{"id":661,"date":"2016-11-11T16:31:27","date_gmt":"2016-11-11T07:31:27","guid":{"rendered":"http:\/\/pel.sejong.ac.kr\/wordpress\/?p=661"},"modified":"2016-11-11T16:31:27","modified_gmt":"2016-11-11T07:31:27","slug":"poc-2016-%ec%b0%b8%ec%84%9d","status":"publish","type":"post","link":"https:\/\/pel.sejong.ac.kr\/wordpress\/?p=661","title":{"rendered":"POC 2016 \ucc38\uc11d"},"content":{"rendered":"<p><a href=\"https:\/\/pel.sejong.ac.kr\/wordpress\/wp-content\/uploads\/2016\/11\/KakaoTalk_20161110_220242091.jpg\"><img loading=\"lazy\" class=\"alignnone size-medium wp-image-662\" src=\"https:\/\/pel.sejong.ac.kr\/wordpress\/wp-content\/uploads\/2016\/11\/KakaoTalk_20161110_220242091-595x446.jpg\" alt=\"KakaoTalk_20161110_220242091\" width=\"595\" height=\"446\" srcset=\"https:\/\/pel.sejong.ac.kr\/wordpress\/wp-content\/uploads\/2016\/11\/KakaoTalk_20161110_220242091-595x446.jpg 595w, https:\/\/pel.sejong.ac.kr\/wordpress\/wp-content\/uploads\/2016\/11\/KakaoTalk_20161110_220242091-768x576.jpg 768w, https:\/\/pel.sejong.ac.kr\/wordpress\/wp-content\/uploads\/2016\/11\/KakaoTalk_20161110_220242091.jpg 960w, https:\/\/pel.sejong.ac.kr\/wordpress\/wp-content\/uploads\/2016\/11\/KakaoTalk_20161110_220242091-300x225.jpg 300w\" sizes=\"(max-width: 595px) 100vw, 595px\" \/><\/a><\/p>\n<p>\uad6d\uc81c \ud574\ud0b9 \ubcf4\uc548 \ucee8\ud37c\ub7f0\uc2a4 POC\uac00 \uc624\ub294 11\uc6d4 10~11\uc77c \uc11c\uc6b8 \uc591\uc7ac\ub3d9 \ub354\ucf00\uc774\ud638\ud154\uc11c\uc6b8\uc5d0\uc11c \uc5f4\ub838\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\uc774\ubc88 POC 2016\uc5d0\uc11c\ub294 \ucd1d 17\uac1c\uc758 \uc8fc\uc81c\uac00 \ubc1c\ud45c\ub418\uc5c8\uace0, \ubc1c\ud45c\ub4e4\uc758 \uac04\ub7b5\ud55c \ub0b4\uc6a9\uc740 \uc544\ub798\uc640 \uac19\uc2b5\ub2c8\ub2e4..<\/p>\n<p>&nbsp;<\/p>\n<p>\u25c7Ben Gras, \u201cFlip Feng Shui: Hammering a Needle in the Software Stack&#8221;<\/p>\n<p>\ud558\ub4dc\uc6e8\uc5b4 \ub808\ubca8\uc5d0\uc11c\uc758 \uacf5\uaca9 \ubca1\ud130 \uc124\uba85, \uc2e4\uc81c \ud074\ub77c\uc6b0\ub4dc \uc138\ud305\uc5d0\uc11c \uc545\uc131 VM\uc744 \ud1b5\ud574 \ub2e4\ub978 VM\uc758 OpenSSH\uc5d0 \uc778\uc99d\ub418\uc9c0 \uc54a\uc740 \uc811\uc18d\uc744 \ud560 \uc218 \uc788\uc74c\uc744 \ubcf4\uc5ec\uc8fc\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Brian Pak(Cai), \u201cEffective Patch Analysis for Microsoft Updates\u201d<\/p>\n<p>\ub9c8\uc774\ud06c\ub85c\uc18c\ud504\ud2b8\uc758 \ubcf4\uc548\ud328\uce58\ub97c \uc774\uc6a9\ud574 \ube60\ub978 1-day \uc775\uc2a4\ud50c\ub85c\uc787 \uac1c\ubc1c\uc774 \uac00\ub2a5\ud568\uc744 \ubcf4\uc784\uc73c\ub85c\uc368 \ubcf4\uc548 \uc704\ud5d8\uc131\uc744 \uc778\uc2dd\uc2dc\ud0a4\uace0 \uc774\uc5d0 \ub300\ud574 \ud6a8\uacfc\uc801\uc778 \ud328\uce58 \uad00\ub9ac\uac00 \uac00\ub2a5\ud55c \uc2dc\uc2a4\ud15c\uc5d0 \ub300\ud574 \uc18c\uac1c\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Chen Yan, Wenyuan Xu, and Jianhao Liu, \u201cCan You Trust Autonomous Vehicles: Contactless Attacks against Sensors of Self-Driving Vehicles\u201d<\/p>\n<p>\uc790\ub3d9 \uc8fc\ud589 \uc790\ub3d9\ucc28\uc5d0 \uc0ac\uc6a9\ub418\uace0 \uc788\ub294 Ultrasonic \uc13c\uc11c\uc640 MMW \ub808\uc774\ub354 \ub4f1\uc5d0 \ub300\ud55c \uc2a4\ud478\ud551 \ubc0f \uc7ac\ubc0d \uacf5\uaca9 \uc2dc\uc5f0, \ud2b9\ud788 \ud14c\uc2ac\ub77c S\ubaa8\ub378\uc5d0 \ub300\ud55c \uc2e4\uc81c \uacf5\uaca9 \ub370\ubaa8\ub97c \uc120\ubcf4\uc600\uace0, \uad6d\ub0b4 \uc790\ub3d9\ucc28\uc5d0 \ub300\ud55c \uacf5\uaca9 \ub370\ubaa8\ub3c4 \uc120\ubcf4\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Gleb Gritsai, \u201cThe Great Train Cyber Robbery\u201d<\/p>\n<p>\uc2e4\uc81c \ucca0\ub3c4 \uc790\ub3d9\ud654 \uad00\ub9ac \uc2dc\uc2a4\ud15c\uc758 \uad00\ub9ac\uc790 \uad8c\ud55c\uc744 \ud68d\ub4dd\ud558\ub294 \uc2dc\uc5f0\uacfc \ud568\uaed8 \uac01\uc885 \uc2a4\uce74\ub2e4(SCADA) \uc2dc\uc2a4\ud15c\uc758 \ucde8\uc57d\uc810\uc5d0 \ub300\ud55c \ubd84\uc11d\ud55c \ub0b4\uc6a9\uc744 \uc18c\uac1c\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Keen Lab, \u201cHacking Phones from 2013 to 2016\u201d<\/p>\n<p>\uc0cc\ub4dc\ubc15\uc2a4\ub97c \ud0c8\ucd9c\ud558\uae30 \uc704\ud55c \ube0c\ub77c\uc6b0\uc800 \ub80c\ub354\ub7ec(browser renderer) \uacf5\uaca9\uc5d0\uc11c\ubd80\ud130 \uad8c\ud55c \uc0c1\uc2b9\uc5d0 \uc0ac\uc6a9\ub420 \uc218 \uc788\ub294 \ucee4\ub110 \ucde8\uc57d\uc810 \ub4f1\uc73c\ub85c \uad6c\uc131\ub418\ub294 \uc0c8\ub85c\uc6b4 \ucde8\uc57d\uc810\uc5d0 \ub300\ud55c \uc775\uc2a4\ud50c\ub85c\uc787 \uccb4\uc778 \uc124\uba85\ud558\uc600\uace0, \uc774\uc5d0 \ub300\ud55c \uc81c\ub85c\ub370\uc774 \ubc1c\ud45c \ubc0f \ub370\ubaa8\uc2dc\uc5f0 \ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Kevin Borgolte, \u201cCyber Grand Shellphish: Shellphish and the DARPA Cyber Grand Challenge\u201d<\/p>\n<p>CGC\uc5d0 \ub300\ud55c \uc18c\uac1c \ubc0f Shellphish\uac00 \ub300\ud68c\uc5d0\uc11c \uc0ac\uc6a9\ud55c Mechanical Phish \ud234\uc5d0 \ub300\ud55c \uc124\uba85 \ubc0f \uc0ac\uc6a9\ubc95 \uc18c\uac1c\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Maxim Goncharov, &#8220;badWPAD&#8221;<\/p>\n<p>\ub2e4\uc591\ud55c \ud658\uacbd\uc5d0 \uc874\uc7ac\ud558\ub294 WPAD \ud504\ub85c\ud1a0\ucf5c \uc18d \uc704\ud611\uc744 \uc124\uba85\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7MJ0011 &amp; Yuki Chen, \u201cEscape Plans: A Year&#8217;s Journey with Microsoft Edge Sandbox\u201d<\/p>\n<p>\uc708\ub3c4\uc6b0(Windows)10 RS1\uc5d0\uc11c \ucd94\uac00\ub41c \uc8fc\uc694 \uc0cc\ub4dc\ubc15\uc2a4 \ubcf4\ud638\uae30\ubc95 \ubd84\uc11d, OS \ucee4\ub110 API \ubc0f \uc0cc\ub4dc\ubc15\uc2a4\/\uc2dc\uc2a4\ud15c RPC\ud638\ucd9c\uc5d0\uc11c \ubc1c\uc0dd\ud560 \uc218 \uc788\ub294 \uacf5\uaca9 \ubca1\ud130\uc640 \uac01 \ubca1\ud130\uc5d0\uc11c \ubc1c\uacac\ub41c \uc2e4\uc81c \ucde8\uc57d\uc810 \uc2dc\uc5f0 \ubc0f \ud37c\uc9d5\ud234\uc744 \uc18c\uac1c\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Shinjo Park, \u201cWhite Rabbit in Mobile: Effect of Unsecured Clock Source in Smartphone OS and Apps&#8221;<\/p>\n<p>\uc2a4\ub9c8\ud2b8\ud3f0\uc758 clock \uad00\ub9ac \ubc0f \uc774 \ubd80\ubd84\uc5d0\uc11c \ubc1c\uc0dd\ud560 \uc218 \uc788\ub294 \ubcf4\uc548 \ubb38\uc81c \uc124\uba85\ud558\uc600\uace0, clock\uc2a4\ud478\ud551\/\uc6d0\uaca9 \uc11c\ube44\uc2a4 \uac70\ubd80\uacf5\uaca9 \ub4f1\uc5d0 \ub300\ud55c \ubd84\uc11d\uc774 \ud3ec\ud568\ub418\uc5b4 \uc788\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Pangu, \u201cAnalysis of iOS 9.3.3 Jailbreak &amp; Security Enhancements of iOS 10\u201d<\/p>\n<p>Pangu9\uc5d0\uc11c \uc0ac\uc6a9\ub41c iOS 9.3.3 \ucde8\uc57d\uc810 \ucd5c\ucd08 \uc644\uc804 \uacf5\uac1c \ubc0f \uc775\uc2a4\ud50c\ub85c\uc787 \uacfc\uc815 \uc124\uba85, iOS 10 \ubc0f \uc544\uc774\ud3f0(iPhone)7\uc5d0\uc11c \uc774\ub8e8\uc5b4\uc9c4 \ubcf4\uc548 \uac15\ud654 \uc124\uba85\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Paulo Shakarian, \u201cScaling to the Adversary: Machine Learning Driven Mining of Threat Intel from the Darkweb\u201d<\/p>\n<p>\uba38\uc2e0\ub7ec\ub2dd\uacfc \ub370\uc774\ud130 \ub9c8\uc774\ub2dd\uc744 \ud1b5\ud574 Tor \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc874\uc7ac\ud558\ub294 \ub2e4\ud06c\uc6f9\uc5d0\uc11c \ub370\uc774\ud130\ub97c \uc218\uc9d1, \ubd84\uc11d\ud558\ub294 \ubc29\ubc95 \uc124\uba85 \ubc0f \ud504\ub808\uc784\uc6cc\ud06c \uc18c\uac1c\ud558\uc600\uace0, \uc774\ub97c \ud1b5\ud55c \ud574\ud0b9 \ucee4\ubba4\ub2c8\ud2f0 \ubd84\uc11d \uc124\uba85\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Petr \u0160venda, \u201cThe Million-Key Question \u2013 How RSA Public Key Leaks Its Origin\u201d<\/p>\n<p>\ub2e4\uc591\ud55c \ub77c\uc774\ube0c\ub7ec\ub9ac\ub97c \ud1b5\ud574 6\ucc9c\ub9cc\uac1c\uc758 RSA \uacf5\uac1c\ud0a4\ub97c \ub9cc\ub4e4\uc5b4\ub0b4\uc5b4 \ubd84\uc11d\ud574\ubcf8 \uacb0\uacfc 13\uac00\uc9c0 \uc885\ub958\ub85c \ubd84\ub958\ud574 \uacf5\uaca9\ub300\uc0c1\uc758 \uc775\uba85\uc131\uc744 \uc904\uc77c \uc218 \uc788\uc74c\uc744 \ubcf4\uc5ec\uc8fc\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Wanqiao Zhang, Lin Huang, \u201cForcing LTE Cellphone into Unsafe Network\u201d<\/p>\n<p>\ud2b8\ub798\ud0b9 \uc601\uc5ed \uc5c5\ub370\uc774\ud2b8 \uc808\ucc28\uc5d0\uc11c\uc758 \ucde8\uc57d\uc810\uc744 \uc775\uc2a4\ud50c\ub85c\uc787\ud558\uc5ec, \uac00\uc9dc \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uc5f0\uacb0\uc2dc\ud0a4\ub294 \ub4f1\uc758 LTE\ub124\ud2b8\uc6cc\ud06c\uc5d0 \ub300\ud55c \uacf5\uaca9\uacfc\uc815 \uc124\uba85 \ubc0f \ub370\ubaa8\ub97c \uc2dc\uc5f0\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Wei Xiao, Qinghao Tang, \u201cqemu+kvm &amp; xen pwn: virtual machine escape from &#8216;Dark Portal&#8217;\u201d<\/p>\n<p>QEMU+KVM, Xen \ud658\uacbd\uc5d0\uc11c \ubc1c\uc0dd\ud560 \uc218 \uc788\ub294 \uac00\uc0c1\uba38\uc2e0 \ud0c8\ucd9c \uacf5\uaca9\uc5d0 \ub300\ud574 \uc54c\uc544\ubcf4\uace0 Marvel\ud300\uc774 \ucc3e\uc544\ub0b8 CVE-2016-3710\uc5d0 \ub300\ud55c \uc124\uba85 \ubc0f \uc2dc\uc5f0\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Xpl017Elz, \u201cNew Reliable Android Application Exploitation Techniques\u201d<\/p>\n<p>\uc774\uc804\uc758 PXN \uc6b0\ud68c \uae30\uc220\ubcf4\ub2e4 \uc26c\uc6b4, \ucde8\uc57d\uc810 \ud0c0\uc785\uc5d0 \ub530\ub77c ROP\/JOP\uae30\uc220\uc758 \ud65c\uc6a9\uc5c6\uc774 \uacf5\uaca9 \uac00\ub2a5\ud558\uace0 \ub9ac\ub205\uc2a4 \ucee4\ub110\uae30\ubc18\uc758 \ud50c\ub7ab\ud3fc \uad00\uacc4\uc5c6\uc774 \ubaa8\ub4e0 \uc7a5\uce58\uc5d0\uc11c \uc545\uc6a9 \uac00\ub2a5\ud55c \uc0c8\ub85c\uc6b4 \uacf5\uaca9 \uae30\uc220 \uc18c\uac1c \ubc0f \uc81c\ub85c\ub370\uc774 \uc2dc\uc5f0\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\u25c7Yannay Livneh, \u201cExploiting PHP-7: teaching a new dog old tricks\u201d<\/p>\n<p>PHP7\uc758 \uc0c8\ub85c\uc6b4 \ub0b4\ubd80 \uba54\ubaa8\ub9ac\uc5d0 \ub300\ud574 \uc54c\uc544\ubcf4\uace0, \uc5ec\uae30\uc11c \ubc1c\uc0dd\ud558\ub294 \ucde8\uc57d\uc810\ub4e4 \uc18c\uac1c \ubc0f \uc608\uc804 \uae30\ubc95\uc5d0 \ub300\ud55c \uc7ac\uc0ac\uc6a9\uc774 \uac00\ub2a5\ud568\uc744 \ubcf4\uc5ec\uc8fc\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\uc704\uc640 \uac19\uc740 \ub0b4\uc6a9\ub4e4\uc774 POC2016\uc5d0\uc11c \ubc1c\ud45c\uac00 \ub418\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n<p>\ucee8\ud37c\ub7f0\uc2a4\ub97c \ucc38\uc11d\ud558\uc5ec, \ud574\ucee4\ub4e4\uc774 \uc2e4\uc9c8\uc801\uc73c\ub85c \ucde8\uc57d\uc810\uc744 \ucc3e\uace0, \uacf5\uaca9\ud558\ub294 \ubc29\ubc95\uc5d0 \ub300\ud574 \uc790\uc138\ud558\uac8c \uc54c\uac8c \ub41c \uacc4\uae30\uac00 \ub418\uc5c8\uc2b5\ub2c8\ub2e4. \uc774\ubc88 \ucee8\ud37c\ub7f0\uc2a4 \uacbd\ud5d8\uc744 \ubc14\ud0d5\uc73c\ub85c, \uc55e\uc73c\ub85c \ub354 \ub113\uc740 \uacac\ud574\ub97c \uac00\uc9c0\uace0 \uacf5\ubd80\ub97c \ud560 \uc218 \uc788\uc744 \uac83 \uac19\uc2b5\ub2c8\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\uad6d\uc81c \ud574\ud0b9 \ubcf4\uc548 \ucee8\ud37c\ub7f0\uc2a4 POC\uac00 \uc624\ub294 11\uc6d4 10~11\uc77c \uc11c\uc6b8 \uc591\uc7ac\ub3d9 \ub354\ucf00\uc774\ud638\ud154\uc11c\uc6b8\uc5d0\uc11c \uc5f4\ub838\uc2b5\ub2c8\ub2e4. \uc774\ubc88 POC 2016\uc5d0\uc11c\ub294 \ucd1d 17\uac1c\uc758 \uc8fc\uc81c\uac00 \ubc1c\ud45c\ub418\uc5c8\uace0, \ubc1c\ud45c\ub4e4\uc758 \uac04\ub7b5\ud55c \ub0b4\uc6a9\uc740 \uc544\ub798\uc640 \uac19\uc2b5\ub2c8\ub2e4.. &nbsp; \u25c7Ben Gras, \u201cFlip Feng Shui: Hammering a Needle in the Software Stack&#8221; \ud558\ub4dc\uc6e8\uc5b4 \ub808\ubca8\uc5d0\uc11c\uc758 \uacf5\uaca9 \ubca1\ud130 \uc124\uba85, \uc2e4\uc81c \ud074\ub77c\uc6b0\ub4dc \uc138\ud305\uc5d0\uc11c \uc545\uc131 VM\uc744 \ud1b5\ud574 \ub2e4\ub978 VM\uc758 OpenSSH\uc5d0 \uc778\uc99d\ub418\uc9c0 \uc54a\uc740 \uc811\uc18d\uc744 \ud560 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/661"}],"collection":[{"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=661"}],"version-history":[{"count":1,"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/661\/revisions"}],"predecessor-version":[{"id":663,"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/661\/revisions\/663"}],"wp:attachment":[{"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pel.sejong.ac.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}