• Title/Summary/Keyword: Mobile Hacking

Search Result 77, Processing Time 0.024 seconds

A Design of Secure Communication Framework for Device Management and User Authentication in Wireless Network Environment (무선 네트워크 환경에서 기기 관리 및 사용자 인증을 위한 안전한 통신 프레임워크 설계)

  • Park, JungOh
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.15 no.2
    • /
    • pp.43-52
    • /
    • 2019
  • The recent technological developments of smart devices, multiple services are provided to enhance the users' quality of life including smart city, smart energy, smart car, smart healthcare, smart home, and so on. Academia and industries try to provide the users with convenient services upon seamless technological research and developments. Also, whenever and wherever a variety of services can be used without any limitation on the place and time upon connecting with different types of devices. However, security weaknesses due to integrations of multiple technological elements have been detected resulting in the leakage of user information, account hacking, and privacy leakage, threats to people's lives by device operation have been raised. In this paper, safer communication framework is suggested by device control and user authentication in the mobile network environment. After implementations of registration and authentication processes by users and devices, safe communication protocol is designed based on this. Also, renewal process is designed according to the safe control of the device. In the performance evaluation, safety was analyzed on the attack of protocol change weakness occurred in the existing system, service halt, data leakage, illegal operation control of message, and so on, which confirmed the enhanced speed approximately by 8% and 23% in the communication and verification parts, respectively, compared to the existing system.

A Study on the Integrated Account Management Model (위험기반 통합계정관리모델에 관한 연구)

  • Kang, Yong-Suk;Choi, Kook-Hyun;Shin, Yong-Tae;Kim, Jong-Bae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.10a
    • /
    • pp.947-950
    • /
    • 2014
  • The recent APT attacks including cyber terror are caused by a high level of malicious codes and hacking techniques. This implies that essentially, advanced security management is required, from the perspective of 5A. The changes of IT environment are represented by Mobile, Cloud and BYOD. In this situation, the security model needs to be changed, too into the Airport model which emphasizes prevention, and connection, security and integration of functions from the existing Castle model. This study suggested an application method of the risk-based Airport model to the cyber security environment.

  • PDF

A Study on SmartPhone Hacking and Forensic of Secondary Damage caused by Leakage of Personal Information (개인정보유출 2차 피해로 인한 스마트폰 Smishing 해킹과 Forensic 연구)

  • Park, In-woo;Park, Dea-woo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2014.05a
    • /
    • pp.273-276
    • /
    • 2014
  • In 2014, the leakage of personal information from 3 credit card companies resulted in divulging approximately 10,000 customers' personal information. Although the credit card companies concluded that there was no secondary loss due to the leakage of personal information, secondary financial losses resulting from the leakage of personal information currently occur. In particular, hackers who employ smishing masquerade acquaintances by using the divulged personal information to ask payment for Ms. Kim's Sochi Olympics legal processing or exposed traffic violations. The hackers cause secondary financial losses through smartphones. This study aims to conduct a forensic analysis of smishing incidents in smartphones through the leakage of personal information, and to make a forensic analysis of financial losses due to the smishing incidents.

  • PDF

Improvement of Digital Identify Proofing Service through Trend Analysis of Online Personal Identification

  • JongBae Kim
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.15 no.4
    • /
    • pp.1-8
    • /
    • 2023
  • This paper analyzes the trends of identification proofing services(PIPSs) to identify and authenticate users online and proposes a method to improve PIPS based on alternative means of resident registration numbers in Korea. Digital identity proofing services play an important role in modern society, but there are some problems. Since they handle sensitive personal information, there is a risk of information leakage, hacking, or inappropriate access. Additionally, online service providers may incur additional costs by applying different PIPSs, which results in online service users bearing the costs. In particular, in these days of globalization, different PIPSs are being used in various countries, which can cause difficulties in international activities due to lack of global consistency. Overseas online PIPSs include expansion of biometric authentication, increase in mobile identity proofing, and distributed identity proofing using blockchain. This paper analyzes the trend of PIPSs that prove themselves when identifying users of online services in non-face-to-face overseas situations, and proposes improvements by comparing them with alternative means of Korean resident registration numbers. Through the proposed method, it will be possible to strengthen the safety of Korea's PIPS and expand the provision of more reliable identification services.

Detecting Knowledge structures in Artificial Intelligence and Medical Healthcare with text mining

  • Hyun-A Lim;Pham Duong Thuy Vy;Jaewon Choi
    • Asia pacific journal of information systems
    • /
    • v.29 no.4
    • /
    • pp.817-837
    • /
    • 2019
  • The medical industry is rapidly evolving into a combination of artificial intelligence (AI) and ICT technology, such as mobile health, wireless medical, telemedicine and precision medical care. Medical artificial intelligence can be diagnosed and treated, and autonomous surgical robots can be operated. For smart medical services, data such as medical information and personal medical information are needed. AI is being developed to integrate with companies such as Google, Facebook, IBM and others in the health care field. Telemedicine services are also becoming available. However, security issues of medical information for smart medical industry are becoming important. It can have a devastating impact on life through hacking of medical devices through vulnerable areas. Research on medical information is proceeding on the necessity of privacy and privacy protection. However, there is a lack of research on the practical measures for protecting medical information and the seriousness of security threats. Therefore, in this study, we want to confirm the research trend by collecting data related to medical information in recent 5 years. In this study, smart medical related papers from 2014 to 2018 were collected using smart medical topics, and the medical information papers were rearranged based on this. Research trend analysis uses topic modeling technique for topic information. The result constructs topic network based on relation of topics and grasps main trend through topic.

A Study on the Usage Behavior of Public Library Website through an Analysis of Web Traffic (웹 트래픽 분석을 통한 공공도서관 웹사이트 이용행태에 관한 연구)

  • Kang, Munsil;Kim, Seonghee
    • Journal of the Korean BIBLIA Society for library and Information Science
    • /
    • v.32 no.4
    • /
    • pp.189-212
    • /
    • 2021
  • The purpose of this study is to analyze an usage behavior for the public library website through web traffic. For this purpose, using Google Analytics and growth hacking technique, the data of A public library website log was analyzed for three months from August 1, 2021 to October 31, 2021. As a result of the study, the young age group of 18-24 years old and 25-34 years old recorded a high rate of new member registration, & it was found that the inflow rate through SNS was high for external inflows. As a result of analysis for the access rate by time, it was found that the time with the highest inflow rate was between 10 am and 11 am both on Wednesday and Friday. As a access channel, the access rate using mobile (64.90%) was quite high, but at the same time, the bounce rate (27.20%) was higher than the average (24.93%), & the rate of duration time (4 minutes 33 seconds) was lower than thee average (5 minutes 22 seconds). Finally, it was found that the utilization rate of reading program events and online book curation service, which the library focuses on producing and promoting, is very low. These research results can be used as basic data for future improvement of public library websites.

A Case Study on Implementation of Mobile Information Security (모바일 정보보안을 위한 실시간 모바일 기기 제어 및 관리 시스템 설계.구현 사례연구)

  • Kang, Yong-Sik;Kwon, Sun-Dong;Lee, Kang-Hyun
    • Information Systems Review
    • /
    • v.15 no.2
    • /
    • pp.1-19
    • /
    • 2013
  • Smart working sparked by iPhone3 opens a revolution in smart ways of working at any time, regardless of location and environment. Also, It provide real-time information processing and analysis, rapid decision-making and the productivity of businesses, including through the timely response and the opportunity to increase the efficiency. As a result, every company are developing mobile information systems. But company data is accessed from the outside, it has problems to solve like security, hacking and information leakage. Also, Mobile devices such as smart phones belonging to the privately-owned asset can't be always controlled to archive company security policy. In the meantime, public smart phones owned by company was always applied security policy. But it can't not apply to privately-owned smart phones. Thus, this paper is focused to archive company security policy, but also enable the individual's free to use of smart phones when we use mobile information systems. So, when we use smart phone as individual purpose, the normal operation of all smart phone functions. But, when we use smart phone as company purpose like mobile information systems, the smart phone functions are blocked like screen capture, Wi-Fi, camera to protect company data. In this study, we suggest the design and implementation of real time control and management of mobile device using MDM(Mobile Device Management) solution. As a result, we can archive company security policy and individual using of smart phone and it is the optimal solution in the BYOD(Bring Your Own Device) era.

  • PDF

Enhanced Method for Preventing Malware by Detecting of Injection Site (악성코드 인젝션 사이트 탐지를 통한 방어효율 향상방안)

  • Baek, Jaejong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.20 no.7
    • /
    • pp.1290-1295
    • /
    • 2016
  • Recently, as mobile internet usage has been increasing rapidly, malware attacks through user's web browsers has been spreading in a way of social engineering or drive-by downloading. Existing defense mechanism against drive-by download attack mainly focused on final download sites and distribution paths. However, detection and prevention of injection sites to inject malicious code into the comprised websites have not been fully investigated. In this paper, for the purpose of improving defense mechanisms against these malware downloads attacks, we focus on detecting the injection site which is the key source of malware downloads spreading. As a result, in addition to the current URL blacklist techniques, we proposed the enhanced method which adds features of detecting the injection site to prevent the malware spreading. We empirically show that the proposed method can effectively minimize malware infections by blocking the source of the infection spreading, compared to other approaches of the URL blacklisting that directly uses the drive-by browser exploits.

Design and Implementation of XML Encryption and Digital signature API for Mobile Environment (모바일 환경에서 XML 암호화 및 전자서명 API 설계 및 구현)

  • Cho, Tae-Beom;Ryu, Hwang;Park, Jeong-Yong;Jung, Hoe-Kyung
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.14 no.6
    • /
    • pp.1416-1422
    • /
    • 2010
  • Various other platforms have appeared due to the abolishment of WIPI requirement and increased problems related with hacking and security. Since levels consisting of these platforms are composed of various APIs (Application Programming Interfaces) which are not standardized, other ways must be considered to protect data which are transferred using XML formats. Therefore, XML encryption API and XML digital signature API for data protection and certification, which are both responsible to define mark-up languages for XML encryption and digital signature respectively, were designed in this paper. The simulation system which played the role of the server and client between two terminal units was realized to validate the APIs.

Secure Authentication Protocol in Hadoop Distributed File System based on Hash Chain (해쉬 체인 기반의 안전한 하둡 분산 파일 시스템 인증 프로토콜)

  • Jeong, So Won;Kim, Kee Sung;Jeong, Ik Rae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.5
    • /
    • pp.831-847
    • /
    • 2013
  • The various types of data are being created in large quantities resulting from the spread of social media and the mobile popularization. Many companies want to obtain valuable business information through the analysis of these large data. As a result, it is a trend to integrate the big data technologies into the company work. Especially, Hadoop is regarded as the most representative big data technology due to its terabytes of storage capacity, inexpensive construction cost, and fast data processing speed. However, the authentication token system of Hadoop Distributed File System(HDFS) for the user authentication is currently vulnerable to the replay attack and the datanode hacking attack. This can cause that the company secrets or the personal information of customers on HDFS are exposed. In this paper, we analyze the possible security threats to HDFS when tokens or datanodes are exposed to the attackers. Finally, we propose the secure authentication protocol in HDFS based on hash chain.