Jin Kwak

DWroidDump: executable code extraction from Android applications for malware analysis

We suggest an idea to dump executable code from memory for malicious application analysis on Android platform. Malicious applications are getting enhanced in terms of antianalysis techniques. Recently, sophisticated malicious applications have been found, which are not decompiled and debugged by existing analysis tools. It becomes serious threat to services related to embedded devices based on Android. Thus, we have implemented the idea to obtain main code from the memory by modifying a part of Dalvik Virtual Machine of Android. As a result, we have confirmed that the executable code is completely obtainable. In this paper, we introduce the existing analysis techniques for Android application, and antianalysis techniques. We then describe the proposed method with a sample malicious application which has strong antianalysis techniques.

Routing Protocol for Heterogeneous Hierarchical Wireless Multimedia Sensor Networks

Recently, wireless multimedia sensor networks (WMSNs) have emerged as one of the most important technologies, driven by the development of powerful multimedia device such as CMOS. WMSNs require several factors such as resource constraints, specific QoS, high bandwidth and so on. In this paper, we propose a hierarchical heterogeneous network model based routing protocol for WMSNs. In our proposal, proposed network model is classified into monitoring class, delivery class and aggregation class. Also we define two kinds of the routing path in order to ensure bandwidth and QoS. In simulation results, we illustrate the performance of our proposal.

Construction of a secure two-factor user authentication system using fingerprint information and password

User authentication is highly necessary technology in a variety of services. Many researchers have proposed a two-factor authentication scheme using certificate and OTP, smartcard and password, and so on. Two-factor authentication requires an additional factor rather than one-factor authentication. Therefore, loss or exposure can occur, since users always must carry and manage the additional device or factor. For this reason, biometric authentication, used in many services, needs a verification method of the user without an additional factor. Fingerprinting is widely used in service due to excellent recognition, low cost device, and less user-hostile. However, fingerprint recognition always uses the same fingerprint template, due to the inalterability. This causes a problem of reusable fingerprint by a malicious attacker. Therefore, we proposed a secure two-factor user authentication system using fingerprint information and password to solve the existing two-factor problem. The proposed scheme is secure against reuse of a fingerprint. It does not need an extra device, so efficiency and accessibility are improved.

Dual server-based secure data-storage system for cloud storage

Users can access data that they store in cloud storage anytime and anywhere over a network. In the cloud storage paradigm, users’ data are stored in several distributed servers and virtualisation is applied in order to logically integrate those data. However, when users access their data in cloud storage, they directly access the server on which the data are physically stored. Thus, there is a potential threat of data loss due to a malicious attacker accessing the data. In order to solve this threat, we propose a data storage system that uses link and data servers. The link server does not store real data; it only has the address of the data and a symmetric key. The data server, on the other hand, has the real data and access information, and it can only be accessed via the link server.

Secure and Efficient Anonymous Authentication Scheme in Global Mobility Networks

In 2012, Mun et al. pointed out that Wu et al.’s scheme failed to achieve user anonymity and perfect forward secrecy and disclosed the passwords of legitimate users. And they proposed a new enhancement for anonymous authentication scheme. However, their proposed scheme has vulnerabilities that are susceptible to replay attack and man-in-the-middle attack. It also incurs a high overhead in the database. In this paper, we examine the vulnerabilities in the existing schemes and the computational overhead incurred in the database. We then propose a secure and efficient anonymous authentication scheme for roaming service in global mobility network. Our proposed scheme is secure against various attacks, provides mutual authentication and session key establishment, and incurs less computational overhead in the database than Mun et al.s scheme.

Enhanced SDIoT Security Framework Models

Following the recent increase in the interest in IoT (Internet of Things) environment, devices that provide various services are being developed. As the diversity, research is required for efficient management of these devices and enhanced security. Previous network environments tend to be dependent on network devices and have difficulties in active processing of variable traffic. Moreover, it is expected that new or variant attacks will increase as packets of various patterns are generated from numerous devices, and hence immense research effort is required in solving this problem. In order to address such problems, this study aims to investigate strategies for establishing a security framework for the configuration of a software-defined IoT environment and efficient provision of security services. Moreover, the service to reduce the overhead involved in security service provision is configured, and a simple test is conducted to verify the feasibility of the proposed model.

A Study on User Authentication Methodology Using Numeric Password and Fingerprint Biometric Information

The prevalence of computers and the development of the Internet made us able to easily access information. As people are concerned about user information security, the interest of the user authentication method is growing. The most common computer authentication method is the use of alphanumerical usernames and passwords. The password authentication systems currently used are easy, but only if you know the password, as the user authentication is vulnerable. User authentication using fingerprints, only the user with the information that is specific to the authentication security is strong. But there are disadvantage such as the user cannot change the authentication key. In this study, we proposed authentication methodology that combines numeric-based password and biometric-based fingerprint authentication system. Use the information in the users fingerprint, authentication keys to obtain security. Also, using numeric-based password can to easily change the password; the authentication keys were designed to provide flexibility.

Study on Analysis Methodology for Android Applications

The advance in technology brought us mobile phones with almost the same power and features as our personal computers. Something that criminal minds will find a way to exploit for their gain as the history has shown. The main contents of the information paradigm are the ”open” and ”standard.” Full security incidents account for more than 80 percent of the internal information security incidents (abuse of information resources and information leakage, etc.), damages the value of information assets has increased rapidly. Mobile malware is rapidly becoming a serious threat. In this paper, I survey the current state of mobile malware. As I classified according to behavioral characteristics and propagation and understood the history mobile evolution. Also, I present Android Application analysis methodology for the more securing smart-work environment.

Design of USIM-based secure user authentication scheme in a mobile office environment

In order to spread the scale of the mobile device market rapidly, mobile office applications have been introduced that can be process office work anytime, anywhere. However, the mobile office is vulnerable to several security threats that can occur over wireless networks, which can result in illegal enterprise information access and disclosure because of the openness and portability of the mobile device. Therefore, the mobile office environment must prevent unauthorized service and resource access, and a user authentication scheme is needed to mitigate the potential security vulnerabilities. In this paper, we propose a USIM-based secure user authentication scheme for a mobile office environment. The proposed scheme uses the USIM to securely share secret information for authentication between the mobile user and the server, and the mobile device can perform re-authentication to the server through the re-authentication phase in the event of handover. Moreover, the proposed authentication scheme is specified using Casper and is verified the security using the CasperFDR and FDR tool.

Effective and Reliable Malware Group Classification for a Massive Malware Environment

Most of the cyber-attacks are caused by malware, and damage from them has escalated from cyber space to home appliances and infrastructure, thus affecting the daily living of the people. As such, anticipative analysis and countermeasures for malware have become more important. Most malware programs are created as variations of existing malware. This paper proposes a scheme for the detection and group classification of malware, some measures to improve the dependability of classification using the local clustering coefficient, and the technique for selecting and managing the leading malware for each group to classify them cost-effectively in a massive malware environment. This study also developed the system for the proposed model and compared its performance with the existing methods on actual malware to verify the level of dependability improvement. The technology developed in this study is expected to be used for the effective analysis of new malware, trend analysis of the same malware group, automatic identification of malware of interest, and same attacker trend analysis in addition to countermeasures for each malware program.