• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.67-80
• /
• 2012

Recently as the number of smartphone user is growing rapidly, android is also getting more interest in digital forensic. However, there is not enough research on digital data acquisition and analysis based on android platform's unique characteristics so far. Android system stores all the related recent systemwide logs from the system components to applications in volatile memory, and therefore, the logs can potentially serve as important evidences. In this paper, we propose a digital data acquisition and analysis system for android which extracts meaningful information based on the correlation of android logs and user activities from a device at runtime. We also present an efficient search scheme to facilitate realtime analysis on site. Finally, we demonstrate how the proposed system can be used to reconstruct the sequence of user activities in a more intuitive manner, and show that the proposed search scheme can reduce overall search and analysis time approximately 10 times shorter than the normal regular search method.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.1
• /
• pp.101-108
• /
• 2021

This paper builds a real-time home security system based on the OneNet cloud platform to control the status of the house through a smartphone. The system consists of a local part and a cloud part. The local part has I/O devices, router and Raspberry Pi (RPi) that collects and monitors sensor data and sends the data to the cloud, and the Flask web server is implemented on a Rasberry Pi. When a user is at home, the user can access the Flask web server to obtain the data directly. The cloud part is OneNet in China Mobile, which provides remote access service. The hybrid App is designed to provide the interaction between users and the home security system in the smartphone, and the EDP and RTSP protocol is implemented to transmit data and video stream. Experimental results show that users can receive sensor data and warning text message through the smartphone and monitor, and control home status through OneNet cloud.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.8
• /
• pp.1551-1559
• /
• 2015

Recently, the performance of smart devices is almost similar to that of the existing PCs, thus the users of smart devices can perform similar works such as messengers, SNSs(Social Network Services), smart banking, etc. originally performed in PC environment using smart devices. Although the development of smart devices has led to positive impacts, it has caused negative changes such as an increase in security threat aimed at mobile environment. Specifically, the threats of mobile devices, such as leaking private information, generating unfair billing and performing DDoS(Distributed Denial of Service) attacks has continuously increased. Over 80% of the mobile devices use android platform, thus, the number of damage caused by mobile malware in android platform is also increasing. In this paper, we propose android based malware detection mechanism using time-series analysis, which is one of statistical-based detection methods.We use auto-regressive moving-average model which is extracting accurate predictive values based on existing data among time-series model. We also use fast and exact malware detection method by extracting possible malware data through Z-Score. We validate the proposed methods through the experiment results.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.5
• /
• pp.1181-1186
• /
• 2013

Mobile network has become an essential tool for mutual communications, so a survey research published that most of the smartphone users use Mobile Instant Messenger every day. In this paper, we developed a wire-wireless integrated web messenger that can be used in various platform of mobile devices and desktop computer for communicating between users of some companies. We defined a multi-organization as several independent companies. Our web messenger was developed for communicating of users of a multi-organization. So one of functions of our web messenger is to restrict access to some particular departments in each company for the security of their company. Developed web messenger worked reliably from variety of web browsers on most of platforms such as android, iOs and desktop computers.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.12 no.1
• /
• pp.147-154
• /
• 2017

This paper aims to build a home security system based on IoT to monitor a home on a mobile phone. The system consists of data gathering sensors, camera, gateway and Xively platform. The Raspberry Pi collects data from the three sensors and sends the data to Xively, and sends the video stream of home to a client in a smart phone through a internet. The servers are composed of Xively, socket server in Raspberry Pi and E-mail server in Google. The proposed system transmits e-mail, text message, and video stream when there are motion, fire, and gas leakage, and can control the gas valve through Raspberry Pi. The experimental results show that a user gets 'emergency E-mail' and text message and watches the video stream of the home through WIFI or LTE on a smart phone.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.6
• /
• pp.367-378
• /
• 2006

A mobile phone has became as a payment tool in e-commerce and on-line banking areas. This trend of a payment system using various types of mobile devices is rapidly growing, especially in the Internet transaction and small-money payment. Hence, there will be a need to define its standard for secure and safe payment technology. In this thesis, we consider the service types of the current mobile payments and the authentication method, investigate the disadvantages, problems and their solutions for smart and secure payment. Also, we propose a novel authentication method which is easily adopted without modification and addition of the existed mobile hardware platform. Also, we present a simple implementation as a demonstration version. Based on virtual machine (VM) approach, the proposed model is to use a pseudo-random number which is confirmed by the VM in a user's mobile phone and then is sent to the authentication site. This is more secure and safe rather than use of a random number received by the previous SMS. For this payment operation, a user should register the serial number at the first step after downloading the VM software, by which can prevent the illegal payment use by a mobile copy-phone. Compared with the previous SMS approach, the proposed method can reduce the amount of packet size to 30% as well as the time. Therefore, the VM-based method is superior to the previous approaches in the viewpoint of security, packet size and transaction time.

• The Journal of Information Systems
• /
• v.26 no.4
• /
• pp.247-284
• /
• 2017

Purpose The first purpose of this study is to investigate factors that are likely to influence user's intention to adopt third-party mobile payment platform. A comprehensive study about mobile payment services have used various variables to explain user's use intention based on the theory of reasoned action (TRA) or the theory of planned behavior (TPB). Variables such as simplicity, security, costs, relative advantage, individual mobility, subjective norm, trust, satisfaction, attitude towards use, perceived usefulness, perceived ease of use and so on. Among these factors, we expect to find out the most influential factors effecting user's use intention of the third-party mobile payment services. Second, we also examine whether the most influential factors have the same influence to different third-party mobile payment services by conducting comparative study of Alipay and WeChat Pay. Design/methodology/approach Empirical data for this study were collected from Chinese who has the experience using or have used Alipay or WeChat Pay. Participants needed to be familiar with Alipay or WeChat Pay because such users may be more aware of both the advantages and disadvantages of Alipay and WeChat Pay. We conduct a pilot test using Smart PLS 2.0, which includes 50 Alipay users and 82 WeChat Pay users. The result indicates that all the measurement fit for the context. And then 980 questionnaires were mainly sent out to the college students and the e-mails users randomly. To encourage participation, we give the participants a small gift as a present. Finally, we received a total of 683 replied. Data from respondents who gave incomplete or invalid answers were excluded to assure the validity of the constructs. 79 questionnaires were rejected, finally the valid data are 604 (with 372 Alipay users and 232 WeChat Pay users). Findings The results suggest that users' intention is determined by their trust on third-party mobile payment service and perceived usefulness of use. Comparative study results also indicated that the factors have different influence on Alipay group and WeChat Pay group, which offers a new aspect for academic field, and provides useful information to mobile payment service providers in China.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.6
• /
• pp.3032-3042
• /
• 2013

Multimedia Broadcast communication convergence services are broadcast communication convergence services new form that combines a platform technology for driving the application services of various media-related Internet and TV devices. It is possible to mounted the embedded OS of TV existing technology and to support a variety of smart application services to a TV technology evolved form equipped with various platforms on the OS. The services that are fused in this way, multi-media broadcasting communication convergence new services Open IPTV, Smart TV, mobile IPTV, and N-screen, are services actively focusing on three companies domestic services. However, in order to use the software to connect to the Internet for the provision of services, is inherent software vulnerabilities or the Internet. These vulnerabilities can lead to serious security incidents. Therefore, in this paper, or be able to derive the potential security threats that occur in multimedia broadcasting service environment based on security threats and vulnerabilities of existing threats lead to such security incidents in fact, the security it was carried out through a mock hacking validation for threats. It was also suggested necessary technical security measures that can be protect against security threats revealed by using the verification result through the penetration testing. Has been presented countermeasures in fusion communication service environment of multimedia broadcasting by using these results.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.187-196
• /
• 2016

Android applications are inherently vulnerable to a repackaging attack such that malicious codes are easily inserted into an application and then resigned by the attacker. These days, it occurs often that such private or individual information is leaked. In principle, all Android applications are composed of user defined methods and APIs. As well as accessing to resources on platform, APIs play a role as a practical functional feature, and user defined methods play a role as a feature by using APIs. In this paper we propose a scheme to analyze sensitive APIs mostly used in malicious applications in terms of how malicious applications operate and which API they use. Based on the characteristics of target APIs, we accumulate the knowledge on such APIs using a machine learning scheme based on Naive Bayes algorithm. Resulting from the learned results, we are able to provide fine-grained numeric score on the degree of vulnerabilities of mobile applications. In doing so, we expect the proposed scheme will help mobile application developers identify the security level of applications in advance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.12C
• /
• pp.1692-1706
• /
• 2004

Recently, there are rapid development of information and communication and rapid growth of e-business users. Therefore we try to solve security problem on the internet environment which charges from wire internet to wireless internet or wire/wireless internet. Since the wireless mobile environment is limited, researches such as small size, end-to-end and privacy security are performed by many people. Wireless e-business adopts credit card WPP protocol and AIP protocol proposed by ASPeCT. WAP, one of the protocol used by WPP has weakness of leaking out information from WG which conned wire and wireless communication. certification chain based AIP protocol requires a lot of computation time and user IDs are known to others. We propose a Micro-Payment protocol based on credit card. Our protocol use the encryption techniques of the public key with ID to ensure the secret of transaction in the step of session key generation. IDs are generated using ECC based Weil Paring. We also use the certification with hidden electronic sign to transmit the payment result. The proposed protocol solves the privacy protection and Non-repudiation p개blem. We solve not only the safety and efficiency problem but also independent of specific wireless platform. The protocol requires the certification organization attent the certification process of payment. Therefore, other domain provide also receive an efficient and safe service.