-
公开(公告)号:KR101704703B1
公开(公告)日:2017-02-08
申请号:KR1020160070758
申请日:2016-06-08
Applicant: (주)케이사인 , 숭실대학교산학협력단
CPC classification number: G06F21/14 , G06F8/40 , G06F8/74 , G06F21/60 , G06F2211/007 , G06F8/41 , G06F21/602
Abstract: 애플리케이션코드은닉장치는애플리케이션코드를중요코드및 중요코드이외의일반코드로분리하는중요코드분리부, 중요코드를호출하기위한중요코드호출기를생성하는중요코드호출기생성부, 중요코드를분석하는코드분석부, 중요코드에대응하는더미코드를생성하는더미코드생성부, 중요코드를암호화하는코드암호화부, 더미코드및 암호화된중요코드를배치시키고, 더미코드및 암호화된중요코드의위치정보를생성하는코드배치부, 암호화된중요코드를복호화하기위한코드복호화기를생성하는코드복호화기생성부, 복호화된중요코드및 더미코드를메모리에적재하는로더를생성하는로더생성부, 메모리에적재된복호화된중요코드를호출하기위한복호화된코드호출기를생성하는복호화된코드호출기생성부및 복호화된중요코드의실행과정에서, 더미코드및 실행된중요코드를메모리에서해제하는언로더를생성하는언로더생성부를포함한다.
-
公开(公告)号:KR101642252B1
公开(公告)日:2016-07-25
申请号:KR1020160074459
申请日:2016-06-15
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/563 , G06F21/44 , H04L63/14
Abstract: 본발명은이미지리소스파일을이용한모바일응용프로그램위변조탐지장치및 그방법에대한것이다. 본발명에따른이미지리소스파일을이용한모바일응용프로그램위변조탐지장치는실행파일로부터분리된일반코드를저장하는일반코드저장부; 상기실행파일로부터분리된핵심코드를저장하는핵심코드저장부; 상기핵심코드저장부에포함된이미지생성함수를이용하여상기핵심코드를이미지형태로변환한은닉데이터를생성하고, 상기생성된은닉데이터를상기이미지리소스파일에저장된이미지데이터에은닉하는데이터은닉부; 상기일반코드저장부와상기이미지리소스파일을리빌드하여상기모바일응용프로그램을재생성하는모바일응용프로그램재생성부; 상기재생성된모바일응용프로그램이실행되면, 상기일반코드저장부에포함된코드추출함수를이용하여상기은닉데이터로부터핵심코드를추출하고추출된핵심코드를메모리에로딩하는실행부; 및상기재생성된모바일응용프로그램의정보를이용하여동적이미지를생성하고, 상기생성된동적이미지와상기이미지리소스파일을이용하여최종이미지를생성하는이미지생성부를포함한다.
Abstract translation: 本发明涉及一种用于通过使用图像资源文件来检测移动应用的篡改的装置及其方法。 用于通过使用根据本发明的图像资源文件来检测移动应用的篡改的装置包括:一般代码存储单元,用于存储与可执行文件分离的一般代码; 核心代码存储单元,用于存储与可执行文件分离的核心代码; 数据隐藏单元,用于产生通过使用包含在核心码存储单元中的图像生成功能将核心码转换为图像形式而导出的隐藏数据,以及将生成的隐藏数据隐藏在存储在图像资源文件中的图像数据中; 移动应用再生单元,用于通过重建所述通用代码存储单元和所述图像资源文件来再生所述移动应用; 执行单元,用于通过使用包括在通用代码存储单元中的代码提取功能从隐藏数据中提取核心代码,并且在执行再生的移动应用程序时将提取的核心代码加载到存储器中; 以及图像生成单元,用于通过使用再生移动应用的信息来生成动态图像,并且通过使用所生成的动态图像和图像资源文件来生成最终图像。
-
公开(公告)号:KR101566142B1
公开(公告)日:2015-11-06
申请号:KR1020150002937
申请日:2015-01-08
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/602 , G06F21/14 , G06F21/44 , G06F21/6209 , H04L63/0876
Abstract: 본발명은사용자단말기및 그것을이용한응용프로그램의핵심코드보호방법에관한것으로, 본발명의일 실시예에따른응용프로그램의핵심코드를보호하기위한사용자단말기는상기응용프로그램의핵심코드인증시, 상기응용프로그램의핵심코드파일을저장하고있는주변기기로부터상기핵심코드파일을수신하는통신부, 상기수신한핵심코드파일을암호화하여상기주변기기로전송하고, 상기응용프로그램이실행될때 상기주변기기로부터상기암호화된핵심코드파일을수신하여복호화하는암복호화부, 그리고복호화된상기핵심코드파일과상기사용자단말기에설치된상기응용프로그램의일반코드파일을이용하여상기응용프로그램을실행하는실행부를포함한다. 이와같이본 발명에의하면, 응용프로그램의일반코드파일과핵심코드파일을사용자단말기및 사용자단말기와통신수행이가능한주변기기에각각저장하여응용프로그램의핵심코드를역공학공격으로부터보호할수 있다.
Abstract translation: 本发明涉及一种用户终端和一种通过使用该终端来保护应用程序的核心代码的方法。 根据本发明的一个实施例的用于保护应用程序的核心代码的用户终端包括:通信单元,用于在存储应用程序的核心代码文件的外围设备中接收核心代码,当验证核心代码的核心代码时 应用程序; 加密和解密单元,用于加密所接收的核心码文件,然后将其发送到外围设备,在执行应用程序时从周边设备接收加密的核心码文件,并解密加密的核心码文件; 以及执行单元,用于通过使用解密的核心码文件和安装在用户终端中的一般代码文件来执行应用程序。 根据如上所述的本发明,可以将应用程序的一般代码文件和核心代码文件存储在能够与用户终端进行通信的用户终端和周边设备中,从而可以 保护应用程序的核心代码免受逆向工程攻击。
-
Patent Agency Ranking
公开(公告)号:KR101350390B1
公开(公告)日:2014-01-16
申请号:KR1020130096514
申请日:2013-08-14
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/14 , G06F21/125 , G06F2221/0748
Abstract: The present invention relates to an apparatus for code obfuscation and a method for the same. The apparatus for code obfuscation of the present invention comprises: an input unit for receiving executable codes of an Android application; a code structure analyzer for analyzing the inputted executable codes to divide into important codes, needed to be protected from application falsification attacks, and general codes except the important codes; a Dalvik to C code converter for converting the important codes into C codes to generate native codes; an obfuscator for obfuscating the native codes and the general codes; a self code protector for each adding falsification detection codes to the obfuscated native codes to encrypt the native codes and each adding loading routines to the encrypted native codes to generate the self-transformed native codes; a code combiner for combining the self-transformed native codes and the obfuscated general codes. According to the present invention, the apparatus reconfigures the important code part of an application to be obfuscated into a CPU command set and converts an important code from a managed code to a native code to eliminate structured code information, one among the reverse engineering vulnerabilities of the managed code, to obfuscate reverse engineering, thereby preventing the reverse engineering. Additionally, a self transformation-based code protection technique and a falsification detection technique are applied to the apparatus so as to protect an important code converted into a native code, thus improving resistance to reverse engineering analysis. [Reference numerals] (AA) Start; (BB) Managed code; (CC) Native code; (DD) End; (S210) Enter an execution code; (S220) Analyze the execution code to divide into important codes and general codes; (S230) Convert the important codes into C codes to generate native codes; (S240) Obfuscate the native codes; (S250) Add falsification detection codes to the obfuscated native codes to encrypt the native codes, and add loading routines to the encrypted native codes to generate self-transformed native codes; (S255) Obfuscate the general codes; (S260) Combine the self-transformed native codes and the obfuscated general codes; (S270) Transmit the combined self-transformed native codes and obfuscated general codes to a client
Abstract translation: 本发明涉及一种用于代码混淆的装置及其方法。 本发明的用于代码混淆的装置包括:用于接收Android应用的可执行代码的输入单元; 一种代码结构分析器,用于分析输入的可执行代码以分成需要被保护以防止应用程序伪造攻击的重要代码,以及除重要代码之外的一般代码; Dalvik至C代码转换器,用于将重要代码转换为C代码以生成本机代码; 用于模糊本地代码和一般代码的混淆器; 一个自我代码保护器,用于每个将伪造检测码添加到模糊的本机代码以加密本地代码,并且每个向加密的本机代码添加加载例程以生成自变换的本机代码; 用于组合自变换本机代码和混淆的一般代码的代码组合器。 根据本发明,该装置将应用程序的重要代码部分重新配置为模糊化为CPU命令集,并将重要代码从托管代码转换为本地代码,以消除结构化代码信息,一个是逆向工程漏洞 托管代码,模糊反向工程,从而防止逆向工程。 另外,将基于自变换的代码保护技术和伪造检测技术应用于设备,以便保护转换成本地代码的重要代码,从而提高对逆向工程分析的抵抗力。 (附图标记)(AA)开始; (BB)托管代码; (CC)本地代码; (DD)结束; (S210)输入执行码; (S220)分析执行代码,分为重要代码和一般代码; (S230)将重要代码转换为C代码生成本地代码; (S240)混淆本地代码; (S250)将伪造检测码添加到模糊的本地代码中以加密本地代码,并将加载例程添加到加密的本机代码以生成自变换的本机代码; (S255)模糊一般代码; (S260)组合自变换本机代码和混淆的一般代码; (S270)将组合的自变换本机代码和模糊化的一般代码发送给客户端
-
公开(公告)号:KR1020120121429A
公开(公告)日:2012-11-06
申请号:KR1020110038900
申请日:2011-04-26
Applicant: 숭실대학교산학협력단
CPC classification number: H04W12/04 , H04L9/0841 , H04L2209/80
Abstract: PURPOSE: A method for sharing a session key between wireless communication devices using a variable length of an authentication code is provided to increase usability in a state that an authentication method through an OOB(out-of-band) channel is used by using a short length of an authentication code. CONSTITUTION: A public key is generated using its own private key(S211,S212). A message including the public key and a first random number is generated(S215,S216). The message is encrypted by its own secret key(S217,S218). The message is exchanged with the encrypted message of an another party's terminal(S219). The encrypted message of another party's terminal is decoded by receiving a secret key of another party's terminal(S221-S224). An authentication ode is generated by calculating the first random number and a second random number(S226,S227). A parameter value is calculated from the authentication code(S228,S229). A session key is generated using the public key of another party's terminal included in the decoded message(S230,S231). [Reference numerals] (AA) ; (BB) ; (CC) Checking of OA=OB; (S211) Generation of a public key(PKA) using a private key(a); (S212) Generation of a public key(PKB) using a private key(b); (S213) Selection of a random number(NA) and a secret key(SKA); (S214) Selection of a random number(NB) and a secret key(SKB); (S215) Message generation(mA); (S216) Message generation(mB); (S217) Encoding the message(mA) using the secret key(SKA); (S218) Encoding the message(mB) using the secret key(SKB); (S219) Encoded message exchange; (S220) Secret key transmission; (S221) Decoding of an encoded message using the secrete key(SKA); (S222) Reflective offensive verification value(0) checking in the decoded message(m"A); (S223) Secrete key transmission; (S224) Decoding of an encoded message using the secrete key(SKB); (S225) Reflective offensive verification value(1) checking in the decoded message(m"B); (S226) Authentication code(CVA) generation; (S227) Authentication code(CVB) generation; (S228) Parameter(OA) generation; (S229) Parameter(OB) generation; (S230) Session key(KAB) generation using the public key(KPB); (S231) Session key(KAB) generation using the public key(KPA)
Abstract translation: 目的:提供一种在使用认证码的可变长度的无线通信设备之间共享会话密钥的方法,以便在通过使用短消息使用通过OOB(带外)信道的认证方法的状态来提高可用性 验证码的长度。 构成:使用自己的私钥生成公钥(S211,S212)。 产生包括公钥和第一随机数的消息(S215,S216)。 消息由其自己的密钥加密(S217,S218)。 消息与另一方的终端的加密消息交换(S219)。 通过接收另一方的终端的秘密密钥对另一方的终端的加密消息进行解码(S221〜S224)。 通过计算第一随机数和第二随机数来生成认证o(S226,S227)。 从认证码计算参数值(S228,S229)。 使用包含在解码消息中的另一方的终端的公开密钥生成会话密钥(S230,S231)。 (附图标记)(AA)<第一端>; (BB)<第二终端>; (CC)检查OA = OB; (S211)使用私钥(a)生成公钥(PKA); (S212)使用私钥(b)生成公钥(PKB); (S213)选择随机数(NA)和秘密密钥(SKA); (S214)选择随机数(NB)和秘密密钥(SKB); (S215)消息生成(mA); (S216)消息生成(mB); (S217)使用秘密密钥(SKA)对消息(mA)进行编码; (S218)使用秘密密钥(SKB)对消息(mB)进行编码; (S219)编码消息交换; (S220)秘密密钥传输; (S221)使用分离密钥(SKA)对编码消息进行解码; (S222)解码消息(m“A)中的反射进攻验证值(0);(S223)分密密钥传输;(S224)使用分离密钥(SKB)对编码消息进行解码;(S225)反射攻击性验证 值(1)检查解码消息(m“B); (S226)认证码(CVA)生成; (S227)认证码(CVB)生成; (S228)参数(OA)生成; (S229)参数(OB)生成; (S230)使用公钥(KPB)的会话密钥(KAB)生成; (S231)使用公钥(KPA)生成会话密钥(KAB)
-
公开(公告)号:KR101175042B1
公开(公告)日:2012-08-17
申请号:KR1020110116955
申请日:2011-11-10
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/31 , G06F3/04886 , G06F21/36 , G06F21/556 , G06F2221/2115 , G06F2221/2117 , H04L9/3226 , H04L63/08 , H04W12/06 , G06F21/30 , G06F17/30876 , G06F21/46 , H04L9/32 , H04W12/08
Abstract: PURPOSE: A password authentication method of a user terminal and an apparatus thereof are provided to protect password information leakage from the third party by indirectly inputting a password through an authentication interface. CONSTITUTION: A setting unit(210) includes a password included in a keypad window and an image window overlapped with the keypad window. The setting unit receives an ID image and the password from a user. A window moving unit(220) moves the keypad window or the image window according to an operation of the user. A password determining unit(230) determines whether to overlap the keys corresponding to the password and an identifying image.
Abstract translation: 目的:提供用户终端的密码认证方法及其装置,通过认证接口间接输入密码来保护密码信息泄漏。 构成:设置单元(210)包括键盘窗口中包含的密码和与键盘窗口重叠的图像窗口。 设置单元从用户接收ID图像和密码。 窗户移动单元(220)根据用户的操作移动小键盘窗口或图像窗口。 密码确定单元(230)确定是否与对应于密码的密钥和识别图像重叠。
-
公开(公告)号:KR101157072B1
公开(公告)日:2012-06-21
申请号:KR1020110119698
申请日:2011-11-16
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/36 , G06F3/0486 , G06F21/31
Abstract: PURPOSE: A method and an apparatus for authenticating password of a user device are provided to prevent the exposure of password information. CONSTITUTION: A password icon corresponding to password among a plurality of icons and the traveling direction of the password icon are set(S100). The icons are successively carried according to the operation of a user(S110). If the traveling direction of the password icon and password icon are successively conformed, a password authentication device certifies password(S130).
Abstract translation: 目的:提供用于认证用户设备密码的方法和装置,以防止密码信息的暴露。 构成:设置与多个图标中的密码对应的密码图标和密码图标的行进方向(S100)。 这些图标根据用户的操作依次进行(S110)。 如果依次符合密码图标和密码图标的行进方向,密码认证装置证明密码(S130)。
-
公开(公告)号:KR1020110101784A
公开(公告)日:2011-09-16
申请号:KR1020100021029
申请日:2010-03-09
Applicant: 한국전자통신연구원 , 숭실대학교산학협력단
CPC classification number: H04N7/17318 , H04L9/083 , H04N21/25816 , H04N21/4181 , H04N21/63345 , H04N21/64322 , H04N21/8193
Abstract: 본 발명은 컨텐츠 보안 장치 및 방법에 관한 것으로, 특히 IPTV(Interent Protocol Television, 이하'IPTV 라 칭하기로 함.) 서비스 환경에서 컨텐츠 보안 장치 및 방법에 관한 것이다.
본 발명의 실시 예에 따른 IPTV 서비스 환경에서 컨텐츠 보안 시스템은, 댁내에 존재하는 단말들을 셋탑박스에 등록하고, 상기 단말들의 등록 요청 메시지를 상기 IPTV 서비스 제공자의 서버에 송신하고, 상기 등록 요청 메시지에 포함된 분배키를 미리 결정된 방법을 이용하여 제 1 분배키와 제 2 분배키로 분할하고, 상기 제 1 분배키를 상기 셋탑박스로 전송하고, 상기 제 2 분배키를 메시지 생성부로 전송하며, 기 제 2 분배키를 이용하여 메시지를 생성하고, 상기 생성한 메시지를 상기 셋탑박스로 전송하고, 상기 제 1 분배키를 이용하여 상기 전송된 메시지를 복호화하여 상기 서비스키를 복원하며, 상기 복원된 서비스키 이용하여 제어워드를 복원하고, 상기 복원된 제어워드를 이용하여 상기 암호화된 방송 컨텐츠를 복호함을 특징으로 한다.
-
-
-
-
-
-
-
Search Results
58
records
(took 0.025 seconds)
