JaeDeok Lim

Vulnerability monitoring mechanism in Android based smartphone with correlation analysis on event-driven activities

The amount of malicious mobile application targeting Android based smartphones has increase rapidly. In addition, these malicious apps are capable of downloading modules from servers which are run by malicious users, meaning that unexpected events can be activated inside of smartphones. Therefore, the attacker can control and get personal information and data stored inside of smartphone illegally. Therefore, it is necessary to monitor several event-driven activities and to detect malicious service for degrading the vulnerability on Android based smartphone. The correlation analysis mechanism is the use of statistical and systemic data to evaluate the relations between several variables. Therefore, we propose vulnerability monitoring mechanism with correlation analysis on event-driven activities in Android platform. In first, the basic activity data set (application integrity information, real-time process list, network connection and activated service list) are constructed as a DB server. And then the event data generated inbound of smartphone are aggregated and updated periodically. Based on these data, correlation analysis process is performed to detect malicious activity such as rooting attack triggered by rootkit for acquisition of administration permission. Therefore, it is useful to decrease a threat by detecting malicious event on Android based smartphones.

Technology trends of access control in IoT and requirements analysis

Since IoT devices can cause problems, such as invasion of privacy and threat to our safety, security in IoT is the most important element. IoT is an environment in which various devices to communicate an environment in which various devices communicate with one another without user intervention or with minimal user intervention. Therefore, authentication and access control technology between IoT devices are important element in the IoT security. In this paper, we describe our survey of access control technique in IoT environment and requirements of it.

A Secure Storage System for Sensitive Data Protection Based on Mobile Virtualization

Recently, the development of smart phones has been reported the number of security vulnerabilities. Although these smart phones have a concept of Sandbox for the security, sensitive personal information has been still exposed by internal data exchange or root privilege acquisition. In this paper, we propose a system framework for secure storage of sensitive data in smartphone. The system is divided into general domain (GD) and secure domain (SD) in mobile device utilizing domain separation technique of virtualization, and SD provides a secure execution environment to protect sensitive data and secure services. In addition, our system introduces the secure functions such as authentication/access control, and encryption/key management and secures filesystem to be run in SD and addresses a detailed secure filesystem as a key function for secure storage. Lastly, the experiments are conducted to measure the performance overhead imposed by security features in SD and by overall system with interdomain communication from GD to SD. These experiment results show suitability of our system and suggest applicability of various secure functions which can be applied in our secure storage system.

Classification and Detection of Objectionable Sounds Using Repeated Curve-Like Spectrum Feature

This paper proposes the repeated curve-like spectrum feature in order to classify and detect objectionable sounds. Objectionable sounds in this paper refer to the audio signals generated from sexual moans and screams in various sexual scenes. For reasonable results, we define the audio-based objectionable conceptual model with six categories from which dataset of objectionable classes are constructed. The support vector machine classifier is used for training and classifying dataset. The proposed feature set has accurate rate, precision, and recall at about 96%, 96%, and 90% respectively. With these measured performance, this paper shows that the repeated curve-like spectrum feature proposed in this paper can be a proper feature to detect and classify objectionable multimedia contents.

Classifying of Objectionable Contents with Various Audio Signal Features

The rapid development of multimedia related technologies and internet infrastructure have made general users can create, edit, and post their contents and can easily access any content that they desire. But it also leads to the harmful side effects that are creation and uncontrolled distribution of objectionable contents. Especially it is very serious for pornographic contents that are more than about 70% of objectionable contents. The objectionable contents mean the pornographic contents in this paper. Most of the related studies are focused on image-based approaches and there are few studies based on audio-based approaches. In this paper, we try to classify objectionable contents based on various audio signal features. The audio signal features used in this paper are perceptual features that are spectral properties, MFCC based feature set and TDMFCC based feature set. For the reasonable results, we define the audio-based objectionable contents model and then construct dataset according to the defined model. For training and classifying dataset of two classes, objectionable and nonobjectionable class, SVM classifier is used. TDMFCC based feature set has a good performance of accurate rate with SVM classifier, about 95%, and the results show that it is very effective to detect and classify the objectionable contents based on audio features.

Protection method from APP repackaging attack on mobile device with separated domain.

Hacking method of decomposing a well-known apps, reverse engineering, inserting malicious code, repackaging of it, and then redistributing it accounts for the majority of Android apps hacking. It is related to the fact that Android App consists of JAVA language and it is easy to apply reverse engineering. We propose a protection solution for this hacking method. It can prevent avoiding App integrity check routine and working of forgery apps.

Automatic detection of malicious sound using segmental two-dimensional mel-frequency cepstral coefficients and histograms of oriented gradients

This paper addresses the problem of recognizing malicious sounds, such as sexual scream or moan, to detect and block the objectionable multimedia contents. The malicious sounds show the distinct characteristics that have large temporal variations and fast spectral transitions. Therefore, extracting appropriate features to properly represent these characteristics is important in achieving a better performance. In this paper, we employ segment-based two-dimensional Mel-frequency cepstral coefficients and histograms of gradient directions as a feature set to characterize both the temporal variations and spectral transitions within a long-range segment of the target signal. Gaussian mixture model (GMM) is adopted to statistically represent the malicious and non-malicious sounds, and the test sounds are classified by a maximum a posterior probability (MAP) method. Evaluation of the proposed feature extraction method on a database of several hundred malicious and non-malicious sound clips yielded precision of 91.31% and recall of 94.27%. This result suggests that this approach could be used as an alternative to the image-based methods.

Implementation of light-weight IKE protocol for IPsec VPN within router

IPsec protocol has been widely deployed at remote business environment because of its properties, confidentiality and integrity for network traffic. Before using IPsec protocol, it is needed that negotiations of security associations and keys between two end points of IPsec tunnel. IKE protocol is used when negotiation is done automatically. This paper introduces the light-weight IKE protocol that can be applied to an embedded system such as router. We prove that this IKE protocol has been implemented based on RFC by working with the other commercial IKE protocol and show the negotiation performance of IKE protocol by using test tool

Adult Contents Analysis and Remote Management Framework for Parental Control Based on Android Platform

This paper proposes a framework that can analyze and manage adult contents remotely on Android-based smart devices. It can be used as a parental control framework that parents can remotely control and manage adult contents of their children’s devices with parents’ devices without handling the children’s device directly. For the purpose, the framework consists of three components: Contents Analysis App. which is running on children’s devices, Contents Management App. which is running on parents’ devices, and Connection Maintenance Server which plays a role of maintaining the connection between parents’ devices and children’s devices. The proposed framework can be applied to protect adolescents and children from harmful contents on smart devices.

A Study of Providing the Integrity on Cluster System

The Internet connection of cluster systems can provide the various and convenient services and can also increase the possibility of the external attacks. The malicious cracking causes the threat about the cluster system operating environment and can weaken the reliability toward the services of the cluster system base. Especially for most of huge web services based on cluster system like Internet banking services, portal services etc., the trusted operational environment is very critical in order to guarantee their services is not compromised and then secure. Therefore, the integrity of the cluster system is important to enhance the reliability of the service provided based on the cluster system. This paper introduces the method for providing the integrity on the cluster system that includes the integrity of each cluster node and the integrity of programs to be provisioned. For the integrity of cluster node itself, we adopt the trusted booting based on TPM to each selected node, and for the integrity of programs to be provisioned, we adopt the digital signature and node authentication with private certificate authority (PCA).