• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.3
• /
• pp.479-490
• /
• 2013

Recently, the number of attacks by malicious application has significantly increased, targeting Android-platform mobile terminal such as Samsung Galaxy Note and Galaxy Tab 10.1. The malicious application can be distributed to currently used mobile devices through open market masquerading as an normal application. An attacker inserts malicious code into an application, which might threaten privacy by rooting attack. Once the rooting attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list, and public key certificate for banking. To protect the private information from the malicious attack, malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates rooting attack mechanism for Android-platform mobile terminal. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to attacks occurring from mobile terminal, which contributes to active protection from malicious attacks.

• 한국정보교육학회:학술대회논문집
• /
• 2011.01a
• /
• pp.265-270
• /
• 2011

This paper is the study about application development for management obesity and personal health matters systematically based on Android smart phone system. Growing obesity problem for students organized by the lack of a device or program to manage at home has been favored as a serious problem. Currently developed smart phones has come into wide use by portable features and many applications. And to support populations of these features smart phones will be available for obesity management in your home without any equipment using. Accordingly, this paper is the study about application development for management obesity for growing students at home based on the latest smart phone platform Android.

• Journal of Internet Computing and Services
• /
• v.14 no.3
• /
• pp.35-46
• /
• 2013

As mobile terminal environment gets matured, the use of Android platform based mobile terminals has been growing high. Recently, the number of attacks by malicious application is also increasing as Android platform is vulnerable to private information leakage in nature. Most of these malicious applications are easily distributed to general users through open market or internet and an attacker inserts malicious code into malicious app which could be harmful tool to steal private data and banking data such as SMS, contacts list, and public key certificate to a remote server. To cope with these security threats more actively, it is necessary to develop countermeasure system that enables to detect security vulnerability existing in mobile device and take an appropriate action to protect the system against malicious attacks. In this sense, this paper aggregates diverse system events from multiple mobile devices and also implements a system to detect attacks by malicious application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.2
• /
• pp.345-352
• /
• 2014

As the utilization rate of smart device increases, various applications for smart device have been developed. Since these applications can contain important data related to user behaviors in digital forensic perspective, the analysis of them should be conducted in advance. However, lots of applications get to have new data format or type when they are updated. Therefore, whether the applications are updated or not should be checked one by one, and if they are, whether their data are changed should be also analyzed. But observing application data repeatedly is a time-consuming task, and that is why the effective method for dealing with this problem is needed. This paper suggests the automatic system which gets updated information and checks changed data by collecting application information.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.45-55
• /
• 2019

DEX file and share objects (also known as the SO file) are important components that define the behaviors of an Android application. DEX file is implemented in Java code, whereas SO file under ELF file format is implemented in native code(C/C++). The two layers - Java and native can communicate with each other at runtime. Malicious applications have become more and more prevalent in mobile world, they are equipped with different evasion techniques to avoid being detected by anti-malware product. To avoid static analysis, some applications may perform malicious behavior in native code that is difficult to analyze. Existing researches fail to extract the call relationship which includes both Java code and native code, or can not analyze multi-DEX application. In this study, we design and implement a system that effectively extracts the call relationship between Java code and native code by analyzing DEX file and SO file of Android application.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.4
• /
• pp.180-187
• /
• 2020

Security threats are increasing with interest due to the mass spread of smart devices, and vulnerabilities in developed applications are being exposed while mobile malicious codes are spreading. The government and companies provide various applications for the public, and for reliability and security of applications, security checks are required during application development. In this paper, among the security threats that can occur in the mobile service environment, we set up the vulnerability analysis items to respond to security threats when developing Android-based applications. Based on the set analysis items, vulnerability analysis was performed by examining three applications of public institutions and private companies currently operating as mobile applications. As a result of application security checks used by three public institutions and companies, authority management and open module stability management were well managed. However, it was confirmed that many security vulnerabilities were found in input value verification, outside transmit data management, and data management. It is believed that it will contribute to improving the safety of mobile applications through the case of vulnerability analysis for Android application security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.10a
• /
• pp.787-789
• /
• 2013

A lot of applications are being developed as a result of popular smart machinery. Especially, Android OS that has high market share in smart phone market, applications are being developed and resulted. response time is delayed because service process of application do not work well although the space for using resource is enough. The purpose of this paper, analysis tool analyze response time of application to grope for an answer to the question about delayed response time of application.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.381-386
• /
• 2013

As the new variation malicious codes of android platform are drastically increasing, the preparation plan and response is needed. We proposed a high-interaction client honeypot that applied to the android platform. We designed flow for the system. Application plan and the function was analyze. Each detail module was optimized in the Android platform. The system is equipped with the advantage of the high-interaction client honeypot of PC environment. Because the management and storage server was separated it is more flexible and expanded.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.8
• /
• pp.3005-3011
• /
• 2010

As soon as high-performanced smart phones is rapidly emerging in recent, its security problems come to the front. Especially in case of an open platform, it is easy to be a target of virus. Many security solution industries such as Symantec and Ahnlab are developing a mobile security system, but they have not yet a commercial product. We developed the effective security function of Android system based on SELinux to solve this problem, and verified its performance by applying the user applications developed to S3C6410 board.

• The Journal of the Korea Contents Association
• /
• v.21 no.1
• /
• pp.475-484
• /
• 2021

The Android OS has quickly established itself with the smartphone market and is being applied in a variety of ways such as navigation and refrigerator panels. Existing terminals can implement services that require high precision while using RTOS that requires accurate execution time, but Android OS has a disadvantage in that it cannot provide high-precision real-time performance. In this paper, we propose a real-time communication method that operates in the Android OS. Real-time communication reduces the load using the UDP protocol, and configures the real-time operating system time tick through a high-precision timer in the kernel area. An Android application level library was created to implement real-time communication and compared with the existing Android library for real-time performance verification.