• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.881-893
• /
• 2020

CFI(Control Flow Integrity) is a mitigation mechanism that protects programs by verifying control flows. IFCC(Indirect Function Call Checks) and SCS(Shadow Call Stack), CFI supported by LLVM Clang compiler, were introduced to protect applications in Android. IFCC protects function calls and SCS protects function returns. In this paper, we propose attacks to bypass CFI on the application environment with IFCC and SCS. Even if IFCC and SCS were applied to user applications, it was confirmed that there were many code segments not protected by IFCC and SCS in the application memory. We execute code in CFI unprotected segments to construct 1) bypassing IFCC to call a protected function, 2) modulating return address via SCS bypass. We identify code segments not protected by IFCC and SCS in Android10 QP1A. 191005.007.A3. We also implement proof-of-concept exploits to demonstrate that modulation of control flow is possible in an environment where IFCC and SCS are applied.

• Journal of KIISE
• /
• v.42 no.1
• /
• pp.23-32
• /
• 2015

In the Android market, a large portion of the market share consists of third party applications, but not much research has been performed in this respect. Of these applications, mobile Voice Over IP (VoIP) applications are one of the types of applications that are used the most. In this paper, we focus on user authentication methods for three representative applications of the Google Voice service, which is a famous mobile VoIP application. Then, with respect to the Android file system, we developed a method to store and to send user information for authentication. Finally, we demonstrate a vulnerability in the mechanism and propose an improved mechanism for user authentication by using hash chaining and an elliptic curve Diffie-Hellman key exchange.

• Journal of Internet Computing and Services
• /
• v.14 no.6
• /
• pp.125-139
• /
• 2013

Distribution of malicious applications developed by attackers is increasing along with general normal applications due to the openness of the Android-based open market. Mechanism that allows more accurate ways to distinguish normal apps and malicious apps for common mobile devices should be developed in order to reduce the damage caused by the rampant malicious applications. This paper analysed the normal event pattern from the most highly used game apps in the Android open market to analyse the event pattern from normal apps and malicious apps of mobile devices that are based on the Android platform, and analysed the malicious event pattern from the malicious apps and the disguising malicious apps in the form of a game app among 1260 malware samples distributed by Android MalGenome Project. As described, experiment that extracts normal app and malicious app events was performed using Strace, the Linux-based system call extraction tool, targeting normal apps and malicious apps on Android-based mobile devices. Relevance analysis for each event set was performed on collected events that occurred when normal apps and malicious apps were running. This paper successfully extracted event similarity through this process of analyzing the event occurrence characteristics, pattern and distribution on each set of normal apps and malicious apps, and lastly suggested a mechanism that determines whether any given app is malicious.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.333-338
• /
• 2014

Zigbee is a wireless communication technology optimized for WSN (Wireless Sensor Network) environment. A WSN gateway is used for node control and data transmission. However, a fixed-type gateway can restrict the flexibility of the WSN environment. A smartphone-mounted high-performance processor and Android OS can be easily used in a mobile WSN gateway. In this paper, we proposed a mobile WSN gateway based on Android smartphones. In the proposed system, a Zigbee sensor module is connected with a smartphone via USB (Universal Serial Bus) port. We also implemented an Android application for the mobile WSN gateway.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.8
• /
• pp.3999-4005
• /
• 2013

We forecast that the scale of mobile market will be large scale according to the twenty million times of smart phone's user is arrived. The type of software development is being transferred into mobile-based App. or cloud computing-based service from web-based software. Currently both Google's android and Apple's IOS are known for two prominent platforms. Existing modeling techniques cannot be applied into the case of mobile application which is executed those platforms. Therefore, we suggest a modeling technique that is customized existing modeling techniques into android-based software development. That is, we propose an analysis and design techniques which are needed into android-based mobile smart environment.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.2
• /
• pp.209-215
• /
• 2013

Currently Plastic Student Identity Card has not been used frequently because it is inconvenient to possess. In this paper, we propose and develope Mobile Student Identity Card(MSIC) which consists of combination of smart phone and student identity card to support convenient campus life for students in school. The main features of the developed MSIC are as follows. First, it can confirm student identity and offer MSIC to each students by using Database. Second, it can support convenient campus life for students by adequate layout. In the performance evaluation, we use development kit based on Android and AVD(Android Virture Device) for simulation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.617-624
• /
• 2014

Smart phone usage has increased exponentially and open source based Android OS occupy significant market share. However, various malicious applications that use the characteristic of Android threaten users. In this paper, we construct an efficient malicious application detector by using the principle component analysis and the incremental k nearest neighbor algorithm, which consider an required permission, of Android applications. The cross validation is exploited in order to find a critical parameter of the algorithm. For the performance evaluation of our approach, we simulate a real data set of Contagio Mobile.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.614-616
• /
• 2010

Recently, there is increasing concern about smart phone due to the release of iPhone and Android phone. So, There are many kinds of application in smart phone, and applications using multimedia contents is increasing. The famous codecs for Image and video are JPEG, MPEG and h.264, which is popular recently as a vedeo codec because of its high compression ratio compared with the other video codecs. In this paper, we will divide Jpeg Sequence to each Jpeg and will display that Jpeg looks like a video continuously in Android. And we will show you the simulation result.

• International Journal of Computer Science & Network Security
• /
• v.23 no.9
• /
• pp.141-149
• /
• 2023

Repacked mobile apps constitute about 78% of all malware of Android, and it greatly affects the technical ecosystem of Android. Although many methods exist for repacked app detection, most of them suffer from performance issues. In this manuscript, a novel method using the Constant Key Point Selection and Limited Binary Pattern (CKPS: LBP) Feature extraction-based Hashing is proposed for the identification of repacked android applications through the visual similarity, which is a notable feature of repacked applications. The results from the experiment prove that the proposed method can effectively detect the apps that are similar visually even that are even under the double fold content manipulations. From the experimental analysis, it proved that the proposed CKPS: LBP method has a better efficiency of detecting 1354 similar applications from a repository of 95124 applications and also the computational time was 0.91 seconds within which a user could get the decision of whether the app repacked. The overall efficiency of the proposed algorithm is 41% greater than the average of other methods, and the time complexity is found to have been reduced by 31%. The collision probability of the Hashes was 41% better than the average value of the other state of the art methods.

• Journal of Digital Contents Society
• /
• v.12 no.4
• /
• pp.611-618
• /
• 2011

This paper presents a design and implementation of Android-base Total Weather Information using XML(eXtensible Markup Language) techniques. Weather Information are changed using GPS location provider and XML parsing techniques according to the current location, This application alarms the weather information as the English voices when some alarm events appear regardless of the application access or finish. We design the user interface simple because the first impression is important in all applications.