• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1057-1067
• /
• 2013

The market share of smartphones has been increasing more and more at the recent mobile market and smart devices and applications that are based on a variety of operating systems has been released. Given this reality, the importance of smart devices analysis is coming to the fore and the most important thing is to minimize data corruption when extracting data from the device in order to analyze user behavior. In this paper, we compare and analyze the area-specific changes that are the file system of collected image after obtaining root privileges on the Android OS and iOS based devices, and then propose the most efficient method to obtain root privileges.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.6
• /
• pp.143-151
• /
• 2014

Recently, as smartphones are widespread, a variety of user's information is created and managed in smartphones. Especially the location information can show the user's position at a specific time and the user's area of interest, which could be very useful during criminal investigation. Although the location information plays an important role in solving the crimes such as serial murder, rape and arson cases, there is a lack of research on location information for digital forensics. In this paper, we analyze the location information from logs, images, and applications on android, and we suggest the integrated model for analyzing location information. The proposed model may be useful in criminal investigation by improving the efficiency of data analysis and providing information about a criminal case.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.11
• /
• pp.1588-1595
• /
• 2021

Android-based smartphones receive the global navigation satellite system (GNSS) signals to determine their location and provide the GNSS raw measurement to users. The available GNSS signals on the current Android devices are GPS, GLONASS, Galileo, BeiDou, QZSS. This research has analyzed the performance of multi-GNSS position accuracy based on the pseudorange of the smartphone for maritime users. Smartphones capable of receiving dual-frequency are installed on a ship, and multi-GNSS raw information in maritime environment was measured to present the results of comparing the GNSS pseudorange-based dual-frequency positioning performance for each smarphone. Furthermore, we analyzed whether the results of the positioning performance can meet the HEA requirement of IMO for maritime navigation users. As the results of maritime experiment, it was confirmed that in the case of the smartphones supporting the dual-frequency, the position accuracy within 6 meters (95%) could be obtained, and the HEA position accuracy performance within 10 meters (95%) required by IMO could be achieved.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.5
• /
• pp.309-316
• /
• 2014

It is easy to reverse engineer an Android app package file(APK) and get its decompiled source code. Therefore, attackers obtains economic benefits by illegally using the decompiled source code, or modifies an app by inserting malware. To address these problems in Android, we propose an APK overwrite scheme that protects apps against illegal modification of themselves by using a new anti-reverse engineering technique. In this paper, the targets are the apps which have been written by any programmer. For a target app (original app), server system (1) makes a copy of a target app, (2) encrypts the target app, (3) creates a stub app by replacing the DEX (Dalvik Executable) of the copied version with our stub DEX, and then (4) distributes the stub app as well as the encrypted target app to users of smartphones. The users downloads both the encrypted target app and the corresponding stub app. Whenever the stub app is executed on smartphones, the stub app and our launcher app decrypt the encrypted target app, overwrite the stub app with the decrypted target one, and executes the decrypted one. Every time the target app ends its execution, the decrypted app is deleted. To verify the feasibility of the proposed scheme, experimentation with several popular apps are carried out. The results of the experiment demonstrate that our scheme is effective for preventing reverse engineering and tampering of Android apps.

• The KIPS Transactions:PartB
• /
• v.18B no.4
• /
• pp.181-192
• /
• 2011

A mobile phone is becoming no longer a voice communication tool due to smartphones and mobile internet. Also, it now becomes a total entertainment device on which we can play game and get services by variety applications through the Web. As smartphones are getting more popular, their usages are also increased, which makes the interest of advertising industry in mobile advertisement increased but it is bound to be limited by the size of the screen. In this paper, we suggest an augmented reality logo system based on Android platform to maximize the effect of logo advertisement. After developing software and mounting it on a real smartphone, its performances are analyzed in various ways. The results show the possibility of its application to real world but it's not enough to provide real time service because of the low performance of hardware.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1049-1055
• /
• 2013

Smartphones are rapidly growing because of easy installation of the apps (application software) that users actually want. There are increasingly many apps that require cryptographic suites to be installed, for instance, for protecting account and financial data. Android platform provides protection mechanisms for memory and storage based on Linux kernel, but they are vulnerable to rooting attacks. In this paper, we analyze security mechanisms of Android platform and point out security problems. We show the security vulnerabilities of several commercial apps and suggest appropriate countermeasures.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.9-19
• /
• 2015

The Android operating system is exposed to a phishing attack of stealing private information that a user enters into a web page. We have discovered two security vulnerabilities of the phishing attack. First, an always-on-top scheme allows malware to place a transparent user interface (UI) on the current top screen and intercept a user input. Second, the Android provides some APIs that allow malware to obtain the information of a currently visited web page. This paper introduces a phishing that attacks a web page by exploiting the two vulnerabilities. The attack detects a visit to a security-relevant web page and steals private information from the web page. Our experiments on popular web sites reveal that the attack is significantly accurate and dangerous.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.3230-3253
• /
• 2017

Android malware steals users' private information, and embedded unsafe advertisement (ad) libraries, which execute unsafe code causing damage to users. The majority of such traffic is HTTP and is mixed with other normal traffic, which makes the detection of malware and unsafe ad libraries a challenging problem. To address this problem, this work describes a novel HTTP traffic flow mining approach to detect and categorize Android malware and unsafe ad library. This work designed AndroCollector, which can automatically execute the Android application (app) and collect the network traffic traces. From these traces, this work extracts HTTP traffic features along three important dimensions: quantitative, timing, and semantic and use these features for characterizing malware and unsafe ad libraries. Based on these HTTP traffic features, this work describes a supervised classification scheme for detecting malware and unsafe ad libraries. In addition, to help network operators, this work describes a fine-grained categorization method by generating fingerprints from HTTP request methods for each malware family and unsafe ad libraries. This work evaluated the scheme using HTTP traffic traces collected from 10778 Android apps. The experimental results show that the scheme can detect malware with 97% accuracy and unsafe ad libraries with 95% accuracy when tested on the popular third-party Android markets.

• Journal of Industrial Technology
• /
• v.31 no.B
• /
• pp.99-105
• /
• 2011

Recently, smartphones have been widely used in wireless communications which caused severe data overload in cellular networks. Cellular companies consider increasing wireless data capacity in overloaded areas. Determining overloaded areas is mainly made from user reports which are currently collected by calling or simple apps by some active users experiencing overloads. Since the current reporting method is inconvenient and does not contain detail information about the overload conditions, and therefore is used by only some active users, the overloaded areas determined from the reports are not likely to be accurate. Therefore, we need a new reporting method which is convenient enough for even inactive users to willingly report the overload condition and which delivers detail information about the overloads. In this paper, we design and implement a measurement function of smartphone's WCDMA communication quality including overload condition and management system of mobile wireless communication networks about smartphones' communication quality.

• Journal of Korea Multimedia Society
• /
• v.17 no.12
• /
• pp.1494-1502
• /
• 2014

Since smartphones are utilized in the ranges from personal usages to governmental data exchanges, known but not patched vulnerabilities in smartphone operating systems are considered as major threats to the public. To minimize potential security breaches on smartphones, it is necessary to estimate possible security threats. So far, there have been numerous studies conducted to evaluate the security risks caused by mobile devices qualitatively, but there are few quantitative manners. For a large scale risk evaluation, a qualitative assessment is a never ending task. In this paper, we try to calculate relative risk levels triggered by software vulnerabilities from unsecured smartphone operating systems (Android and iOS) among 51 Asian countries. The proposed method combines widely accepted risk representation in both theory and industrial fields. When policy makers need to make a strategic decision on mobile security related agendas, they might find the presented approach useful.