Metamorphic petrology and stratigraphy of the so-called Kyemyeongsan formation in the Chungju area,Korea

임송태 高麗大學校 大學院 1987 국내석사

Automated Cryptography Usage Analysis using Dynamic Taint Tracking

정문규 성균관대학교 일반대학원 2018 국내석사

Since sensitive data (e.g., user credentials, biometric data, personal data, and digital contents) are typically used in an application, protecting such data is essential to store and manage them in a secure manner. Therefore, misuse of cryptography is becoming one of the most common issues in secure software development. However, it is not straightforward to analyze how sensitive data is protected well in a device. In this paper, we propose a novel approach to track the entire flow of all sensitive data including input data and cryptographically transformed data by only executing binary using dynamic taint analysis. We have developed a prototype system called CRAY (Crypto-RAY) and demonstrated that CRAY can analyze entire cryptography usages in runtime and detect four types of cryptographic misuses (e.g., Weak algorithm and weak option, Hardcoded key and IV, Insufficient iteration in PBKDF, and Leak without encryption). We also propose a method called tag-merge trace to solve the multi-tag limitation of the existing taint analysis. The performance experiment shows that CRAY can use a large number of taint tags to track a plenty of input data (e.g. binary image, file, socket, and stdin) without any significant runtime overhead, while the state-of-the-art taint tracking tool can only use a small number of taint tags due to memory consumption and performance slowdown.

안드로이드 어플리케이션을 이용한 유료 서비스 취약점 분석

최현재 성균관대학교 일반대학원 2018 국내석사

스트리밍 (Streaming)이란 콘텐츠 정보를 실시간으로 사용자의 동영상, 음악 플레이어로 보내 재생하도록 하는 방식을 말한다. 비디오와 오디오를 실시간으로 인코딩하여 많은 사용자들이 동시에 시청하기 위해서는 RTMP (Real Time Messaging Protocol), HLS (HTTP Live Streaming) 등 실시간 스트리밍을 지원하는 프로토콜이 필요하다. 본 논문에서는 실시간 방송 서비스를 제공하는 국내 6개 OTT (Over the Top) 업체의 어플리케이션과 디지털 음원을 제공하는 국내 10개의 디지털 음원 업체의 어플리케이션들의 통신 과정을 분석하였다. 그 결과OTT 업체들은 채널 목록을 암호화하지 않거나, 유료채널에 적합하지 않은 프로토콜을 사용함으로써 유료채널을 무료로 시청할 수 있었고 디지털 음원 업체들은 음원을 암호화지 않았으며, 인증과정이 쉽게 우회되어 음원을 무료로 다운로드 받을 수 있었다.

Boosting the Guessing Attack Performance on Android Lock Patterns with Smudge Attacks

차승훈 성균관대학교 일반대학원 2017 국내석사

Android allows 20 consecutive fail attempts on unlocking a device. This makes it difficult for pure guessing attacks to crack user patterns on a stolen device before it permanently locks itself. We investigate the effectiveness of combining Markov model-based guessing attacks with smudge attacks on unlocking Android devices within 20 attempts. Detected smudges are used to pre-compute all the possible segments and patterns, significantly reducing the pattern space that needs to be brute-forced. Our Markov-model was trained using 70% of a real-world pattern dataset that consists of 312 patterns. We recruited 12 participants to draw the remaining 30% on Samsung Galaxy S4, and used smudges they left behind to analyze the performance of the combined attack. Our results show that this combined method can significantly improve the performance of pure guessing attacks, cracking 74.17% of patterns compared to just 13.33% when the Markov model-based guessing attack was performed alone---those results were collected from a naive usage scenario where the participants were merely asked to unlock a given device. Even under a more complex scenario that asked the participants to use the Facebook app for a few minutes---obscuring smudges were added as a result---our combined attack, at 31.94%, still outperformed the pure guessing attack at 13.33%. Obscuring smudges can significantly affect the performance of smudge-based attacks. Based on this finding, we recommend that a mitigation technique should be designed to help users add obscurity, e.g., by asking users to draw a second random pattern upon unlocking a device.

A security analysis of paid subscription video-on-demand services for online learning

이소라 성균관대학교 일반대학원 2017 국내석사

A typical online learning service allows users to watch video lectures in web browsers at any time and any place. In many cases of such services, security solutions (e.g., user authentication and access control) have been deployed to secure access to their premium contents to authorized users only who have paid the subscription fee. In this paper, we demonstrate how security solutions in real-world services can be broken easily. We performed an empirical analysis on the effectiveness of the security solutions deployed in the five popular online learning services using a web proxy to analyze the packets transferred between streaming server and web browser for a streaming service. Our experimental results show that one service out of five was vulnerable to password stealing attacks; three services were vulnerable to URL guessing attacks; and two services were vulnerable to cookie cloning attacks. All the websites tested were vulnerable to at least one attack.

Inferring user activities on KakaoTalk with traffic analysis

박경원 성균관대학교 일반대학원 2017 국내석사

Many people started being concerned about their privacy in delivering private chats, photographs, contacts and other personal information through mobile instant messaging services. Fortunately, in the majority of mobile instant messaging services, encrypted communication channels (e.g., using the SSL/TLS protocols) are used by default to protect delivered messages against eavesdropping attacks. In this paper, however, we show that encryption is not enough. For example, in a real-world service named KakaoTalk, many users’ online activities can effectively be identified with 99.7% accuracy even though traffic is encrypted. We present a practical traffic analysis attack using a supervised machine learning technique.

Identification of JAK2 inhibitors for sensitization of P-gp overexpressing KBV20C cells through libraries screening with protease inhibitors and epigenetic target drugs

천지현 성균관대학교 일반대학원 2017 국내석사

The drug-efflux ability of P-glycoprotein (P-gp) is one of the major mechanisms for multidrug resistance. Overexpression of P-gp on the membranes of cancer cells reduces the efficacy of chemotherapeutic drugs, and is a major obstacle in cancer chemotherapy. Commercially available proteasome inhibitors and epigenetic target drug libraries, which include 53 and 128 compounds, respectively, were used to treat P-gp overexpressing cancer cells. Co-treatment with selective JAK2 inhibitors showed high sensitization of the KBV20C-resistant cell line to vincristine (VCR) treatment. The purpose of this study, in view of a more detailed analysis of such JAK2 inhibitors, was to investigate how they increase the sensitivity of P-gp overexpressing, drug-resistant KBV20C cancer cells to chemotherapeutic drugs. Using fluorescence-activated cell sorting (FACS) analysis, western-blot analysis, and annexin V-FITC/PI staining, it was found that the JAK2 inhibitors similarly sensitized VCR-treated KBV20C cells via apoptosis and G2/M arrest. However, JAK2 inhibitor-induced sensitization was not observed in VCR-treated sensitive KB parent cells, suggesting that these effects are specific to resistant cancer cells. Furthermore, the underlying mechanisms of JAK2 inhibitors in sensitization of VCR-treated KBV20C cells were investigated. The sensitization mechanisms of JAK2 inhibitors were mainly dependent on the inhibition of P-gp. In the docking modeling analysis, JAK2 inhibitors showed high binding-affinity docking scores against a P-gp member. Collectively, inhibition of P-gp by JAK2 inhibitors increased the VCR sensitivity in P-gp overexpressing cancer cells through increased apoptosis and G2 arrest. These findings indicate that JAK2 inhibitors may be promising candidates for the treatment of patients resistant to anti-mitotic drugs.

Detecting device spoofing attacks using their network characteristics

유재관 성균관대학교 일반대학원 2017 국내석사

This paper presents a spoofing attack detection framework using devices’ physical network characteristics such as received signal strength indicator (RSSI) that cannot easily be mimicked by artificial means in contrast with devices’ network identifiers (e.g., MAC or IP addresses) that can be modified. Unlike previous proposals using the signal strength information reported by multiple access points, we propose a spoofing attack detection method based on a single access point, which seems fitted well in small home networks. To improve the detection accuracy, we particularly develop a modified Dynamic Time Warping (DTW) algorithm which is typically used in aligning two time series. The proposed framework can monitor devices’ physical network characteristics in real time and check if any significant changes have been made in the monitored measurements to effectively detect device spoofing attacks. To demonstrate how our implementation is, we intensively tested the proposed framework for wireless networks based on ZigBee. As a result of our experiments, we achieve high detection accuracy rates of over 90% when spoofing devices are located at more than five meters apart from a verifier.

Anti-human Papillomavirus (HPV) and Anticancer Activities of the Compounds Isolated from Eisenia bicyclis

김은빈 성균관대학교 일반대학원 2016 국내석사

Eisenia bicyclis (Kjellman) Setchell is an edible perennial brown alga and belongs to the family Lessoniaceae in the order Laminariales. E. bicyclis is distributed along the coasts of Japan and Korea. Previous studies on E. bicyclis have investigated several biological activities including anti-inflammation, antioxidant, anti-diabetic and neuroprotective effects. We have found that the EtOH extract of E. bicyclis has anti-viral activity against human papillomavirus (HPV) and anti-cancer activity against HeLa human cervical cancer cell lines. E. bicyclis was extracted with EtOH. The EtOH extract was suspended in distilled water, and then consecutively partitioned with CH2Cl2, EtOAc and n-BuOH to give CH2Cl2, EtOAc, n-BuOH and H2O fractions. The anti-viral activity of the extract and solvent fractions was evaluated by using bioluminescence (SEAP) assay on HPV16 PVs infected 293TT cells. Among these fractions, the CH2Cl2 and EtOAc fractions showed comparatively higher activity than other fractions. Anticancer activity of the extract and solvent fractions was evaluated by using MTT assay against HeLa cell. The EtOAc fraction showed significantly higher activity than other fractions. The CH2Cl2 and EtOAc fractions were subjected to column chromatographic separation so that we isolated nine (1~9) including a new phlorotannin (3) and four (10~13) compounds from the EtOAc and CH2¬Cl2 fractions, respectively. Their structure were determined as phloroglucinol (1), eckol (2), 8,8’-biekcol (4), eckostolonol (7), phlorofucofuroeckol B (8), phlorofucofuroeckol A (9), ecklonialactone B (10), palmitic acid (11) and fucosterol (13) on the basis of spectroscopic analysis. The structure of a new phlorotannin, named bicyclol A, was proposed as 4,9-bis(3,5-dihydroxyphenoxy)dibenzo[b,e][1,4]dioxine-1,3,6,8-teraol (3) by spectroscopic analysis. Among the isolated compounds, compounds 1, 6 and 9 exhibited 63~73% reduction of HPV16 PVs at concentration 50 μg/ml. Compounds 2 and 6 showed moderate cytotoxicity with IC50 values 84.91 and 145 μg/ml, respectively. Compounds 12 and 13 isolated from the CH2Cl2 fraction, revealed cytotoxicity with IC50 values of 162.30 and 154.54 μg/ml against HeLa cell, respectively. Compound 6 showed significant anti-HPV viral and anticancer activities simultaneously.

A study on data protection on the cloud system

송영배 성균관대학교 일반대학원 2015 국내석사

This paper presents Encrypted Cloud (EnCloud), a system designed for providing end-to-end encryption between cloud applications to facilitate their operation and enable users trust in providers. EnCloud relieves end-users’' privacy concerns about the data stored in cloud services so that the private data are securely stored on the cloud server in an encrypted form while the data owner’'s EnCloud applications are only allowed to decrypt the encrypted data. To show the feasibility of EnCloud, we implemented a prototype for Dropbox. The experimental results of the prototype demonstrate that the additional time delay incurred by EnCloud operations is acceptable (within 11.5% of the total execution-time).