Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
A Strengthened Android Signature Management Method
- Authors
- Cho, Taenam; Seo, Seung-Hyun
- Issue Date
- 31-Mar-2015
- Publisher
- KSII-KOR SOC INTERNET INFORMATION
- Keywords
- Android; Code-signing; Security; Malware
- Citation
- KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, v.9, no.3, pp.1210 - 1230
- Indexed
- SCIE
SCOPUS
KCI
- Volume
- 9
- Number
- 3
- Start Page
- 1210
- End Page
- 1230
- ISSN
- 1976-7277
- Abstract
- Android is the world's most utilized smartphone OS which consequently, also makes it an attractive target for attackers. The most representative method of hacking used against Android apps is known as repackaging. This attack method requires extensive knowledge about reverse engineering in order to modify and insert malicious codes into the original app. However, there exists an easier way which circumvents the limiting obstacle of the reverse engineering. We have discovered a method of exploiting the Android code-signing process in order to mount a malware as an example. We also propose a countermeasure to prevent this attack. In addition, as a proof-of-concept, we tested a malicious code based on our attack technique on a sample app and improved the java libraries related to code-signing/verification reflecting our countermeasure.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Science and Technology > Department of Mathematics > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.