A Scheme of Social Engineering Attacks and Countermeasures U

1.  
2. Page 1
3. This paper was carried out in 2014 by Baek Suk University. * Corresponding author: Lee, Geun-ho (root1004@bu.ac.kr) Submission date October 28, 2014 Revision date December 2, 2014 Confirmed date February 20, 2015 Using Big Data-based Fusion Voice Phishing Social engineering attack techniques and countermeasures Kim Jeonghun, gojunyoung, Lee Geunho * Baekseok University School of Information and Communication A Scheme of Social Engineering Attacks and Countermeasures Using Big Data based Conversion Voice Phishing Jung-Hoon Kim, Jun-Young Go, Keun-Ho Lee * Division of Information & Communication, Baekseok University summary Recently, e-banking fraud has surged and the government has been trying to prevent and cope with smearing, pharming, phishing, and memory hacking. And strengthened the electronic financial transaction law. As a result, electronic fraud methods are also evolving and difficult to cope with. In the past, random personal information of attack target, not voice phishing, was found, Make a detailed analysis. Based on the information analyzed, it evolved into a new type of electronic fraud that does voice phishing. Big dataization The analysis of the attack method of the voice phishing which converged the personal information and the countermeasure of the electronic financial fraud which is evolving in the future . By storing meaningless data in memory, an attacker obtains personal information based on Big Data It is impossible to obtain accurate information and voice phishing can not be performed properly. In this paper, Identify attacks and propose countermeasures accordingly. • Key Words: SMS phishing, pharming, phishing, big data, convergence, e-banking fraud Abstract Recently government has distributed precautionary measure and response procedures for Smishing (SMS phishing), pharming, phishing, memory hacking and intensified Electronic Financial Transaction Act due to the sharp increase of electronic bank frauds. However, the methods of Electronic bank fraud also developed and changed accordingly. In contrast to earlier voice phishing targeted randomizing objects, these new methods find out the personal Information on targets and analyze them in a big data base. And they are progressed into New kind of electronic bank frauds using those analyzed informations for voice phishing. This study Analyze the attack method of voice phishing blended with the Big Data of personal information and Suggests response procedures for electronic bank frauds. Using the method to save Meaningless data in a memory, attackers can not deduct accurate information and try voice phishing The Big Data. This study analyze Developed social technologic attacks and suggests response procedures for them. • Key Words: Smishing, Pharming, Phishing, Big Data, Convergence, Electronic banking Fraud Http://dx.doi.org/10.15207/JKCS.2015.6.1.085
4. Page 2
5. The Korea Fusion Society Journal Vol.6 No.1 86 1. Introduction With the continuous development of information and communication technology, The Internet and smart phones have become popular, Services are being provided in a convenient environment. Such di In the wake of the economic era, Service), called me2day, twitter, facebook use Big data including location information and personal information (Big Data 'environment. However, Using the personal information contained in the phone, And collect the collected big data through social engineering techniques. It is used for an intelligent smishing attack. In addition, social engineering SMS service from mobile phone and smart phone Send URLs including Uniform Resource Locator (URL) Like the smashing attack, private data, And phishing (phishing), which is a compound word of fishing To create a page that provides a fake web service, Please send email to many email users between these fake And then subtracting the financial information of the connected user [1], and inject malicious code into your PC W Attack by interfering with user's going to desired site After you have access to your own phishing site, If the site is connected to a phishing site, It's hard to tell if it's a date. A pharming attack is also taking place [2]. Targeting soaring smartphone users With their big data using smashing, phishing and pharming attacks The number of cases of damage caused by the Damage is also increasing by utilizing social engineering techniques [3,4]. 2. Related studies 2.1 Big Data Big data is data generated in a digital environment. The size is large, the generation cycle is short, and the shape is numerical data As well as large-scale data including text and image data The big data environment is the amount of data compared to the past In addition to this explosion, the types of data have diversified. It is not only the behavior of the people but also Can be analyzed and predicted [5]. Big data technology fields are diverse and include collection technology, storage technology, Processing technology, analysis technology, expression / utilization technology, management technology The classification is based on the implementation of storage, processing and analysis, Based technology, in-memory based technology, In-DB based technology Technology [5]. 2.2 Voice Phishing Voice phishing, often referred to as phone finance fraud, It is one of the fraud crimes that plunder the property of another person by the act of cheering. Voice, Private Data, Fishing Non-face-to-face transactions using telecommunication means It is a kind of special fraud crime that occurs in the financial sector through [6]. 2.3 Smishing As a compound word of SMS and phishing [7], Using text messages from a smartphone with Internet access To attach a url within a text message and click on the address When the victim code is installed on the smartphone and the victim does not know it The method of taking out small amount payment damage or taking in person and financial information Of the hacking technique [8]. Smashing is a hack based on phishing It uses social engineering hacking mainly. blood To encourage a moat to be impersonated as a friend or family, , 'Free invitation', 'event winning event', etc. . These techniques are widely known If it does not work, it will be cleverly changed. Approach to the type smashing. In recent years, "Notification of delivery to the door" "Confirmation of complaints related to the public prosecutor's office", "Confirmation of leakage of personal information" Dramatic phrases are driving the click of the url. The attacker is our As a person who usually has an acquaintance or a specific agency As we approach the victim's credibility, Without any doubt, the attacker clicks on the url sent by the attacker [9,10]. The principle of smashing is that an attacker is prepared to send SMS / MMS Links to malicious code, Trojan horses, etc. The victim clicks the url without any doubt and downloads the malicious code To receive. If an app with malware is installed on your smartphone, From then on, the attacker can freely You can adjust your phone and get personal and financial information. It is possible to take it. It's like a victim's smartphone It is similar to distributing malicious code such as the Royer. Ouch Depending on the type of sexual code, not only personal and financial information
6. Page 3
7. Social engineering attacks exploiting the convergence of Big Data-based voice phishing techniques and countermeasures 87 Built-in smartphone such as SMS, alarm, camera It is also possible to control all functions [11,12]. 3. Scenarios and analysis 3.1 Big data-based voice phishing attack scenario Hackers have a phrase that stimulates or tempts curiosity Malicious apps are downloaded to the target URL of the attacking smith Send the letter. Attack targets are curiously linked by URL Download malicious apps and launch malicious apps. Ouch When you launch the app, the phone book stored on your smartphone, All your personal information, including your message, installed apps, and browsing history Is transmitted to the hacker. The hacker sends the big data private Process and analyze information and tailor it to the attack target Transmit data to voice phishing scammers. Voice pie Singh fraud is based on custom data provided by hackers, Phishing to the victim, . [Fig. 1] Big Data based Voice Phishing Attack Scenario 3.2 Big-data-based voice phishing attack analysis To analyze the scenario in Figure 1, I created a smashing app in the environment of Table 1 and created a server Respectively. Malicious App JAVA for Android Hacker's Sever Cent OS 6.5 / Apache 2.2.15 Server Script Personal Hypertext Preprocessor [Table 1] Scenario Environment The hacker first tries to attack the target You will be sent a text message. [Fig. 2] Smishing Attack Flowchart ① Upload hacker-made malicious app (Quiz.apk) to server And a server script that receives personal information data. ② Download the malicious app (Quiz.apk) to the victim send. ③ Link false URL address sent by hacker to server of hacker do. ④ Send malicious app (Quiz.apk) requested by hacker's server And downloaded malicious apps (Quiz.apk) Install it on the phone. ⑤ Run the downloaded malicious app (Quiz.apk). Malicious apps (Quiz.apk) to the personal information hacked source code La app (Quiz.apk) works. ⑥ The victim's personal information is transmitted to the hacker, View victim's personal information. [Fig. 3] Smishing Attack Case Click on the URL address shown in Figure 3 as a smashing attack Automatically install malware and send personal information to hackers
8. Page 4
9. The Korea Fusion Society Journal Vol.6 No.1 88 Hackers can collect Big Data personal information as custom data Processing, and analysis. Figure 4 shows JAVA for Android This is a look at the permissions of Quiz.apk using tools. [Fig. 4] Personal Information Load In the source code of Figure 4, The malicious code that can obtain it is hiding. GetSystemService (Context.TELEPHONY_SERVICE) The getSystemService () method provided by the Context object. The model state of the terminal, the terminal unique number Can be inquired. Also, String myNumber = Phone number through mTelephonyMgr.getLine1Number () To Get Number is. ID, DISPLAY_NAME, HAS_PHONE_NUMBER, Phone.NUMBER method Name, phone number, memo, birthday, You can get permission to view personal information such as e-mail. With the obtained privilege, you can read the phone status and ID, Read Call Logs, Modify / Delete Internal Memory, Protected Storage Access testing, all Internet-enabled features, etc. Hiding the source code that can capture and steal personal information is. [Fig. 5] Personal Information Transmission In addition to loading data into malicious app code The code to transmit is also hidden. If the hacker wants VIVA_URL_ADD_CONTANT after the information is loaded And transmits the personal information to the server of the hacker through the third party. [Fig. 6] Hacker's Server Script As shown in Figure 6, the malicious app uses the row POST data method Song Han Victim Personal Information File_get_contents ('Php: // input'). Server script The data parsed by the first process All. Figure 7 below shows the data from the server script It is a received screen. [Fig. 7] Outflow Personal Information
10. Page 5
11. Social engineering attack techniques and countermeasures by the convergence of voice phishing big data base 89 [Fig. 8] Big Data Processing Figure 7 shows the first processed data in Figure 8 Send to MapReduce. Data collected with MapReduce Align and rework into Hadoop Distributed Processing System (HDFS) and minutes [13,14,15]. Based on the analyzed data, Who is the close relationship, where is the main bank, What is the bank account number and where is the company's business partner? If you are evil and do voiced phishing based on Big Data, The moat can not help but cheat easily. 4. Response Plan Google Store, carrier store, etc. Unchecked apps will block your privacy rights If there is a situation that requires authorization, false data You must give it permission. [Fig. 9] Permission Settings ① In the installed app, give UID 9 permission to the framework. Request a telephone number. ② Framework is a carrier's app store, Google App Store, etc. Verify that you are a secure app on the market. ③ If it is a secure app registered in the market, Keep the phone number for the underlying SQL Lite. I ask. SQL Lite calls corresponding to UID 9 privileges Deliver a list of numbers to your app. ④ If the application is not registered in the market and has not been verified UID 9 to 21 authority. ⑤ Lower privileges to SQL Lite to UID 21 Sub SQL Ask Lite for a phone number. SQL Lite UID 21 You can add a fake phone number list to your app . Assuming that the authority to request the phone book is UID 9 Give UID 21 to app users requesting UID 9 False Provide a phone book. Even with the above method, It is thought that smashing can be prevented. 5. Conclusion Recently, more and more intelligent smashing and voice phishing converge As an increasing number of crimes go into unsecured electronic financial environment It is threatening. Financial Security Research Institute, Financial Supervisory Service, Korean It is used for smsing and voice phishing in various organizations such as Internet Promotion Agency. I suggest various ways to respond. However, the proposed countermeasures have various limitations It can not effectively cope with smashing and voice phishing. The In this paper, we propose a variety of malicious codes A method for responding to voice phishing based on Big Data Unknown apps and basic filters from each store and carrier Ring. Finance through smartphones As the rate increases, more intelligent Examples of crimes such as smsing, voice phishing, etc. . Trust only basic filtering of secure apps and carriers Without thinking that I can also be exposed to crime Crime rates are significantly reduced if users take a little more attention You can see that it is lifted.
12. Page 6
13. The Korea Fusion Society Journal Vol.6 No.1 90 ACKNOWLEDGMENTS This thesis is based on the research fund of Baekseok University in 2014 It was done. REFERENCES [1] Young-Arm Kwak, "A Study on Smartphone's Phishing Cases and Security & quot ;, KECRA, Vol. 1, pp. 3-22, 2013. [2] Hong-Ryeol Ryu, Mo-Ses Hong, Taek-Young Kwon, & quot; A Study of Multiple Password Leakage Factors Caused by Phishing and Pharming Attacks & quot ;, KIISC, Vol. 23, No. 6, pp. 1225-1229, 2013. [3] Ji-Sun Shin, "Study on Anti-Phishing Solutions, Related Researches and Future Directions & quot ;, KIISC, Vol. 23, no. 6, pp. 1037-1047, 2013. [4] Byung-Seok Yu, Sung-Hyun Yun, "The Design And Implementation of Messenger Authentication Protocol to Prevent Smartphone Phishing ", KCS, Vol. 2, No. 4, pp. 99-14, 2011. [5] Jae-Saeng Kim, "Big data analysis Technologies And practical examples & quot ;, KOCON, Vol. 12, No. 1, pp. 14-20, 2014. [6] Ho-Dae Cho, "Voice Phishing Occurrence and Counterplan & quot ;, KOCON, Vol. 12, No. 7, pp. 176-182, 2012. [7] Si-Young Lee, Hee-Soo Kang, Jong-Sub Moon, "A Study on Smiling Block of Android Platform Environment & quot ;, KIISC, Vol. 24, No. 5, pp. 975-985, 2014. [8] Dea-Woo Park, "Analysis on Mobile Forensic of Smishing Hacking Attack & quot ;, JKIICE, Vol. 18, No. 12. Pp. 2878-2884, 2014. [9] Seung-hyun Kim, "A financial institution that is Targeted phishing / pharming attacks Technology Trends & quot ;, IEEK, Vol. 6, No. 3. pp. 40-48, 2013. [10] Dae-Yong Jeong, Kyung-bok Lee, Tae-Hyoung Park, "A Study on Improving the Electronic Financial Fraud Prevention Service: Focusing on an Analysis of Electronic Financial Fraud Cases in 2013 & quot ;, JKIICE, Vol. 24, No. 6. pp. 1243-1261, 2014. [11] In-woo Park, Dea-woo Park, "A Study of Intrusion Security Research and Smishing Hacking Attack on a Smartphone & quot ;, JKIICE, Vol. 17, No. 11. Pp. 2584-2594, 2013. [12] Choon-Kyon Joo, Ji-Won Yoon, "Discrimination of SPAM and prevention of smishing by sending Personally identified SMS (For financial sector) ", JKIICE, Vol. 24, No. 4. pp. 645-653, 2014. [13] Seung-Min Rho, "Big Data Analysis Platform Technology R & D Trend through Patent Analysis ", Journal of Digital Convergence, Vol. 12, No. 9, pp. 169-175, 2014. [14] Byung-Chul Kim, "A study on Utilization of Big Data Based on Personal Information Protection Act & quot ;, Journal of Digital Convergence, Vol. 12, No. 12. pp. 87-92, 2014. [15] Jung-Young Ki, Seok-Myoung Gun, Gim-Chang Jae "A study on the success factors of Big Data Through an analysis of the introduction effect of Big Data, & quot; Journal of Digital Convergence, Vol. 12, No. 11. pp. 241-248, 2014. About the author Jung-Hoon Kim [Student Member] March 2010 ~ present: Baekseok University Faculty of Information and Communication <Interests>: M2M, TPEG, mobile communication security Jun-Young Go [Student Member] .2009 ~ present: Baekseok University Faculty of Information and Communication <Interests>: M2M, TPEG, RFID / USN, mobile communication security
14. Page 7
15. Social engineering attacks exploiting the convergence of Big Data-based voice phishing techniques and countermeasures 91 Keun-Ho Lee [Life member] August 2006: Korea University Computer Department (Ph.D.) September 2006 ~ February 2010: Samsung Researcher, DMC Research Institute March 2010 ~ present: Baekseok University Assistant Professor of Information and Communication <Interests>: M2M security, mobile communication security, convergence security Protection of accreditatio