Detailed Information
Cited 5 time in 
Cited 5 time in 
Cited 5 time in
Metadata Downloads
Personal Information Leaks with Automatic Login in Mobile Social Network Services
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Choi, Jongwon | - |
| dc.contributor.author | CHO, HAEHYUN | - |
| dc.contributor.author | Yi, Jeong Hyun | - |
| dc.date.available | 2018-05-09T07:35:14Z | - |
| dc.date.created | 2018-04-17 | - |
| dc.date.issued | 2015-06 | - |
| dc.identifier.issn | 1099-4300 | - |
| dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/8726 | - |
| dc.description.abstract | To log in to a mobile social network service (SNS) server, users must enter their ID and password to get through the authentication process. At that time, if the user sets up the automatic login option on the app, a sort of security token is created on the server based on the user's ID and password. This security token is called a credential. Because such credentials are convenient for users, they are utilized by most mobile SNS apps. However, the current state of credential management for the majority of Android SNS apps is very weak. This paper demonstrates the possibility of a credential cloning attack. Such attacks occur when an attacker extracts the credential from the victim's smart device and inserts it into their own smart device. Then, without knowing the victim's ID and password, the attacker can access the victim's account. This type of attack gives access to various pieces of personal information without authorization. Thus, in this paper, we analyze the vulnerabilities of the main Android-based SNS apps to credential cloning attacks, and examine the potential leakage of personal information that may result. We then introduce effective countermeasures to resolve these problems. | - |
| dc.language | 영어 | - |
| dc.language.iso | en | - |
| dc.publisher | MDPI AG | - |
| dc.relation.isPartOf | ENTROPY | - |
| dc.title | Personal Information Leaks with Automatic Login in Mobile Social Network Services | - |
| dc.type | Article | - |
| dc.identifier.doi | 10.3390/e17063947 | - |
| dc.type.rims | ART | - |
| dc.identifier.bibliographicCitation | ENTROPY, v.17, no.6, pp.3947 - 3962 | - |
| dc.description.journalClass | 1 | - |
| dc.identifier.wosid | 000357803000023 | - |
| dc.identifier.scopusid | 2-s2.0-84934325878 | - |
| dc.citation.endPage | 3962 | - |
| dc.citation.number | 6 | - |
| dc.citation.startPage | 3947 | - |
| dc.citation.title | ENTROPY | - |
| dc.citation.volume | 17 | - |
| dc.contributor.affiliatedAuthor | CHO, HAEHYUN | - |
| dc.contributor.affiliatedAuthor | Yi, Jeong Hyun | - |
| dc.type.docType | Article | - |
| dc.description.isOpenAccess | N | - |
| dc.description.oadoiVersion | published | - |
| dc.subject.keywordAuthor | credential | - |
| dc.subject.keywordAuthor | Android vulnerability | - |
| dc.subject.keywordAuthor | authentication | - |
| dc.subject.keywordAuthor | personal information leakage | - |
| dc.subject.keywordPlus | COUNTERMEASURES | - |
| dc.subject.keywordPlus | SECURITY | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
- Files in This Item
- Go to Link
- Appears in
Collections - College of Information Technology > School of Software > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- CHO, HAEHYUN
- College of Information Technology (School of Software)