• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• Journal of Computing Science and Engineering
• /
• v.6 no.3
• /
• pp.179-192
• /
• 2012

This paper presents novel statistical algorithms for protecting the iTrust information retrieval network against malicious attacks. In iTrust, metadata describing documents, and requests containing keywords, are randomly distributed to multiple participating nodes. The nodes that receive the requests try to match the keywords in the requests with the metadata they hold. If a node finds a match, the matching node returns the URL of the associated information to the requesting node. The requesting node then uses the URL to retrieve the information from the source node. The novel detection algorithm determines empirically the probabilities of the specific number of matches based on the number of responses that the requesting node receives. It also calculates the analytical probabilities of the specific numbers of matches. It compares the observed and the analytical probabilities to estimate the proportion of subverted or non-operational nodes in the iTrust network using a window-based method and the chi-squared statistic. If the detection algorithm determines that some of the nodes in the iTrust network are subverted or non-operational, then the novel defensive adaptation algorithm increases the number of nodes to which the requests are distributed to maintain the same probability of a match when some of the nodes are subverted or non-operational as compared to when all of the nodes are operational. Experimental results substantiate the effectiveness of the detection and defensive adaptation algorithms for protecting the iTrust information retrieval network against malicious attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.4C
• /
• pp.451-457
• /
• 2006

A peer-to-peer(P2P) network is inherently vulnerable to malicious attacks from participating peers because of its open, flat, and autonomous nature. This paper addresses the problem of effectively defending from active attacks of malicious peers at bootstrapping phase and at online phase, respectively. We propose a secure membership handling protocol to protect the assignment of ID related things to a newly joining peer with the aid of a trusted entity in the network. The trusted entities are only consulted when new peers are joining and are otherwise uninvolved in the actions of the P2P networks. For the attacks in online phase, we present a novel message structure applied to each message transmitted on the P2P overlay. It facilitates the detection of message alteration, replay attack and a message with wrong information. Taken together, the proposed techniques deter malicious peers from cheating and encourage good peers to obey the protocol of the network. The techniques assume a basic P2P overlay network model, which is generic enough to encompass a large class of well-known P2P networks, either unstructured or not.

• Journal of Advanced Navigation Technology
• /
• v.17 no.6
• /
• pp.816-822
• /
• 2013

In modern networks, data rate is getting faster and transferred data is extremely increased. At this point, the malicious codes are evolving to various types very fast, and the frequency of occurring new malicious code is very short. So, it is hard to collect/analyze data using general networks with the techniques like traditional intrusion detection or anormaly detection. In this paper, we collect and analyze the data more effectively with cloud environment than general simple networks. Also we analyze the malicious code which is similar to real network's malware, using botnet server/client includes DNS Spoofing attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.8
• /
• pp.2214-2229
• /
• 2024

Wireless sensor network (WSN) consists of large number of sensor nodes that are deployed in geographical locations to collect sensed information, process data and communicate it to the control station for further processing. Due the unfriendly environment where the sensors are deployed, there exist many possibilities of malicious nodes which performs malicious activities in the network. Therefore, the security threats affect performance and life time of sensor networks, whereas various security aspects are there to address security issues in WSN namely Cryptography, Trust Management, Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS). However, IDS detect the malicious activities and produce an alarm. These malicious activities exploit vulnerabilities in the network layer and affect all layers in the network. Existing feature selection methods such as filter-based methods are not considering the redundancy of the selected features and wrapper method has high risk of overfitting the classification of intrusion. Due to overfitting, the classification algorithm fails to detect the intrusion in better manner. The main objective of this paper is to provide the efficient feature selection algorithm which was suitable for any type classification algorithm to detect the intrusion in an effective manner. This paper, the security of the network is addressed by proposing Feature Selection Algorithm using Chi Squared with Ensemble Method (FSChE). The proposed scheme employs the combination of decision tree along with the random forest classification algorithm to form ensemble classifier. The experimental results justify the feasibility of the proposed scheme in terms of attack detection, packet delivery ratio and time analysis by employing NSL KDD cup data Set. The obtained results shows that the proposed ensemble method increases the overall performance by 10% to 25% with respect to mentioned parameters.

• Proceedings of the IEEK Conference
• /
• 2002.06d
• /
• pp.243-246
• /
• 2002

The proliferation of digitized media(audio, image and video) is creating a processing need for copyright enforcement schemes that protect copyright ownership. we argue that a watermark must be placed in perceptually significant components of a signal if it is to be robust to signal distortions and malicious attack. In this paper, RGB coordinate image is transformed into LUV coordinate, it include the characteristics of, Human vision and then the UV component is transformed into NxN block DCT transform. we propose a technique for embedding the watermark of visually recognizable mark into the middle frequency domain of image.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.9
• /
• pp.73-78
• /
• 2016

In 2014, Wuu et al. proposed a group key management scheme based on (2,2) secret sharing. They asserted that their scheme satisfies security requirements and mutual authentication. But this paper pointed out that their scheme does not satisfy mutual authentication and impersonating attack. In this paper, we describe the reasons and processes that a malicious group member can impersonate the Group Key Distributor. To fill the gaps, we discuss the problems, and propose an improved protocol.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2003.11a
• /
• pp.733-746
• /
• 2003

In this paper, we describe the system which can protect the major information from keyboard-hacking. These days the securing information matters for pc-users are becoming more important as the internet business grows rapidly, and the ubiquitous computing environment is open for everyone. Therefore, the keyboard-inputting information is necessary to be protected properly against the malicious attack. In this paper, we propose the keyboard-hacking prevention system using a Java Card, and show the conveniency and efficiency in the results.

• Journal of Positioning, Navigation, and Timing
• /
• v.5 no.4
• /
• pp.165-172
• /
• 2016

A Global Navigation Satellite System (GNSS), which is typically exemplified by the Global Positioning System (GPS), employs a open signal structure so it is vulnerable to spoofing electronic attack using a similar malicious signal with that used in the GPS. It is necessary to require a spoofing test evaluation environment to check the risk of spoofing attack and evaluate the performance of a newly developed anti-spoofing technique against spoofing attacks. The present paper proposed a simulation method of spoofing environment based on simulator that can be implementable in a test room and analyzed the spoofing simulation performance using commercial GPS receivers. The implemented spoofing simulation system ran synchronized two GPS simulator modules in a single scenario to generate both of spoofing and GPS signals simultaneously. Because the signals are generated in radio frequency, a commercial GPS receiver can be tested using this system. Experimental test shows the availability of this system, and anti-spoofing performance of a commercial GPS receiver has been analyzed.

• IEIE Transactions on Smart Processing and Computing
• /
• v.2 no.5
• /
• pp.266-276
• /
• 2013

LSB-based steganography is a simple and well known information hiding technique. In most LSB based techniques, a secret message is embedded into a specific position of LSB in the cover pixels. On the other hand, the main threat of LSB-based steganography is steganalysis. This paper proposes an asynchronous-cellular-automata(ACA)-based steganographic method, where secret bits are embedded into the selected position inside the cover pixel by ACA rule 51 and a secret key. As a result, it is very difficult for malicious users to retrieve a secret message from a cover image without knowing the secret key, even if the extraction algorithm is known. In addition, another layer of security is provided by almost random (rule-based) selection of a cover pixel for embedding using ACA and a different secret key. Finally, the experimental results show that the proposed method can be secured against the well-known steganalysis RS-attack.