• Convergence Security Journal
• /
• v.15 no.1
• /
• pp.3-9
• /
• 2015

In this paper, a detection technique of smishing using a TaintDroid is suggested. Suggesting system detects malicious acts by transmitting a URL to the TaintDroid server and installing a relevant application to a virtual device of the TaintDroid server, when a smartphone user receives a text message including the URL suspected as a smishing. Through this we want to distinguish an application that can not install because of suspicion of a smishing in an actual smartphone whether said application is malicious application or not by testing with the virtual device of said system. The detection technique of a smishing using the TaintDroid suggested in this paper is possible to detect in a new form a smishing with a text message and to identifying which application it is through analysis of results from a user.

• Journal of KIISE
• /
• v.43 no.3
• /
• pp.275-288
• /
• 2016

In this paper, we investigate the security issues of the Android platform which dominates the global market of smart mobile devices. The current permission model for Android security is not powerful and has two problems. One is the coarse-grained relationship between permissions and methods which require them. The other is that mobile users do not have rights to control the permissions of the application. To solve these problems, we propose MacDroid which can control the platform's resources for accessing installed applications. Users can control the application's behavior via MacDroid's policy. We have divided the permission set into method units. The results of the performance test using a pure Android platform show that our proposed scheme can improve security within a short time.

• Journal of KIISE
• /
• v.41 no.9
• /
• pp.707-714
• /
• 2014

In general, the benign apps transmit privacy information to the external to provide service to users as the malicious app does. In other words, the behavior of benign apps is similar to the one of malicious apps. Thus, the benign app can be easily manipulated for malicious purposes. Therefore, the malicious apps as well as the benign apps should notify the users of the possibility of privacy information leakage before installation to prevent the potential malicious behavior. In this paper, We propose the method to detect leakage of privacy information on the android app by analyzing API inter-dependency and shortest distance. Also, we present LeakDroid which detects leakage of privacy information on Android with the above method. Unlike dynamic approaches, LeakDroid analyzes Android apps on market site. To verify the privacy information leakage detection of LeakDroid, we experimented the well-known 250 malicious apps and the 1700 benign apps collected from Android Third party market. Our evaluation result shows that LeakDroid reached detection rate of 96.4% in the malicious apps and detected 68 true privacy information leakages inside the 1700 benign apps.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.4
• /
• pp.2180-2197
• /
• 2019

With the proliferation of the Android malicious applications, malware becomes more capable of hiding or confusing its malicious intent through the use of code obfuscation, which has significantly weaken the effectiveness of the conventional defense mechanisms. Therefore, in order to effectively detect unknown malicious applications on the Android platform, we propose DroidVecDeep, an Android malware detection method using deep learning technique. First, we extract various features and rank them using Mean Decrease Impurity. Second, we transform the features into compact vectors based on word2vec. Finally, we train the classifier based on deep learning model. A comprehensive experimental study on a real sample collection was performed to compare various malware detection approaches. Experimental results demonstrate that the proposed method outperforms other Android malware detection techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.169-176
• /
• 2016

Android platform is designed to be user-friendly, yet sometimes its convenience introduces vulnerabilities that normal users cannot justify. In this paper, after making an overview of popular open source analysis tools for android applications, we point out the dangerous use of Permission Group in current Google Policy, and suggest a technique to mitigate the risks of privilege escalation that attackers are taking advantage of. By conducting the investigation of 21,064 malware samples, we conclude that the proposed technique is considered effective in detecting insecure application update, as well as giving users the heads-up in security awareness.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.27-35
• /
• 2018

The certificate is electronic information issued by an accredited certification body to certify an individual or to prevent forgery and alteration between communications. Certified certificates are stored in PCs and smart phones in the form of encrypted files and are used to prove individuals when using Internet banking and smart banking services. Among the rapidly growing Android-based malicious applications are malicious apps that leak personal information, especially certificates that exist in the form of files. This paper proposes a method for judging whether malicious codes leak certificates by using DroidBox, an Android-based dynamic analysis tool.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2736-2754
• /
• 2015

Android dominates the mobile operating system market, which stimulates the rapid spread of mobile malware. It is quite challenging to detect mobile malware. System call sequence analysis is widely used to identify malware. However, the malware detection accuracy of existing approaches is not satisfactory since they do not consider correlation of system calls in the sequence. In this paper, we propose a new scheme called Artificial Neural Networks (ANNs) on Co-occurrence Matrices Droid (ANNCMDroid), using co-occurrence matrices to mine correlation of system calls. Our key observation is that correlation of system calls is significantly different between malware and benign software, which can be accurately expressed by co-occurrence matrices, and ANNs can effectively identify anomaly in the co-occurrence matrices. Thus at first we calculate co-occurrence matrices from the system call sequences and then convert them into vectors. Finally, these vectors are fed into ANN to detect malware. We demonstrate the effectiveness of ANNCMDroid by real experiments. Experimental results show that only 4 applications among 594 evaluated benign applications are falsely detected as malware, and only 18 applications among 614 evaluated malicious applications are not detected. As a result, ANNCMDroid achieved an F-Score of 0.981878, which is much higher than other methods.

• Journal of Korean Society of Archives and Records Management
• /
• v.12 no.3
• /
• pp.29-46
• /
• 2012

Electronic records are merely series of bits without understanding the formats of content files. There are numerous types of formats and also possibilities of extinction. For long term preservation, it is essential to understand and manage formats. In addition to managing format itself, accurate information on the format needs to be stored for electronic records. In this study, various types of electronic files, without checking with the naked eye, has developed a tool to extract the header information in the format of electronic files with the file extension validation tool to compare format and validate digital component.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.229-232
• /
• 2010

Smart Phone is the increasing use. Smart Phone can be run on that New or videos you want to connect to the Internet for downloading and viewing applications. But the wireless Internet have been found that Due to the vulnerability of the Internet, Smart Phone security vulnerabilities. This paper analyzes the vulnerability. Smart Phone droid that occur when connecting to the Internet. For information on Smart Phone to use to analyze network packet analysis and packet capture tools. Analysis is based on information from the Internet when you use Smart Phone Hack will demonstrate the process. Messenger, ID, to confirm the password, the actual internet ID, password access to the personal information that can be seized. In this study, hacking and security of the Smart Phone will contribute to the research process that Internet information and communication powers to strengthen the security of Korea.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.3
• /
• pp.522-532
• /
• 2012

Smartphones and smartpads have a lot of advantages such as high convenience and portability. Also, they can effectively manage enormous amounts of information based on their high performance and plentiful applications. As such devices have been frequently used, many users manage various types of information using the devices. Recently, during conferences or seminars, smart device users often try to utilize stored resources on their devices and present them visually. Unfortunately, since smart devices have small displays, there is an essential difficulty in visual sharing of information. In this paper, we propose a method which integrates screens of several android smart devices and supports sharing of the integrated screen through a large display, presenting a screen sharing system for android smart devices. The developed system integrates display screens of several smart devices into a screen and shows the integrated screen through a large display connected to a desktop computer. In addition, to support the effective sharing of screens, the system provides functions for adjusting the number and the size of screens on a large display. The functions are controlled on a smart device and/or a desktop computer.