• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.405-415
• /
• 2020

With the increase in smartphone user, mobile forensics has become an essential element in modern digital forensic investigation. Mobile messenger data is very important data in mobile forensics because it can acquire information such as user's life pattern and mental state. In order to analyze messenger data, a decryption technique of an encrypted messenger data is required. Since most messengers provide a message deleting function, a technique for recovering deleted messages is required. WeChat Messenger, a messenger used by about 1 billion people around the world, uses IMEI (International Mobile Equipment Identity) information to encrypt data and provides message deletion function. In this paper, we propose a data decryption method in the absence of IMEI information and propose a method for recovering deleted messages using FTS (Full Text Search) database created for full-text search function of SQLite database.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.271-274
• /
• 2013

From February 18, 2013, an information and communications service provider, we will not be able to collect the resident registration number by paragraph 2 of Article 23 of the Act on the Promotion of the use and protection of information and information network. Rather than a revision in accordance with resident registration number, than these laws, it had been used in the alternative, such as OTP authentication phone authentication I-PIN authentication of certificates that are recognized as such authentication. In this paper, we propose a new online identity authentication technology was and Utilization of IMEI, the OTP to introduce online identity authentication technology replacing the resident registration number.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.5
• /
• pp.1117-1124
• /
• 2015

This paper explains a web session management system for mobile web environment with BYOD(Bring Your Own Device). This system operates by enhanced secure session token. This system consists of an unique identifier, time stamp, and encryption algorithm. The Unique identifier in this system classifies each mobile device for web security based on mobile environment with BYOD. And the Time stamp in this system that determine session effectiveness for web security. Also the Cipher algorithm in this system that protects session token information for web security. This paper analysis a security of session management system running on mobile web environment using the simulation techniques. The proposed method is more suitable than the other methods under enviroment mobile web environment with BYOD.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.7
• /
• pp.1393-1400
• /
• 2017

As the number of smartphone users increases, vulnerability to privacy protection is increasing. This is because personal information is stored on various servers connected to the Internet and the user is authenticated using the same ID and password. Authentication methods such as OTP, FIDO, and PIN codes have been introduced to solve traditional authentication methods, but their use is limited for authentication that requires sharing with other users. In this paper, we propose the authentication method that is needed for the management of shared information such as hospitals and corporations. The proposed algorithm is an algorithm that can authenticate users in the same place in real time using smart phone IMEI, QR code, BLE, push message. We propose an authentication algorithm that can perform user authentication through mutual cooperation using a smart phone and can cancel realtime authentication. And we designed and implemented a mutual authentication system using proposed algorithm.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2014.01a
• /
• pp.349-352
• /
• 2014

본 논문에서는 WCDMA, LTE에 이르기까지 USIM을 사용한 국내 이동통신서비스 시장에서 단말기정보를 사용하여 USIM에 의한 사용자 인증을 제한하여 이용자의 정상적인 통신서비스의 이용을 제한하는 현상이 벌어지고 있는것과 관련하여 국내에서 USIM을 사용하기 시작한 뒤부터 최근에 이르기까지 어떻게 이용자의 USIM 사용을 제한하여 장치 활용성을 저해하여 왔는지에 대한 방법과, 이로 인하여 유비쿼터스 컴퓨팅의 5-Any 중(中) 하나인 Any-Device성(性)을 저해하는 현상과 영향에 대하여 논한다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.79-82
• /
• 2011

Smart Phone의 사용이 증대되고, 서비스가 향상되면서, Smart Phone 사용자의 요구를 반영한 다양한 애플리케이션이 개발되고 있다. 또한, Smart Phone에 탑재되어 있는 GPS 모듈을 이용한 애플리케이션도 개발되고 있다. 본 논문에서는 Smart Phone의 국제 기기 식별번호(IMEI)를 이용하여, GPS 신호로부터 분석된 위도좌표, 경도좌표를 서버로 전송하고, 특정 Smart Phone의 현재 위치를 역추적 할 수 있는 Smart Phone 위치 역추적 애플리케이션을 연구한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1134-1137
• /
• 2010

공인인증서를 사용하는 스마트폰 응용에서는 공인인증서를 스마트폰의 내부 메모리에 내장하거나 SD 메모리에 저장하여 스마트폰에 설치된 응용 프로그램이 이를 접근하는 방법을 사용한다. 그러나 공인인증서를 스마트폰의 메모리에 저장하여 사용하는 경우, 공인인증서의 암호만 알면 타인의 공인인증서를 임의의 스마트폰에 설치하여 사용할 수 있다는 문제점을 안고 있다. 이와 같은 문제점을 해결하고 메모리에 저장되는 공인인증서의 보안성을 높이기 위하여 본 논문에서는 스마트폰의 IMEI와 USIM의 IMSI를 키로 사용하여 스마트폰과 사용자를 식별함으로써 특정한 개인의 스마트폰에서만 해당 개인의 공인인증서를 사용할 수 있도록 하는 방법을 제안하고, 그 효율성을 분석하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.248-251
• /
• 2010

Smart Phones from a PC using the Internet using a multimedia data service provides a scalable and user convenience is provided in the form of an application. Wired and wireless communications, especially with the reduction of royalty free WiFi or the Internet to download the application program on the PC you're using on the Smart Phone. In this paper, the location API in Android-based Smart Phone, using GPS coordinates identified in the latitude and longitude coordinates can be transferred to the server, Android Smart Phone to know the possibility of retracing the location. You are smart trace back information from the user application program design, development, and real-time GPS location signals combined backtrack to read the GPS location in Google Earth application is to study the trace back.

• International Journal of Computer Science & Network Security
• /
• v.21 no.9
• /
• pp.303-316
• /
• 2021

Digital content protection has recently become an important requirement in biometrics-based authentication systems due to the challenges involved in designing a feasible and effective user authentication method. Biometric approaches are more effective than traditional methods, and simultaneously, they cannot be considered entirely reliable. This study develops a reliable and trustworthy method for verifying that the owner of the biometric traits is the actual user and not an impostor. Watermarking-based approaches are developed using a combination of a color face image of the user and a mobile equipment identifier (MEID). Employing watermark techniques that cannot be easily removed or destroyed, a blind image watermarking scheme based on fast discrete curvelet transform (FDCuT) and discrete cosine transform (DCT) is proposed. FDCuT is applied to the color face image to obtain various frequency coefficients of the image curvelet decomposition, and for high frequency curvelet coefficients DCT is applied to obtain various frequency coefficients. Furthermore, mid-band frequency coefficients are modified using two uncorrelated noise sequences with the MEID watermark bits to obtain a watermarked image. An analysis is carried out to verify the performance of the proposed schema using conventional performance metrics. Compared with an existing approach, the proposed approach is better able to protect multimedia data from unauthorized access and will effectively prevent anyone other than the actual user from using the identity or images.

• The Journal of the Korea Contents Association
• /
• v.16 no.8
• /
• pp.90-96
• /
• 2016

The 3390 million people, around 83% of the adult population in Korea use smartphone. Although the safety problem of the certificate has been occurred continuously, most of these users use the certificate. These safety issues as a solution to 'The owner of a mobile phone using SMS authentication technology', 'Biometric authentication', etc are being proposed. but, a secure and reliable authentication scheme has not been proposed for replace the certificate yet. and there are many attacks to steal the certificate and private key. For these reasons, security experts recommend to store the certificate and private key on usb flash drive, security tokens, smartphone. but smartphones are easily infected malware, an attacker can steal certificate and private key by malicious code. If an attacker snatchs the certificate, the private key file, and the password for the private key password, he can always act as valid user. In this paper, we proposed a safe way to keep the private key on smartphone using smartphone's unique information and user password. If an attacker knows the user password, the certificate and the private key, he can not know the smart phone's unique information, so it is impossible to use the encrypted private key. Therefore smartphone user use IT service safely.