Client terminal has been developed. However, in the case of Virtual Machine(VM), the applications associated with sensors and a GPS device can not run because they are not included. In this paper, by implementing the device driver for Android running in a virtual machine in the x86-based systems, it is to provide Android virtualization capabilities such as using the latest smart phones in the virtual machine environment. It would like to propose a method that the virtual device driver receives sensors and GPS information from the old Android smart phones(Thin-Client) that actually work and run as if the real device exists.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.1-10
• /
• 2020

The mobile application based on the Android platform is simple to decompile, making it possible to create malicious applications similar to normal ones, and can easily distribute the created malicious apps through the Android third party app store. In this case, the Android malicious application in the smartphone causes several problems such as leakage of personal information in the device, transmission of premium SMS, and leakage of location information and call records. Therefore, it is necessary to select a optimal model that provides the best performance among the machine learning techniques that have published recently, and provide a technique to automatically identify malicious Android apps. Therefore, in this paper, after adopting the feature engineering to Android apps on official test set, a total of four performance evaluation experiments were conducted to select the machine learning model that provides the optimal performance for Android malicious app detection.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.9 no.4
• /
• pp.237-243
• /
• 2014

In this paper we present an real-time obstacle avoidance technique of autonomous mobile robot with steering system and implementation of user interface for mobile devices with Android platform. The direction of autonomous robot is determined by virtual force field concept, which is based on the distance information acquired from 5 ultrasonic sensors. It is converted to virtual repulsive force around the autonomous robot which is inversely proportional to the distance. The steering system with PD(proportional and derivative) controller moves the mobile robot to the determined target direction. We also use PSD(position sensitive detector) sensors to supplement ultrasonic sensors around dead angle area. The mobile robot communicates with Android mobile device and PC via Ethernet. The video information from CMOS camera mounted on the mobile robot is transmitted to Android mobile device and PC. And the user can control the mobile robot manually by transmitting commands on the user interface to it via Ethernet.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.614-616
• /
• 2010

Recently, there is increasing concern about smart phone due to the release of iPhone and Android phone. So, There are many kinds of application in smart phone, and applications using multimedia contents is increasing. The famous codecs for Image and video are JPEG, MPEG and h.264, which is popular recently as a vedeo codec because of its high compression ratio compared with the other video codecs. In this paper, we will divide Jpeg Sequence to each Jpeg and will display that Jpeg looks like a video continuously in Android. And we will show you the simulation result.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.27-35
• /
• 2018

The certificate is electronic information issued by an accredited certification body to certify an individual or to prevent forgery and alteration between communications. Certified certificates are stored in PCs and smart phones in the form of encrypted files and are used to prove individuals when using Internet banking and smart banking services. Among the rapidly growing Android-based malicious applications are malicious apps that leak personal information, especially certificates that exist in the form of files. This paper proposes a method for judging whether malicious codes leak certificates by using DroidBox, an Android-based dynamic analysis tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.285-294
• /
• 2014

As the utilization rate of smart device increases, various applications for smart device have been developed. Since these applications can contain important data related to user behaviors in digital forensic perspective, the analysis of them should be conducted in advance. However, lots of applications get to have new data format or type when they are updated. Therefore, whether the applications are updated or not should be checked one by one, and if they are, whether their data are changed should be also analyzed. But observing application data repeatedly is a time-consuming task, and that is why the effective method for dealing with this problem is needed. This paper suggests the automatic system which gets updated information and checks changed data by collecting application information.