• Smart Media Journal
• /
• v.9 no.3
• /
• pp.71-79
• /
• 2020

Mobile network is used by many users worldwide for diverse services, including phone-call, messaging and data transfer over the Internet. However, this network may experience massive damage if it is exposed to cyber-attacks or denial-of-service attacks via wireless communication interference. Because the mobile network is also used as an emergency network in cases of disaster, evaluation or verification for security and safety is necessary as an important nation-wide asset. However, it is not easy to analyze the mobile core network because it's built and serviced by private service providers, exclusively operated, and there is even no separate network for testing. Thus, in this paper, a virtual mobile network is built using OpenAirInterface, which is implemented based on 3GPP standards and provided as an open source software, and the structure and protocols of the core network are analyzed. In particular, the S1AP protocol messages captured on S1-MME, the interface between the base station eNodeB and the mobility manager MME, are analyzed to identify potential security threats by evaluating the effect of the messages sent from the user terminal UE to the mobile core network.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.2
• /
• pp.31-42
• /
• 2014

Debugger systems are necessary to apply dynamic program analysis when evaluating security properties of embedded system software. It may be possible to make the use of software-based debugger and/or DBI framework if target devices support general purpose operating systems, however, constraints on applicability as well as environmental transparency might be incurred thereby hindering overall analyzability. Analysis with JTAG (IEEE 1149.1) debugging devices can overcome these difficulties in that no change would be involved in terms of internal software environment. In that sense, JTAG API can facilitate to practically perform dynamic program analysis for evaluating security properties of target device software. In this paper, we introduce an implementation of JTAG API to enable analysis of ARM core based embedded systems. The API function set includes the categories of debugger and target device controls: debugging environment and operation. To verify API applicability, we also provide example analysis tool implementations: our JTAG API could be used to build kernel function fuzzing and live memory forensics modules.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.3-10
• /
• 2007

In this paper, we proposed the methodology for security testing using block-based file fault injection. When fault is inserted into software, we consider the format of file in order to efficiently reduce the error that is caused by mismatch of format of file. The Vulnerability the methodology focuses on is related to memory processing, such as buffer overflow, null pointer reference and so on. We implemented the automatic tool to apply the methodology to image file format and named the tool ImageDigger. We executed fault-injection focused on WMF and EMF file format using ImageDigger, and found 10 DOS(Denial of Service) in Windows Platform. This methodology can apply to block-based file format such as MS Office file.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.661-671
• /
• 2022

Due to the COVID-19 pandemic, remote working, e-learning, e-teaching and online collaboration have widely spread and become popular. Accordingly, the usage of IPsec VPN for security reasons has also dramatically increased. With the spread of VPN, VPN vulunerabilities are becoming an important target of attack for attackers, and many studies have been conducted on this. IKE v2 analysis is an essential process not only for developing and building IPsec VPN systems but also for security analysis. Network packet analysis tools such as Wireshark and Tcpdump are used for IKE v2 analysis. Wireshark is one of the most famous and widely-used network protocol analyzers and supports IKE v2 analysis. However Wireshark has many limitations, such as requiring system administrator privileges for IKE v2 analysis. In this paper, we describe Wireshark's limitations in detatil and propose a new analysis method. The proposed analysis method can analyze all encrypted IKE v2 messages in real time from the session key exchange In addition, the proposed analysis method is expected to be used for dynamic testing such as fuzzing as packet manipulation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.11
• /
• pp.94-103
• /
• 2017

As automatic hacking tools and techniques have been improved, the number of new vulnerabilities has increased. The CVE registered from 2010 to 2015 numbered about 80,000, and it is expected that more vulnerabilities will be reported. In most cases, patching a vulnerability depends on the developers' capability, and most patching techniques are based on manual analysis, which requires nine months, on average. The techniques are composed of finding the vulnerability, conducting the analysis based on the source code, and writing new code for the patch. Zero-day is critical because the time gap between the first discovery and taking action is too long, as mentioned. To solve the problem, techniques for automatically detecting and analyzing software (SW) vulnerabilities have been proposed recently. Cyber Grand Challenge (CGC) held in 2016 was the first competition to create automatic defensive systems capable of reasoning over flaws in binary and formulating patches without experts' direct analysis. Darktrace and Cylance are similar projects for managing SW automatically with artificial intelligence and machine learning. Though many foreign commercial institutions and academies run their projects for automatic binary analysis, the domestic level of technology is much lower. This paper is to study developing automatic detection of SW vulnerabilities and defenses against them. We analyzed and compared relative works and tools as additional elements, and optimal techniques for automatic analysis are suggested.