Eun-Hee Jeong

An IP Traceback Protocol using a Compressed Hash Table, a Sinkhole Router and Data Mining based on Network Forensics against Network Attacks

The Source Path Isolation Engine (SPIE) is based on a bloom filter. The SPIE is designed to improve the memory efficiency by storing in a bloom filter the information on packets that are passing through routers, but the bloom filter must be initialized periodically because of its limited memory. Thus, there is a problem that the SPIE cannot trace back the attack packets that passed through the routers earlier. To address this problem, this paper proposes an IP Traceback Protocol (ITP) that uses a Compressed Hash Table, a Sinkhole Router and Data Mining based on network forensics against network attacks. The ITP embeds in routers the Compressed Hash Table Module (CHTM), which compresses the contents of a Hash Table and also stores the result in a database. This protocol can trace an attack back not only in real time using a hash table but also periodically using a Compressed Hash Table (CHT). Moreover, the ITP detects a replay attack by attaching time-stamps to the messages and verifies its integrity by hashing it. This protocol also strengthens the attack packet filtering function of routers for the System Manager to update the attack list in the routers periodically and improves the Attack Detection Rate using the association rule among the attack packets with an Apriori algorithm.

A Design of Cloaking Region using Dummy for Privacy Information Protection on Location-Based Services

The setting algorithm of cloaking region using dummy which is proposed in this paper solves the problem which counts the building with duplication that exists in several cells of Privacy Grid by adding the building grouping item to the index structure of the existing Privacy Grid, and by increasing K value after searching the contiguous cells in the comer of each building, the exposure problem of private location information due to the minimum cloaking region setting of the existing GBC is solved. In addition, this paper reduces the searching time of K value by setting smaller cloaking region than Privacy Grid and GBC with dummy K before expanding cloaking region and strengthens the location information protection of users using dummy K.

Context-Awareness Healthcare for Disease Reasoning Based on Fuzzy Logic

This paper proposes Context-Awareness Healthcare for Disease Reasoning based on Fuzzy Logic. It consists of a Fuzzy-based Context-Awareness Module (FCAM) and a Fuzzy-based Disease Reasoning Module (FDRM). The FCAM computes a Correlation coefficient and Support between a Condition attribute and a Decision attribute and generates Fuzzy rules by using just the Condition attribute whose Correlation coefficient and Support are high. According to the result of accuracy experiment using a SIPINA mining tool, those generated by Fuzzy Rule based on Correlation coefficient and Support (FRCS) and Improved C4.5 are 0.84 and 0.81 each average. That is, compared to the Improved C4.5, the FRCS reduces the number of generated rules, and improves the accuracy of rules. In addition, the FDRM can not only reason a patients disease accurately by using the generated Fuzzy Rules and the patient disease information but also prevent a patients disease beforehand.

A Disease Inference Scheme based on Fuzzy Logic for Patient's-customized Healthcare

This paper proposes a Disease Inference Scheme based on Fuzzy Logic for Patients-customized Healthcare. It consists of the Fuzzy-based Disease Rules Module (FDRM) and the Fuzzy-based Disease Inference Model (FDIM). The Fuzzy-based Disease Rules Module (FDRM) computes the conditional support between attributes and generates the Fuzzy Rules considering the relation between them, unlike the traditional C4.5 algorithm, by using the attributes whose conditional support is high. Therefore, because the generated Fuzzy Rules make the number of attributes decreased more than those in the traditional C4.5 algorithm, they make the accuracy of rules improved more. The Fuzzy-based Disease Inference Module (FDIM) not only can reason a patients disease accurately by using the generated Fuzzy Rules and a patient disease information but also can prevent a patients disease beforehand.

A Design of Hadoop Security Protocol using One Time Key based on Hash-chain

This paper is proposed Hadoop security protocol to protect a reply attack and impersonation attack. The proposed hadoop security protocol is consists of user authentication module, public key based data node authentication module, name node authentication module, and data node authentication module. The user authentication module is issued the temporary access ID from TGS after verifing user’s identification on Authentication Server. The public key based data node authentication module generates secret key between name node and data node, and generates OTKL(One-Time Key List) using Hash-chain. The name node authentication module verifies users identification using users temporary access ID, and issues DT(Delegation Token) and BAT(Block Access Token) to user. The data node authentication module sends the encrypted data block to user after verifing users identification using OwerID of BAT. Therefore the proposed hadoop security protocol dose not only prepare the exposure of data node’s secret key by using OTKL, timestamp, owerID but also detect the reply attack and impersonation attack. Also, it enhances the data access of data node, and enforces data security by sending the encrypted data

A Black Hole Detection Protocol Design based on a Mutual Authentication Scheme on VANET

This paper proposes “A Black Hole Detection Protocol Design based on a Mutual Authentication Scheme on VANET.” It consists of the Mutual Authentication Scheme (MAS) that processes a Mutual Authentication by transferring messages among a Gateway Node, a Sensor Node, and a User Node and the Black Hole Detection Protocol (BHDP) which detects a Non-Authentication Node by using the Session Key computed in the MAS and a Black Hole by using the Broadcasting Table. Therefore, the MAS can reduce the operation count of hash functions more than the existing scheme and protect a privacy from an eavesdropping attack and an information exposure by hashing a nonce and user’s ID and password. In addition, the MAS prevents a replay attack by using the randomly generated nonce and the time stamp. The BHDP improves Packet Delivery ratio and Throughput more than the AODV with Black hole by 4.79% and 38.28Kbps. Also, it improves Packet Delivery ratio and Throughput more than the IDSAODV by 1.53% and 10.45Kbps. Hence it makes VANET more safe and reliable.

A Role based Health Data Access Control Model for Patient Information Protection on Cloud Computing Environment

This paper proposes a Role-based Health Data Access Control Model which has the additional ability to delegate or revoke access rights for the protection of patients’ privacy. In the proposed Role-based Health Data Access Control Model, first, it controls that only the users certified from CA can access the data in cloud server. Second, it adds the set of role attributes and the valid time of inheritance to Permission, and it protects patients’ privacy because only the user who received a role controls data access. Third, it generates a shared secret key by using a user’s role, a master key, and a Domain code, and provides Health data confidentiality by storing encrypted data in cloud server after it encrypts Health data with the shared secret key. Fourth, it provides the message integrity by adding MAC value to the Health data. Therefore, the access control model proposed in this paper not only provides patients’ privacy but also guarantees data confidentiality and integrity.

Design of UIGRP(Urban Intersection based Geographic Routing Protocol) considering the moving direction and density of vehicles

Abstract This paper proposes the UIGRP, which can tackle the problem of the network disconnection and packet transmission delay caused by turning vehicles frequently in an urban intersection. The UIGRP was designed as follows. First, it calculates the direction of vehicles using the moving direction of vehicles and the location of a destination. Second, it makes the RSU measure the density of an urban intersection. Third, the TGF Algorithm inthe UIGRP decides the data transmission paths by setting as an intermediate node, not only the vehicle that is movingin the direction where a destination node is located, but also the node that has the highest density. The TGF algorithmusing a moving direction and density minimizes or removes the occurrence of local maximum problems that the existing Greedy Forwarding algorithm has. Therefore, the simulation result shows that UIGRP decreases the occurrence of local maximum problems by 3 and 1 times, and the packet transmission time by 6.12 and 2.04(ms),and increases the success rate of packet transmission by 15 and 3%, compared to the existing GPSR and GPUR.

DIT (Digital Investment Trust) Agent Based on ECSSL (Elliptic Curve SSL)

This paper proposes DIT (Digital Investment Trust) agent based on ECSSL (Elliptic Curve SSL). This DIT agent is a banking project using IT (Investment Trust) conception based on EC (Electronic Commerce) and can manage micro payment, account opening and account transferring. In addition, ECSSL (Elliptic Curve SSL) protocol is implemented which consists of much better encryption functions than existing SSL (Secure Socket Layer) Protocol. Therefore, This DIT agent based on ECSSL protocol protects a customer`s information and asset from third party.