• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2004.11a
• /
• pp.79-88
• /
• 2004

1. Introduction 1.1 Mobile Terminal Functionalities 1.2 Wireless Internet in CDMA 1.3 Mobile in Business 1.4 Mobile Trends 2. Mobile Malicious Code 2.1 Palm OS 2.2 Symbian OS 2.3 Wiondows Mobile 3. Symptom OS & Prediction 3.1 Vulnerabilities 3.2 Symptom 3.3 Prediction 4. Conclusion

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.666-668
• /
• 2013

Recently, the kind and number of malicious code, which operates in Operation System of smart devices, are rapidly increasing along with the fast supplement of smart devices. Especially, smart devices based on Android OS have high potential of danger to expose to malicious code as it has an easy access to system authority. When using intent, the global message system provided from Android, inter approach between applications is available, and possible to access to created data by the device. Intent provides convenience to application development in the aspect of reusability of component however, it could be appointed as a risk element in security-wise. Therefore, if intent is used in malicious purpose, it is easy to lead the condition where is weak on security. That is, it is possible to control as accessing to resources which application is carrying to operate by receiving intents as making smart device uncontrollable or consuming system resources. Especially, in case of system authority is achieved, the risks such as smart device control or personal information exposure become bigger when misusing broadcast intent through malicious code. This paper proposes a corresponding method of security vulnerability of Android intent that monitors the appearance of intent with intent pattern inspection, detects and blocks unidentified pattern intent.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.192-194
• /
• 2022

This paper analyzes the attack method of pastejacking and proposes a clip toaster that can effectively defend it. When programming, developers often copy and paste code from GitHub, Stack Overflow, or blogs. Pastejacking is an attack that injects malicious data into the clipboard when a user copies code posted on the web, resulting in security threats by executing malicious commands that the user does not intend or by inserting dangerous code snippets into the software. In this paper, we propose clip toaster to visualize and alertusers of threats to defend pastejacking that threatens the security of the developer's terminal and program code. Clip Toaster can visualize security threat notifications and effectively detect and respond to attacks without interfering with user actions.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.3
• /
• pp.195-200
• /
• 2012

Smart Phone devices offer convenience for users, but present a new set of security issues due to loss or malicious code. In this paper, a mobile cloud system environment is used with existing smart phones in an attempt to solve the problems in a banking environment. In order to prevent financial damages due to loss or personal information leakage by malicious code, a mobile cloud computing service that provides control and protection of personal information in environment that ensures individual authentication is used. Existing ID / Password with certificate, with the way smart phone dual password authentication scheme using the gyro sensors proposed.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.49-57
• /
• 2006

Firewall to block a network access of unauthorized IP system and IDS (Intrusion Detection System) to detect malicious code pattern to be known consisted the main current of the information security system at the past. But, with rapid growth the diffusion speed and damage of malicious code like the worm, study of the unknown attack traffic is processed actively. One of such method is detection technique using traffic statistics information on the network viewpoint not to be an individual system. But, it is very difficult but to reserve traffic raw data or statistics information. Therefore, we present extraction technique of a network traffic Raw data and a statistics information like the time series. Also, We confirm the validity of a mixing traffic and show the evidence which is suitable to the experiment.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.49-56
• /
• 2008

Recently, Phising attack uses trick of URL and sites, and technical concealment method which infiltrates sophisticated malicious code. However, sometimes Phising security technology cannot cover all of Phising methods. Consequently, this research proposes inspection to solve this problem. First, we can install Proxy server for a strong open information exchange of web environment between web servers and clients. Therefore, it compares and analyzes harmful site and Phising URL with White domain list, and filters them. Finally, designs for stable web based information so that we can block Phising with least regulation and active control. So the purpose of this paper is introducing this design system and structure, and inspect them.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.87-97
• /
• 2014

Pharming attack is a confidence trick that the hacker catch away customers financial information on Internet banking. At first, a hacker installs malicious execution code on customers PC in secret. As a customer tries to connect a Internet banking Web site, the malicious code changes it to phishing site in Internet explorer. The hacker catch away customers financial information in process of internet banking. The hacker steals money from customer's bank account using stolen information. PKI is a widespread and strong technology for providing the security using public key techniques. The main idea of PKI is the digital certificate that is a digitally signed statement binding an user's identity information and his public key. The Internet banking service stands on the basis of PKI. However, the bank is trusted in natural, the only customer is certified in the present Internet banking. In this paper, we propose a method of cross certification in Internet banking. The customer certify a bank and the bank certify the customer in proposed method. The method can service to customer the secure Internet banking about pharming attack. We compare the proposed method with other methods.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.753-756
• /
• 2012

The type of phishing changes rapidly and also threat model changes very fastly Accordingly, frauds develop new methods of attacks to avoid the counterparts. Recently, the type of phishing in internet banking is developing specifically. In this paper, to help encounter for it, we first review the meaning of phishing and the types of attacks in phishing in the second chapter,and in the third chapter, we will analyze phishing which is using malicious code in internet banking,and in the fourth chapter, we will describe the conclusion of this paper.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.8
• /
• pp.5256-5262
• /
• 2014

Recently, Distributed Denial of Service (DDoS) attacks, such as spreading malicious code, cyber-terrorism, have occurred in government agencies, the press and the financial sector. DDoS attacks are the simplest Internet-based infringement attacks techniques that have fatal consequences. DDoS attacks have caused bandwidth consumption at the network layer. These attacks are difficult to detect defend against because the attack packets are not significantly different from normal traffic. Abnormal traffic is threatening the stability of the network. Therefore, the abnormal traffic by generating indications will need to be detected in advance. This study examined the abnormal traffic detection technique using a forecasting model-based trend model.

• Journal of Convergence Society for SMB
• /
• v.5 no.1
• /
• pp.25-30
• /
• 2015

The APT attacks are hackers created a variety of security threats will continue to attack applied to the network of a particular company or organization. It referred to as intelligent sustained attack. After securing your PC after a particular organization's internal staff access to internal server or database through the PC or remove and destroy the confidential information. The APT attack is so large, there are two zero-day attacks and rootkits. APT is a process of penetration attack, search, acquisition, and is divided into outlet Step 4. It was defined in two ways how you can respond to APT through the process. Technical descriptions were divided into ways to delay the attacker's malicious code attacks time and plan for attacks to be detected and removed through.