-
公开(公告)号:KR101825402B1
公开(公告)日:2018-02-06
申请号:KR1020170028049
申请日:2017-03-06
Applicant: 올댓소프트 코. , 숭실대학교산학협력단
IPC: G06F21/42
CPC classification number: G06F21/42 , G06F21/45 , G06F21/6245
Abstract: 모바일장치는앱 컨테이너를포함한다. 상기앱 컨테이너는분리모듈및 인증코드매니저를포함한다. 상기분리모듈은제1 모드에서애플리케이션코드를수신하여상기애플리케이션코드의제1 코드를분리하여인증코드를생성하고, 상기인증코드를외부기기로출력한다. 상기인증코드매니저는제2 모드에서상기외부기기와의연결여부를확인하고상기외부기기와연결된경우, 상기외부기기로부터상기인증코드를수신하여상기애플리케이션이실행될수 있도록한다.
Abstract translation: 移动设备包括应用程序容器。 应用程序容器包括分离模块和认证码管理器。 分离模块在第一模式下接收应用程序代码,分离应用程序代码的第一代码以生成认证代码,并将认证代码输出到外部装置。 认证码管理器由所述应用程序接收的认证码被执行,如果该连接,以确定所述外部设备是否与在所述第二模式连接到外部设备从所述外部装置。
-
公开(公告)号:KR101704703B1
公开(公告)日:2017-02-08
申请号:KR1020160070758
申请日:2016-06-08
Applicant: (주)케이사인 , 숭실대학교산학협력단
CPC classification number: G06F21/14 , G06F8/40 , G06F8/74 , G06F21/60 , G06F2211/007 , G06F8/41 , G06F21/602
Abstract: 애플리케이션코드은닉장치는애플리케이션코드를중요코드및 중요코드이외의일반코드로분리하는중요코드분리부, 중요코드를호출하기위한중요코드호출기를생성하는중요코드호출기생성부, 중요코드를분석하는코드분석부, 중요코드에대응하는더미코드를생성하는더미코드생성부, 중요코드를암호화하는코드암호화부, 더미코드및 암호화된중요코드를배치시키고, 더미코드및 암호화된중요코드의위치정보를생성하는코드배치부, 암호화된중요코드를복호화하기위한코드복호화기를생성하는코드복호화기생성부, 복호화된중요코드및 더미코드를메모리에적재하는로더를생성하는로더생성부, 메모리에적재된복호화된중요코드를호출하기위한복호화된코드호출기를생성하는복호화된코드호출기생성부및 복호화된중요코드의실행과정에서, 더미코드및 실행된중요코드를메모리에서해제하는언로더를생성하는언로더생성부를포함한다.
-
公开(公告)号:KR101642252B1
公开(公告)日:2016-07-25
申请号:KR1020160074459
申请日:2016-06-15
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/563 , G06F21/44 , H04L63/14
Abstract: 본발명은이미지리소스파일을이용한모바일응용프로그램위변조탐지장치및 그방법에대한것이다. 본발명에따른이미지리소스파일을이용한모바일응용프로그램위변조탐지장치는실행파일로부터분리된일반코드를저장하는일반코드저장부; 상기실행파일로부터분리된핵심코드를저장하는핵심코드저장부; 상기핵심코드저장부에포함된이미지생성함수를이용하여상기핵심코드를이미지형태로변환한은닉데이터를생성하고, 상기생성된은닉데이터를상기이미지리소스파일에저장된이미지데이터에은닉하는데이터은닉부; 상기일반코드저장부와상기이미지리소스파일을리빌드하여상기모바일응용프로그램을재생성하는모바일응용프로그램재생성부; 상기재생성된모바일응용프로그램이실행되면, 상기일반코드저장부에포함된코드추출함수를이용하여상기은닉데이터로부터핵심코드를추출하고추출된핵심코드를메모리에로딩하는실행부; 및상기재생성된모바일응용프로그램의정보를이용하여동적이미지를생성하고, 상기생성된동적이미지와상기이미지리소스파일을이용하여최종이미지를생성하는이미지생성부를포함한다.
Abstract translation: 本发明涉及一种用于通过使用图像资源文件来检测移动应用的篡改的装置及其方法。 用于通过使用根据本发明的图像资源文件来检测移动应用的篡改的装置包括:一般代码存储单元,用于存储与可执行文件分离的一般代码; 核心代码存储单元,用于存储与可执行文件分离的核心代码; 数据隐藏单元,用于产生通过使用包含在核心码存储单元中的图像生成功能将核心码转换为图像形式而导出的隐藏数据,以及将生成的隐藏数据隐藏在存储在图像资源文件中的图像数据中; 移动应用再生单元,用于通过重建所述通用代码存储单元和所述图像资源文件来再生所述移动应用; 执行单元,用于通过使用包括在通用代码存储单元中的代码提取功能从隐藏数据中提取核心代码,并且在执行再生的移动应用程序时将提取的核心代码加载到存储器中; 以及图像生成单元,用于通过使用再生移动应用的信息来生成动态图像,并且通过使用所生成的动态图像和图像资源文件来生成最终图像。
-
公开(公告)号:KR101566142B1
公开(公告)日:2015-11-06
申请号:KR1020150002937
申请日:2015-01-08
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/602 , G06F21/14 , G06F21/44 , G06F21/6209 , H04L63/0876
Abstract: 본발명은사용자단말기및 그것을이용한응용프로그램의핵심코드보호방법에관한것으로, 본발명의일 실시예에따른응용프로그램의핵심코드를보호하기위한사용자단말기는상기응용프로그램의핵심코드인증시, 상기응용프로그램의핵심코드파일을저장하고있는주변기기로부터상기핵심코드파일을수신하는통신부, 상기수신한핵심코드파일을암호화하여상기주변기기로전송하고, 상기응용프로그램이실행될때 상기주변기기로부터상기암호화된핵심코드파일을수신하여복호화하는암복호화부, 그리고복호화된상기핵심코드파일과상기사용자단말기에설치된상기응용프로그램의일반코드파일을이용하여상기응용프로그램을실행하는실행부를포함한다. 이와같이본 발명에의하면, 응용프로그램의일반코드파일과핵심코드파일을사용자단말기및 사용자단말기와통신수행이가능한주변기기에각각저장하여응용프로그램의핵심코드를역공학공격으로부터보호할수 있다.
Abstract translation: 本发明涉及一种用户终端和一种通过使用该终端来保护应用程序的核心代码的方法。 根据本发明的一个实施例的用于保护应用程序的核心代码的用户终端包括:通信单元,用于在存储应用程序的核心代码文件的外围设备中接收核心代码,当验证核心代码的核心代码时 应用程序; 加密和解密单元,用于加密所接收的核心码文件,然后将其发送到外围设备,在执行应用程序时从周边设备接收加密的核心码文件,并解密加密的核心码文件; 以及执行单元,用于通过使用解密的核心码文件和安装在用户终端中的一般代码文件来执行应用程序。 根据如上所述的本发明,可以将应用程序的一般代码文件和核心代码文件存储在能够与用户终端进行通信的用户终端和周边设备中,从而可以 保护应用程序的核心代码免受逆向工程攻击。
-
公开(公告)号:KR101350390B1
公开(公告)日:2014-01-16
申请号:KR1020130096514
申请日:2013-08-14
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/14 , G06F21/125 , G06F2221/0748
Abstract: The present invention relates to an apparatus for code obfuscation and a method for the same. The apparatus for code obfuscation of the present invention comprises: an input unit for receiving executable codes of an Android application; a code structure analyzer for analyzing the inputted executable codes to divide into important codes, needed to be protected from application falsification attacks, and general codes except the important codes; a Dalvik to C code converter for converting the important codes into C codes to generate native codes; an obfuscator for obfuscating the native codes and the general codes; a self code protector for each adding falsification detection codes to the obfuscated native codes to encrypt the native codes and each adding loading routines to the encrypted native codes to generate the self-transformed native codes; a code combiner for combining the self-transformed native codes and the obfuscated general codes. According to the present invention, the apparatus reconfigures the important code part of an application to be obfuscated into a CPU command set and converts an important code from a managed code to a native code to eliminate structured code information, one among the reverse engineering vulnerabilities of the managed code, to obfuscate reverse engineering, thereby preventing the reverse engineering. Additionally, a self transformation-based code protection technique and a falsification detection technique are applied to the apparatus so as to protect an important code converted into a native code, thus improving resistance to reverse engineering analysis. [Reference numerals] (AA) Start; (BB) Managed code; (CC) Native code; (DD) End; (S210) Enter an execution code; (S220) Analyze the execution code to divide into important codes and general codes; (S230) Convert the important codes into C codes to generate native codes; (S240) Obfuscate the native codes; (S250) Add falsification detection codes to the obfuscated native codes to encrypt the native codes, and add loading routines to the encrypted native codes to generate self-transformed native codes; (S255) Obfuscate the general codes; (S260) Combine the self-transformed native codes and the obfuscated general codes; (S270) Transmit the combined self-transformed native codes and obfuscated general codes to a client
Abstract translation: 本发明涉及一种用于代码混淆的装置及其方法。 本发明的用于代码混淆的装置包括:用于接收Android应用的可执行代码的输入单元; 一种代码结构分析器,用于分析输入的可执行代码以分成需要被保护以防止应用程序伪造攻击的重要代码,以及除重要代码之外的一般代码; Dalvik至C代码转换器,用于将重要代码转换为C代码以生成本机代码; 用于模糊本地代码和一般代码的混淆器; 一个自我代码保护器,用于每个将伪造检测码添加到模糊的本机代码以加密本地代码,并且每个向加密的本机代码添加加载例程以生成自变换的本机代码; 用于组合自变换本机代码和混淆的一般代码的代码组合器。 根据本发明,该装置将应用程序的重要代码部分重新配置为模糊化为CPU命令集,并将重要代码从托管代码转换为本地代码,以消除结构化代码信息,一个是逆向工程漏洞 托管代码,模糊反向工程,从而防止逆向工程。 另外,将基于自变换的代码保护技术和伪造检测技术应用于设备,以便保护转换成本地代码的重要代码,从而提高对逆向工程分析的抵抗力。 (附图标记)(AA)开始; (BB)托管代码; (CC)本地代码; (DD)结束; (S210)输入执行码; (S220)分析执行代码,分为重要代码和一般代码; (S230)将重要代码转换为C代码生成本地代码; (S240)混淆本地代码; (S250)将伪造检测码添加到模糊的本地代码中以加密本地代码,并将加载例程添加到加密的本机代码以生成自变换的本机代码; (S255)模糊一般代码; (S260)组合自变换本机代码和混淆的一般代码; (S270)将组合的自变换本机代码和模糊化的一般代码发送给客户端
-
Patent Agency Ranking
公开(公告)号:KR1020120121429A
公开(公告)日:2012-11-06
申请号:KR1020110038900
申请日:2011-04-26
Applicant: 숭실대학교산학협력단
CPC classification number: H04W12/04 , H04L9/0841 , H04L2209/80
Abstract: PURPOSE: A method for sharing a session key between wireless communication devices using a variable length of an authentication code is provided to increase usability in a state that an authentication method through an OOB(out-of-band) channel is used by using a short length of an authentication code. CONSTITUTION: A public key is generated using its own private key(S211,S212). A message including the public key and a first random number is generated(S215,S216). The message is encrypted by its own secret key(S217,S218). The message is exchanged with the encrypted message of an another party's terminal(S219). The encrypted message of another party's terminal is decoded by receiving a secret key of another party's terminal(S221-S224). An authentication ode is generated by calculating the first random number and a second random number(S226,S227). A parameter value is calculated from the authentication code(S228,S229). A session key is generated using the public key of another party's terminal included in the decoded message(S230,S231). [Reference numerals] (AA) ; (BB) ; (CC) Checking of OA=OB; (S211) Generation of a public key(PKA) using a private key(a); (S212) Generation of a public key(PKB) using a private key(b); (S213) Selection of a random number(NA) and a secret key(SKA); (S214) Selection of a random number(NB) and a secret key(SKB); (S215) Message generation(mA); (S216) Message generation(mB); (S217) Encoding the message(mA) using the secret key(SKA); (S218) Encoding the message(mB) using the secret key(SKB); (S219) Encoded message exchange; (S220) Secret key transmission; (S221) Decoding of an encoded message using the secrete key(SKA); (S222) Reflective offensive verification value(0) checking in the decoded message(m"A); (S223) Secrete key transmission; (S224) Decoding of an encoded message using the secrete key(SKB); (S225) Reflective offensive verification value(1) checking in the decoded message(m"B); (S226) Authentication code(CVA) generation; (S227) Authentication code(CVB) generation; (S228) Parameter(OA) generation; (S229) Parameter(OB) generation; (S230) Session key(KAB) generation using the public key(KPB); (S231) Session key(KAB) generation using the public key(KPA)
Abstract translation: 目的:提供一种在使用认证码的可变长度的无线通信设备之间共享会话密钥的方法,以便在通过使用短消息使用通过OOB(带外)信道的认证方法的状态来提高可用性 验证码的长度。 构成:使用自己的私钥生成公钥(S211,S212)。 产生包括公钥和第一随机数的消息(S215,S216)。 消息由其自己的密钥加密(S217,S218)。 消息与另一方的终端的加密消息交换(S219)。 通过接收另一方的终端的秘密密钥对另一方的终端的加密消息进行解码(S221〜S224)。 通过计算第一随机数和第二随机数来生成认证o(S226,S227)。 从认证码计算参数值(S228,S229)。 使用包含在解码消息中的另一方的终端的公开密钥生成会话密钥(S230,S231)。 (附图标记)(AA)<第一端>; (BB)<第二终端>; (CC)检查OA = OB; (S211)使用私钥(a)生成公钥(PKA); (S212)使用私钥(b)生成公钥(PKB); (S213)选择随机数(NA)和秘密密钥(SKA); (S214)选择随机数(NB)和秘密密钥(SKB); (S215)消息生成(mA); (S216)消息生成(mB); (S217)使用秘密密钥(SKA)对消息(mA)进行编码; (S218)使用秘密密钥(SKB)对消息(mB)进行编码; (S219)编码消息交换; (S220)秘密密钥传输; (S221)使用分离密钥(SKA)对编码消息进行解码; (S222)解码消息(m“A)中的反射进攻验证值(0);(S223)分密密钥传输;(S224)使用分离密钥(SKB)对编码消息进行解码;(S225)反射攻击性验证 值(1)检查解码消息(m“B); (S226)认证码(CVA)生成; (S227)认证码(CVB)生成; (S228)参数(OA)生成; (S229)参数(OB)生成; (S230)使用公钥(KPB)的会话密钥(KAB)生成; (S231)使用公钥(KPA)生成会话密钥(KAB)
-
公开(公告)号:KR101175042B1
公开(公告)日:2012-08-17
申请号:KR1020110116955
申请日:2011-11-10
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/31 , G06F3/04886 , G06F21/36 , G06F21/556 , G06F2221/2115 , G06F2221/2117 , H04L9/3226 , H04L63/08 , H04W12/06 , G06F21/30 , G06F17/30876 , G06F21/46 , H04L9/32 , H04W12/08
Abstract: PURPOSE: A password authentication method of a user terminal and an apparatus thereof are provided to protect password information leakage from the third party by indirectly inputting a password through an authentication interface. CONSTITUTION: A setting unit(210) includes a password included in a keypad window and an image window overlapped with the keypad window. The setting unit receives an ID image and the password from a user. A window moving unit(220) moves the keypad window or the image window according to an operation of the user. A password determining unit(230) determines whether to overlap the keys corresponding to the password and an identifying image.
Abstract translation: 目的:提供用户终端的密码认证方法及其装置,通过认证接口间接输入密码来保护密码信息泄漏。 构成:设置单元(210)包括键盘窗口中包含的密码和与键盘窗口重叠的图像窗口。 设置单元从用户接收ID图像和密码。 窗户移动单元(220)根据用户的操作移动小键盘窗口或图像窗口。 密码确定单元(230)确定是否与对应于密码的密钥和识别图像重叠。
-
公开(公告)号:KR101157072B1
公开(公告)日:2012-06-21
申请号:KR1020110119698
申请日:2011-11-16
Applicant: 숭실대학교산학협력단
CPC classification number: G06F21/36 , G06F3/0486 , G06F21/31
Abstract: PURPOSE: A method and an apparatus for authenticating password of a user device are provided to prevent the exposure of password information. CONSTITUTION: A password icon corresponding to password among a plurality of icons and the traveling direction of the password icon are set(S100). The icons are successively carried according to the operation of a user(S110). If the traveling direction of the password icon and password icon are successively conformed, a password authentication device certifies password(S130).
Abstract translation: 目的:提供用于认证用户设备密码的方法和装置,以防止密码信息的暴露。 构成:设置与多个图标中的密码对应的密码图标和密码图标的行进方向(S100)。 这些图标根据用户的操作依次进行(S110)。 如果依次符合密码图标和密码图标的行进方向,密码认证装置证明密码(S130)。
-
公开(公告)号:KR1020080041975A
公开(公告)日:2008-05-14
申请号:KR1020070053741
申请日:2007-06-01
Applicant: 한국전자통신연구원
Abstract: A method for producing a highly stable polymer actuator is provided to allow the use of a polymer actuator at a low temperature and even after treatment at an extremely high temperature. A method for producing a highly stable polymer actuator comprises: a step(S11) of preparing an ionic polymer/metal composite comprising metal electrodes plated on both surfaces of a conductive polymer membrane; a step(S12) of removing water from the conductive polymer membrane of the ionic polymer/metal composite; and a step(S13) of swelling the ionic polymer/metal composite in a polar solvent having a higher boiling point and a lower freezing point than water. The polar solvent includes propylene carbonate.
Abstract translation: 提供了一种制造高度稳定的聚合物致动器的方法,以允许在低温下甚至在极高温度下处理之后使用聚合物致动器。 制造高度稳定的聚合物致动器的方法包括:制备离子聚合物/金属复合物的步骤(S11),其包含镀在导电聚合物膜的两个表面上的金属电极; 从离子型聚合物/金属复合体的导电性聚合物膜除去水的工序(S12) 和在具有比水高的沸点和低冰点的极性溶剂中使离子聚合物/金属复合物膨胀的步骤(S13)。 极性溶剂包括碳酸亚丙酯。
-
60.发明授权비대칭 디설파이드 정착기를 가지는 분자 전자소자용화합물 및 그 제조 방법과 그 화합물로부터 얻어지는 분자활성층을 가지는 분자 전자소자 有权具有非对称无定形锚固组的分子电子装置的化合物及其合成,以及具有从化合物获得的分子活性层的分子电子装置
公开(公告)号:KR100799593B1
公开(公告)日:2008-01-30
申请号:KR1020070100796
申请日:2007-10-08
Applicant: 한국전자통신연구원
IPC: C07F15/02
CPC classification number: C07F17/02
Abstract: A compound for a molecular electronic device is provided to be adequately applied to embody a fine molecular electronic device in several tens of nanometer level. A molecular electronic device is provided to prevent the short-circuiting phenomenon caused by poor coverage due to having a molecular active layer with excellent coverage. A compound for a molecular electronic device consists of a ferrocene disulfide compound represented by the formula(1), wherein each R1 and R2 is respectively C1-20 saturated or unsaturated hydrocarbon which may be substituted or unsubstituted by F. A method for preparing the compound comprises the steps of: (a) subjecting ferrocene to mono-lithiation using tertiary butyl lithium; (b) reacting the mono-lithiated ferrocene with Br(CH2)mBr(m is an integer from 1 to 20) to synthesize a bromoalkyl ferrocene compound(alkyl is (CH2)m); and (c) preparing a ferrocene disulfide compound having a (CH2)m-S-S-(CH2)nCH3 group from the bromoalkyl ferrocene compound using sodium thiosulfate pentahydrate and alkane thiol(alkane is CH3(CH2)n(n is an integer from 1-19)). A molecular electronic device comprises a first electrode, a second electrode formed on the first electrode, and a molecular active layer which is interposed between the first electrode and the second electrode, and is characterized in that the molecular active layer has a structure of the compound for the molecular electronic device being self-assembled at the first electrode.
Abstract translation: 提供了一种用于分子电子器件的化合物,以适用于体现几十纳米级的细分子电子器件。 提供分子电子器件,以防止由于具有优异覆盖的分子活性层而导致的覆盖不良引起的短路现象。 用于分子电子器件的化合物由式(1)表示的二茂铁二硫化物化合物组成,其中每个R 1和R 2分别为可被F取代或未取代的C 1-20的饱和或不饱和烃。 包括以下步骤:(a)使用叔丁基锂对二茂铁进行单次锂化; (b)使单锂化二茂铁与Br(CH 2)m Br(m是1至20的整数)反应,合成溴烷基二茂铁化合物(烷基是(CH 2)m); 和(c)使用硫代硫酸五水合物和烷烃硫醇(烷烃为CH 3(CH 2)n(n为1-19的整数),由溴烷基二茂铁化合物制备具有(CH 2)mSS-(CH 2)n CH 3基团的二茂铁二硫化物 ))。 分子电子器件包括第一电极,形成在第一电极上的第二电极和介于第一电极和第二电极之间的分子活性层,其特征在于分子活性层具有化合物的结构 用于分子电子器件在第一电极处被自组装。
-
-
-
-
-
-
-
-
-
Search Results
76
records
(took 0.025 seconds)
