MiTumb is a future technology Tumbler that makes people drink much more water in every life. It is just small Idea so this is just an proto type about this product.
체질건강에 힘쓰시고 계신 민경택선생님은 페이스북 그룹을 운영하시면서 무료 체질감별을 해주고 계세요. 자신의 체질을 알고싶으신 분들 그룹 가입하셔서 정직한 사진과 함께 '나경나사2014 에서 보고 왔습니다. 저는 어떤 체질인가요?' 하며 살며시 여쭤보세요. 재배하기 어렵다는 유기농 인삼과 맞춤 산삼도 하신다고 하니 필요하신 분들 참고하세요~
This document summarizes research on inferring a driver's route using accelerometer data collected from their Apple Watch. The researchers designed a system with an application to collect accelerometer data from the watch and send it to an attacker's server. The extractor filters the raw data and calculates distance traveled. A turning detector uses machine learning algorithms to identify turns. A route drawer connects the locations to reconstruct the driver's route. Their experiments achieved 76-84% accuracy in inferring routes. The researchers conclude this is a privacy risk that shows sensitive information can be inferred through side-channel attacks using sensors.
MoLe: Motion Leaks through Smartwatch SensorsJoon Young Park
MoLe is a system that uses sensors in smartwatches to detect keystrokes by analyzing motion data during typing. It identifies keystroke-related movements using a bagged decision tree classifier and fits point clouds to determine centroids of typed characters. A Bayesian inference model incorporates sequential typing patterns and speed factors to assign probabilities to candidate words based on sensor observations. An evaluation with 8 subjects typing 300 words showed MoLe could guess words within the top 30% for 5 candidates and top 50% for 24 candidates. While sensor data leaks information, sampling rates can be reduced to mitigate these attacks. Wearables present both benefits and security risks that require consideration.
MACTANS: Injecting Malware into iOS Devices via Malicious ChargersJoon Young Park
Mactans is a proof-of-concept malicious charger that can inject malware into iOS devices via their charging port. It works by first obtaining the device's UDID to register it and generate a provisioning profile, allowing installation of apps signed by a non-Apple entity. The charger then replaces a legitimate app with a hidden, repackaged version containing malware. When launched, the malware executes before the original app. This attack highlights issues with iOS trusting any host device and the ease of provisioning profiles to install third-party apps without user interaction. Apple has since patched the vulnerabilities in iOS 7, but similar attacks may still target public charging stations or modified environments to infect devices stealthily.
Leave me alone; app level protection against runtime information gathering on...Joon Young Park
This document discusses runtime information gathering (RIG) attacks on Android and proposes an app-level protection called AppGuardian. It describes challenges in protecting against RIG attacks due to vague Android permissions and information leaked via /proc files. AppGuardian monitors app behavior and permissions to detect suspicious RIG attacks like phone call recording. It kills suspicious apps and restricts their actions until the user confirms them. Evaluation shows AppGuardian defeats known RIG attacks with minimal overhead on CPU, memory, and battery usage. The document concludes RIG is a serious threat and AppGuardian provides effective app-level protection.
체질건강에 힘쓰시고 계신 민경택선생님은 페이스북 그룹을 운영하시면서 무료 체질감별을 해주고 계세요. 자신의 체질을 알고싶으신 분들 그룹 가입하셔서 정직한 사진과 함께 '나경나사2014 에서 보고 왔습니다. 저는 어떤 체질인가요?' 하며 살며시 여쭤보세요. 재배하기 어렵다는 유기농 인삼과 맞춤 산삼도 하신다고 하니 필요하신 분들 참고하세요~
This document summarizes research on inferring a driver's route using accelerometer data collected from their Apple Watch. The researchers designed a system with an application to collect accelerometer data from the watch and send it to an attacker's server. The extractor filters the raw data and calculates distance traveled. A turning detector uses machine learning algorithms to identify turns. A route drawer connects the locations to reconstruct the driver's route. Their experiments achieved 76-84% accuracy in inferring routes. The researchers conclude this is a privacy risk that shows sensitive information can be inferred through side-channel attacks using sensors.
MoLe: Motion Leaks through Smartwatch SensorsJoon Young Park
MoLe is a system that uses sensors in smartwatches to detect keystrokes by analyzing motion data during typing. It identifies keystroke-related movements using a bagged decision tree classifier and fits point clouds to determine centroids of typed characters. A Bayesian inference model incorporates sequential typing patterns and speed factors to assign probabilities to candidate words based on sensor observations. An evaluation with 8 subjects typing 300 words showed MoLe could guess words within the top 30% for 5 candidates and top 50% for 24 candidates. While sensor data leaks information, sampling rates can be reduced to mitigate these attacks. Wearables present both benefits and security risks that require consideration.
MACTANS: Injecting Malware into iOS Devices via Malicious ChargersJoon Young Park
Mactans is a proof-of-concept malicious charger that can inject malware into iOS devices via their charging port. It works by first obtaining the device's UDID to register it and generate a provisioning profile, allowing installation of apps signed by a non-Apple entity. The charger then replaces a legitimate app with a hidden, repackaged version containing malware. When launched, the malware executes before the original app. This attack highlights issues with iOS trusting any host device and the ease of provisioning profiles to install third-party apps without user interaction. Apple has since patched the vulnerabilities in iOS 7, but similar attacks may still target public charging stations or modified environments to infect devices stealthily.
Leave me alone; app level protection against runtime information gathering on...Joon Young Park
This document discusses runtime information gathering (RIG) attacks on Android and proposes an app-level protection called AppGuardian. It describes challenges in protecting against RIG attacks due to vague Android permissions and information leaked via /proc files. AppGuardian monitors app behavior and permissions to detect suspicious RIG attacks like phone call recording. It kills suspicious apps and restricts their actions until the user confirms them. Evaluation shows AppGuardian defeats known RIG attacks with minimal overhead on CPU, memory, and battery usage. The document concludes RIG is a serious threat and AppGuardian provides effective app-level protection.
Delegation-based Authentication and Authorization for the IP-based IoTJoon Young Park
This paper proposes a delegation-based authentication and authorization scheme for IP-based IoT devices. It describes the DTLS protocol and its requirements that are challenging for resource-constrained devices. The paper presents a design where a delegation server performs the resource-intensive public-key operations during handshake and distributes session tickets for future authentication. Evaluation shows the design reduces computation, memory, and transmission overhead on IoT devices compared to directly using DTLS.
Lithe: Lightweight Secure CoAP for the Internet of ThingsJoon Young Park
Paper Survey.
Secure CoAP scheme for Internet of Things.
DTLS, 6LoWPAN
constrained environment.
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6576185
The document discusses security challenges for IoT devices and what is needed to secure them. It outlines the OWASP IoT top 10 vulnerabilities, including issues like lack of encryption, authentication, and insecure interfaces. Key challenges are devices having critical functions, long lifecycles, proprietary protocols, and operation outside typical security perimeters. The conclusion states security must be designed into IoT devices from the start.
This document defines electronic signatures and discusses how they work using public key infrastructure (PKI). It explains that electronic signatures involve hashing document contents, encrypting the hash with a private key, and including the encrypted hash and public key in a digital certificate. It describes risks like man-in-the-middle attacks and the role of certificate authorities in verifying identities and signatures. The document also outlines standard certificate formats, details the components of a certificate, and explains how improved signing procedures provide non-repudiation of signed documents.
This document discusses the RSA cryptosystem, including an overview of symmetric and asymmetric key algorithms, the founders of RSA, the RSA key generation algorithm in 5 steps, estimated times to crack RSA keys of different sizes, possible side-channel attacks on RSA, tutorials on implementing RSA, and references for further reading. It provides information on the basic concepts and implementation of the RSA cryptosystem.
SPINS: Security Protocols for Sensor NetworksJoon Young Park
This document summarizes a master's thesis on security protocols for sensor networks. It introduces SPINS, which defines requirements for data confidentiality, authentication, integrity, and freshness. It describes the SNEP, counter-exchanging, and μTESLA protocols. SNEP provides semantic security, authentication, and replay protection with low overhead. Counter-exchanging handles bootstrapping and re-synchronizing counters with nonces. μTESLA allows for authenticated broadcast from a base station to sensor nodes in an efficient way by disclosing authentication keys. The thesis evaluates the implementation and performance of these protocols.
This is about Location based SNS Flatform Business. It is for Travelers. Travelers can borrow tablet which has GPS, Maps and own SNS application. Many travelers can be helped by this tablet using GPS based map, Location based SNS information (such as place's view point, delicious foods..) and so on.
Delegation-based Authentication and Authorization for the IP-based IoTJoon Young Park
This paper proposes a delegation-based authentication and authorization scheme for IP-based IoT devices. It describes the DTLS protocol and its requirements that are challenging for resource-constrained devices. The paper presents a design where a delegation server performs the resource-intensive public-key operations during handshake and distributes session tickets for future authentication. Evaluation shows the design reduces computation, memory, and transmission overhead on IoT devices compared to directly using DTLS.
Lithe: Lightweight Secure CoAP for the Internet of ThingsJoon Young Park
Paper Survey.
Secure CoAP scheme for Internet of Things.
DTLS, 6LoWPAN
constrained environment.
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6576185
The document discusses security challenges for IoT devices and what is needed to secure them. It outlines the OWASP IoT top 10 vulnerabilities, including issues like lack of encryption, authentication, and insecure interfaces. Key challenges are devices having critical functions, long lifecycles, proprietary protocols, and operation outside typical security perimeters. The conclusion states security must be designed into IoT devices from the start.
This document defines electronic signatures and discusses how they work using public key infrastructure (PKI). It explains that electronic signatures involve hashing document contents, encrypting the hash with a private key, and including the encrypted hash and public key in a digital certificate. It describes risks like man-in-the-middle attacks and the role of certificate authorities in verifying identities and signatures. The document also outlines standard certificate formats, details the components of a certificate, and explains how improved signing procedures provide non-repudiation of signed documents.
This document discusses the RSA cryptosystem, including an overview of symmetric and asymmetric key algorithms, the founders of RSA, the RSA key generation algorithm in 5 steps, estimated times to crack RSA keys of different sizes, possible side-channel attacks on RSA, tutorials on implementing RSA, and references for further reading. It provides information on the basic concepts and implementation of the RSA cryptosystem.
SPINS: Security Protocols for Sensor NetworksJoon Young Park
This document summarizes a master's thesis on security protocols for sensor networks. It introduces SPINS, which defines requirements for data confidentiality, authentication, integrity, and freshness. It describes the SNEP, counter-exchanging, and μTESLA protocols. SNEP provides semantic security, authentication, and replay protection with low overhead. Counter-exchanging handles bootstrapping and re-synchronizing counters with nonces. μTESLA allows for authenticated broadcast from a base station to sensor nodes in an efficient way by disclosing authentication keys. The thesis evaluates the implementation and performance of these protocols.
This is about Location based SNS Flatform Business. It is for Travelers. Travelers can borrow tablet which has GPS, Maps and own SNS application. Many travelers can be helped by this tablet using GPS based map, Location based SNS information (such as place's view point, delicious foods..) and so on.