Detailed Information
Cited 40 time in 
Cited 56 time in 
Cited 56 time in
Metadata Downloads
Repackaging Attack on Android Banking Applications and Its Countermeasures
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Jung, Jin-Hyuk | - |
| dc.contributor.author | Kim, Ju Young | - |
| dc.contributor.author | Lee, Hyeong-Chan | - |
| dc.contributor.author | Yi, Jeong Hyun | - |
| dc.date.available | 2018-05-09T13:54:20Z | - |
| dc.date.created | 2018-04-17 | - |
| dc.date.issued | 2013-12 | - |
| dc.identifier.issn | 0929-6212 | - |
| dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/11099 | - |
| dc.description.abstract | Although anyone can easily publish Android applications (or apps) in an app marketplace according to an open policy, decompiling the apps is also easy due to the structural characteristics of the app building process, making them very vulnerable to forgery or modification attacks. In particular, users may suffer direct financial loss if this vulnerability is exploited in security-critical private and business applications, such as online banking. In this paper, some of the major Android-based smartphone banking apps in Korea being distributed on either the Android Market or the third party market were tested to verify whether a money transfer could be made to an unintended recipient. The experimental results with real Android banking apps showed that an attack of this kind is possible without having to illegally obtain any of the sender's personal information, such as the senders public key certificate, the password to their bank account, or their security card. In addition, the cause of this vulnerability is analyzed and some technical countermeasures are discussed. | - |
| dc.publisher | SPRINGER | - |
| dc.relation.isPartOf | WIRELESS PERSONAL COMMUNICATIONS | - |
| dc.title | Repackaging Attack on Android Banking Applications and Its Countermeasures | - |
| dc.type | Article | - |
| dc.identifier.doi | 10.1007/s11277-013-1258-x | - |
| dc.type.rims | ART | - |
| dc.identifier.bibliographicCitation | WIRELESS PERSONAL COMMUNICATIONS, v.73, no.4, pp.1421 - 1437 | - |
| dc.description.journalClass | 1 | - |
| dc.identifier.wosid | 000327883300006 | - |
| dc.identifier.scopusid | 2-s2.0-84890552399 | - |
| dc.citation.endPage | 1437 | - |
| dc.citation.number | 4 | - |
| dc.citation.startPage | 1421 | - |
| dc.citation.title | WIRELESS PERSONAL COMMUNICATIONS | - |
| dc.citation.volume | 73 | - |
| dc.contributor.affiliatedAuthor | Yi, Jeong Hyun | - |
| dc.type.docType | Article | - |
| dc.description.oadoiVersion | published | - |
| dc.subject.keywordAuthor | Smartphone application vulnerability | - |
| dc.subject.keywordAuthor | Android app repackaging | - |
| dc.subject.keywordAuthor | Reverse engineering | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
- Files in This Item
- Go to Link
- Appears in
Collections - College of Information Technology > School of Software > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- YI, JEONG HYUN
- College of Information Technology (School of Software)