Top

The Journal of Supercomputing

Published in:

01-05-2016

Hybrid app security protocol for high speed mobile communication

Authors: Seoung-Hyeon Lee, Young-Hyuk Kim, Jae-Kwang Lee, Deok Gyu Lee

Published in: The Journal of Supercomputing | Issue 5/2016

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In this paper, security vulnerabilities that can be found in hybrid apps, by which important data are downloaded from a web server, were analyzed and HIGHT algorithm based on OTP delimiter modification and bit slicing was proposed to enhance security of hybrid apps. The hybrid app, to which the proposed method was applied before analysis, is a medical app for research and monitors biometric data of patients in the healthcare field. This app is monitoring patient’s biometric data continuously. Thus, this app generates considerable mobile traffic and transmission delay. After installing the app in a mobile device, reverse engineering was used to check the address from which the app requests important data, and a web server analysis tool was used to obtain important data that enables security attacks including the sitemap, type and version of application, and open source. To solve these problems, the security protocol proposed in this paper was applied, as a result important data were protected without transmission delay and it shows that proposed protocol can adopt high speed mobile communications.

previous article Relative weight comparison between virtual key factors of cloud computing with analytic network process

next article RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Kim YJ, Kim KJ, Yu YJ, Park SH (2011) Implementation of XML-based open API for Smartphone Middleware. J Korea Inst Inf Commun Eng 15(1):869–876. doi:10.6109/jkiice.2011.15.4.869 CrossRef

Do KM, Kim YH, Kim DI, Kim CB (2013) Application design using hybrid app in mobile environment. In: Korean Institute of Information Technology summer conference, pp 35–38

Jung WJ, Oh JH, Yoon DW (2012) Design and implementation of hybrid app framework. J Korea Inst Inf Commun Eng 16(9):1990–1996CrossRef

Cho YH, Kim SW, Jeong PS (2013) A study on the implementation of mobile healthcare system using hybrid app. J Korea Inst Inf Commun Eng 17(2):503–514. doi:10.6109/jkiice.2013.17.2.503 CrossRef

Carlos R, Afonso J, Tomé P (2011) Mobile application webservice performance analysis: restful services with JSON and XML. In: ENTERprise information systems, pp 162–169. doi:10.1007/978-3-642-24355-4_17

Nurseitov N, Paulson M, Reynolds R, Izurieta C (2009) Comparison of JSON and XML data interchange formats: a case study. In: Proceedings of the ISCA 22nd international conference on computer applications in industry and engineering, pp 157–162

Berena AJ, Chunwijitra S, Okada H, Ueno H (2013) Shared virtual presentation board for e-Meeting in higher education on the WebELS platform. Hum Centric Comput Inf Sci 3(3). doi:10.1186/2192-1962-3-6

Kim GY, Cho SJ (2010) Security vulnerability trends in smartphones. Korean Inst Inf Sci Eng Conf 37(2B):90–94

Kun P (2013) A secure network for mobile wireless service. J Inf Process Syst 9(2):247–258. doi:10.3745/JIPS.2013.9.2.247 MathSciNetCrossRef

10.

Tsai C-L, Chen C-J, Zhuang D-J (2012) Trusted M-banking verification scheme based on a combination of OTP and biometrics. J Converg 3(3):23–30

11.

Agarwal S, Lau CT (2010) Remote health monitoring using mobile phones and Web services. Telemed e-Health 16(2):603–607. doi:10.1089/tmj.2009.0165 CrossRef

12.

Kim YH, Lim IK, Lee JK (2014) A study on algorithm to identify the abnormal status of a patient using acceleration algorithm. Personal Ubiquitous Comput 18(3):1337–1350. doi:10.1007/s00779-013-0736-1 CrossRef

13.

Melendi D, Pañeda XG, García R, García VG (2009) Sistema para la realización y evaluación de prácticas de protocolos de nivel de aplicación. IEEE-RITA 4(2):109–116

14.

Kelly MR (2012) An extensible framework for creating personal archives of web resources requiring authentication. PhD Thesis, Old Dominion University

15.

Charland A, Leroux B (2011) Mobile application development: web vs. native. Commun ACM 54(2):49–53. doi:10.1145/1941487.1941504 CrossRef

16.

Samet H, Adelfio MD, Fruin BC, Lieberman MD, Teitler BE (2011) Porting a web-based mapping application to a smartphone app. In: Proceedings of the 19th ACM SIGSPATIAL international conference on advances in geographic information systems, pp 525–528. doi:10.1145/2093973.2094065

17.

Godwin-Jones R (2011) Emerging technologies: mobile apps for language learning. Lang Learn Technol 15(2):2–11

18.

Kim JB (2012) Study on construction method of hybrid web-based smart learning systems. J Inst Electron Inf Eng 49(9):370–378. doi:10.5573/ieek.2012.49.9.370

19.

Na Daniel Y (2011) The what, why, and how of mobile applications. Sigma 11(1):20–26

20.

Gavalas D, Economou D (2011) Development platforms for mobile applications: status and trends. Softw IEEE 38(1):77–86. doi:10.1109/MS.2010.155 CrossRef

21.

Lu J (2007) Cryptanalysis of reduced versions of the HIGHT block cipher from CHES 2006. In: Information security and cryptology-ICISC 2007, pp 11–26. doi:10.1007/978-3-540-76788-6_2

22.

Koo BW, Hong DJ, Kwon DS (2011) Related-key attack on the full HIGHT. Information security and cryptology-ICISC 2010, pp 49–67. doi:10.1007/978-3-642-24209-0_4

23.

Biswas K, Muthukkumarasamy V, Sithirasenan E, Singh K (2014) A simple lightweight encryption scheme for wireless sensor networks. In: Distributed computing and networking, pp 499–504. doi:10.1007/978-3-642-45249-9_33

24.

Ozen O, Varici K, Tezcan C, Kocair C (2009) Lightweight block ciphers revisited: cryptanalysis of reduced round PRESENT and HIGHT. In: Information security and privacy, pp 90–107. doi:10.1007/978-3-642-02620-1_7

25.

AlDabbagh SSM, Al Shaikhli IFT (2012) Lightweight block ciphers: a comparative study. J Adv Comput Sci Technol Res 2(1):159–165

26.

Zhang P, Sun B, Li C (2009) Saturation attack on the block cipher HIGHT. In: Cryptology and network security, pp 76–86. doi:10.1007/978-3-642-10433-6_6

27.

TTA, TTAS.KO-12.0040/R1: 64-bit block cipher HIGHT

28.

ISO/IEC 18033-3:2010, Information technology—security techniques—encryption algorithms-Part 3: Block ciphers

29.

Karuppiah AB, Rajaram S (2012) Energy efficient encryption algorithm for wireless sensor network. Int J Eng Res Technol 1(3):1–7

30.

Hong DJ, Koo BW, Kwon DS (2012) Biclique attack on the full HIGHT. Information security and cryptology-ICISC 2011, pp 365–374. doi:10.1007/978-3-642-31912-9_24

31.

Hong DJ, Sung JC, Hong SH, Lim JI, Lee SJ, Koo BS, Lee CH, Chang DH, Lee JS, Jeong KT, Kim H, Kim JS, Chee ST (2006) HIGHT: a new block cipher suitable for low-resource device. In: Cryptographic hardware and embedded systems-CHES 2006, pp 46–59. doi:10.1007/11894063_4

32.

Biham E (1997) A fast new DES implementation in software. In: Fast software encryption, pp 260–272. doi:10.1007/BFb0052352

33.

Baek ET, Lee MK (2012) Speed-optimized implementation of HIGHT block cipher algorithm. J Korea Inst Inf Secur Cryptol 22(3):495–504

34.

Lee DG (2011) Kim HW (2011) FPGA implementation of HIGHT block cipher. Inst Electron Eng Korea Summer Conf 34(1):1603–1606

35.

Oppliger R, Hauser R, Basin D (2006) SSL/TLS session-aware user authentication-or how to effectively thwart the man-in-the-middle. Comput Commun 29(12):2238–2246. doi:10.1016/j.comcom.2006.03.004 CrossRef

36.

Me G, Pirro D, Sarrecchia R (2006) A mobile based approach to strong authentication on web. In: ICCGI ’06 proceedings of the international multi-conference on computing in the global information technology, p 67. doi:10.1109/ICCGI.2006.8

37.

Oppliger R, Hauser R, Basin D (2008) SSL/TLS session-aware user authentication revisited. Comput Secur 27(3):64–70. doi:10.1016/j.cose.2008.04.005

38.

Dulidall JL, Godfrey MS, Harrison KA, Munro WJ, Rarity JG (2006) Low cost and compact quantum key distribution. New J Phys 8(10):1–16. doi:10.1088/1367-2630/8/10/249

39.

Eldefrawy MH, Khan MK, Alghathbar K, Kim TH, Elkamchouchi H (2012) Mobile one-time passwords: two-factor authentication using mobile phones. Secur Commun Netw 5(2):508–516. doi:10.1002/sec.340 CrossRef

40.

Gurav TH, Dhage M (2012) Remote client authentication using mobile phone generated OTP. Int J Sci Res Publ 2(2):1–4

41.

Lee JP, Kim YH, Lee JK (2013) The traffic performance evaluation between remote server and mobile for applying to encryption protocol in the Wellness environment. J Digit Converg 11(11):415–420. doi:10.14400/JDPM.2013.11.11.415 CrossRef

Title: Hybrid app security protocol for high speed mobile communication
Authors: Seoung-Hyeon Lee
Young-Hyuk Kim
Jae-Kwang Lee
Deok Gyu Lee
Publication date: 01-05-2016
Publisher: Springer US
Published in: The Journal of Supercomputing / Issue 5/2016
Print ISSN: 0920-8542
Electronic ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-014-1318-3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Other articles of this Issue 5/2016

Anonymous paperless secure payment system using clouds

A novel MPI reduction algorithm resilient to imbalances in process arrival times

Implications of shallower memory controller transaction queues in scalable memory systems

Distributed RDF store for efficient searching billions of triples based on Hadoop

A novel heuristic algorithm for IP block mapping onto mesh-based networks-on-chip

RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks

Premium Partner