Hidema Tanaka

Throughput and Power Efficiency Evaluations of Block Ciphers on Kepler and GCN GPUs

Computer systems with GPUs are expected to become a strong methodology for high-speed encryption processing. Moreover, power consumption is a primary deterrent for data center security on cloud services and handheld devices such as smartphones and tablet PCs. On the other hand, GPU vendors currently announce their future roadmaps of GPU architecture development, Nvidia Corp. accentuates Kepler architecture and AMD Corp. does GCN architecture. Thats why in this paper we evaluated throughput and power efficiency of three 128-bit block ciphers on GPUs with recent Nvidia Kepler and AMD GCN architectures. In accordance with our experiments, whereas the throughput and per-watt throughput of AES-128 on Radeon HD 7970 (2048 cores) with GCN architecture is respectively extremely high 219.9 Gbps and 1310.7 Mbps/W, those on Geforce GTX 680 (1536 cores) with Kepler architecture be respectively considerably low 68.6 Gbps and 471.7 Mbps/W. Next, in order to investigate this mysterious experimental result, we used our micro-benchmark suites. They cleared up the reason, arithmetic logical instructions are required by encryption processing but are eliminated from some of the processing cores in Kepler architecture, unlike GCNs.

Intrusion detection system using Discrete Fourier Transform

Intrusion Detection System (IDS) detects attacks using pattern files which are known as “signature”. Effectiveness of detection depends on the kind of signature. In this paper, we propose a signature generation method using Discrete Fourier Transformed regards payload between client and server as discrete waveform. Regarding normal communication spectrum as noise, we can clarify the characteristics of attack sessions. From the viewpoint of spectrum analysis, our method detect unknown attack session. The proposed method simulated using Kyoto2006+ dataset which is currently used as intrusion detection evaluation. As the result, we have 5% of false positives for detecting attacks.

A Practical Experiment of the HTTP-Based RAT Detection Method in Proxy Server Logs

Detecting RAT (Remote Access Trojan or Remote Administration Tool) used in APT (Advanced Persistent Threat) attacks is a challenging task. Many previous methods to detect RATs on the network require monitoring all network traffic. However, it is difficult to keep all network traffic because the size is too huge. Actually, we would have to detect RAT activity through insufficient information such as proxy server logs. Therefore, we proposed how to detect RAT activity in proxy server logs. Our method uses only the behavior and does not use pattern matching. While the behavior is not defined by character strings or regular expressions, is defined by network traffic patterns such as the sizes of the object returned to the client or the intervals of the logged time. The classification performance in general condition is good. However, the performance in practical condition is not certain. In practical condition, we have to choose arbitrary training data. In this paper, we apply this method to actual proxy server logs in practical condition, and show that this method can detect more than 95 percent of malicious communications with few false positives in APT attacks. This method does not require monitoring all network traffic, uses only standard proxy server logs. Moreover, this method can also detect http based RATs in real time.

Computational Security Evaluation of Light-Weight Block Cipher Against Integral Attack by GPGPU

Integral distinguisher is the main factor of integral attack. In the conventional search strategy of integral distinguisher (ID), there are two steps. In the first step, first order ID is obtained. In the second step, first order ID is extended by increasing the order. We find it is problematic to apply the conventional strategy for Feistel ciphers whose number of sub blocks N is large such as TWINE and LBlock (N = 16). To solve the problem, we propose new search strategy which has large search scope and feasibility in realistic computational condition. By the reduction of the computational complexity, it is reduced from O((nN)×(2mn)) to O(N×2mn). And for the acceleration of the experiment, we use GPGPU (general-purpose computing on graphics processing units) platform. By using GPGPU platform, we can test substantially higher order ID than existing CPU platform. We execute computer experiment to discover the precise fifteenth order ID of TWINE and LBlock by proposal strategy. As a result, we find new fifteenth order ID which has 8 balanced sub blocks (32-bit) after 15-round encryption both in TWINE and LBlock. These results are the most precise evaluatiPon of TWINE and LBlock.

Information Theoretical Analysis of Side-Channel Attack

This paper presents a proposal of a new information-the-oretical evaluation method for the side-channel resistance. This method provides some benefits: 1 It provides a rationale for evaluation. 2 Moreover, it enables numerical execution of mutual evaluation among countermeasures of several kinds. In an evaluation of side-channel resistance, the feasibility of attack, such as the number of observations or experimental time for revealing secrets, is discussed. In conventional methods, these numbers are examined experimentally using actual attacks. Therefore such experimental methods present several problems: 1 the rationale of the numbers used in evaluation is poor; 2 executing mutual evaluation is difficult; and 3 some experimental constraints exist such as time, cost, and equipment specifications. Our proposed method regards side-channel attack as a communication channel model. Therefore, this method estimates its channel capacity as the upper bound of the amount of leakage information. As described herein, we apply this approach to correlation power analysis against implementations of stream cipher Enocoro-128 v2 and underscore its effectiveness.

A Correlation Power Analysis Countermeasure for Enocoro-128 v2 Using Random Switching Logic

This paper shows Correlation Power Analysis (CPA) on Enocoro-128 v2 and application effectiveness of a countermeasure. Enocoro is a hardware-oriented stream cipher developed by Hitachi, Ltd. Previous work shows that Enocoro-128 v2 has a weakness against CPA. Another work shows that a countermeasure using algorithm level masking, threshold implementation, is effective for CPA. This paper proposes application of a gate level masking, Random Switching Logic (RSL) as another countermeasure for Enocoro-128 v2. We implement the circuit of Enocoro-128 v2 using RSL on SASEBO-GII (Side-Channel Attack Standard Evaluation Board), and evaluate its CPA countermeasure ability. As a result, we confirmed that it is impossible to reveal secret key by measurement using less than 100,000 power consumption waveforms.

Heavy Log Reader: Learning the Context of Cyber Attacks Automatically with Paragraph Vector

Cyberattack techniques are evolving every second, and detecting unknown malicious communication is a challenging task. Pattern-matching-based techniques and using malicious website blacklists are easily avoided, and not efficient to detect unknown malicious communication. Therefore, many behavior-based detection methods are proposed, which use the characteristic of drive-by-download attacks or C&C traffic. However, many previous methods specialize the attack techniques and the adaptability is limited. Moreover, they have to decide the feature vectors every attack method. This paper proposes a generic detection method, which is independent of attack methods and does not need devising feature vectors. Our method uses Paragraph Vector an unsupervised algorithm that learns fixed-length feature representations from variable-length pieces of texts, such as sentences, paragraphs, and documents, and learns the context in proxy server logs. We conducted cross-validation and timeline analysis with the D3M and the BOS in the MWS datasets. The experimental results show our method can detect unknown malicious communication precisely in proxy server logs. The best F-measure achieves 0.99 in unknown drive-by-download attacks and 0.98 in unknown C&C traffic.

Reading Network Packets as a Natural Language for Intrusion Detection

Detecting unknown malicious traffic is a challenging task. There are many behavior-based detection methods which use the characteristic of drive-by-download attacks or C&C traffic. However, many previous methods specialize the attack techniques. Thus, the adaptability is restricted. Moreover, they need to decide the feature vectors every attack method. This paper proposes a generic detection method which does not depend on attack methods and does not need devising feature vectors. This method reads network packets as a natural language with Paragraph Vector an unsupervised algorithm, and learns the feature automatically to detect malicious traffic. This paper conducts timeline analysis and cross-dataset validation with the multiple datasets which contain captured traffic from Exploit Kit (EK). The best F-measure achieves 0.98 in the timeline analysis and 0.97 on the other dataset. Finally, the result shows that using Paragraph Vector is effective on unseen traffic in a linguistic approach.

Algebraic Degree Estimation for Integral Attack by Randomized Algorithm

Integral attack is a powerful method to recover some round keys of block ciphers by exploiting the characteristic that a set of outputs after several rounds encryption has (integral distinguisher). Recently, Todo proposed a new algorithm to construct integral distinguisher with division property. However, the existence of integral distinguisher which holds in additional rounds can not be denied by the algorithm. On the contrary, our approach is to obtain the number of rounds which integral distinguisher does not hold. The approach is based on algebraic degree estimation. We execute a random search for a term which has a degree equals the number of all inputted variables. We propose two algorithms and apply them to PRESENT and RECTANGLE. Then, we confirm that there exists no 8-round integral distinguisher in PRESENT and no 9-round integral distinguisher in RECTANGLE. From these facts, it is infeasible to attack more than 11-round and 13-round of PRESENT and RECTANGLE, respectively.

Quantification for Intrusion Detection System Using Discrete Fourier Transform

An Intrusion Detection System (IDS) is a countermeasure against network attack. There are mainly two types of detections; signature-based and anomaly-based. Since attackers change their technique rapidly, anomaly-based detection draws research interest nowadays. Since some anomaly-based IDS depends on operators visual identification, it is difficult to define normal behavior effectively. To solve the problem, we propose quantification method using Shannon-Hartley theorem which improves Enkhbold et al. method. This method uses Discrete Fourier Transform to analyze spectrum of each session. They assume fluctuation of spectrum in normal sessions as random and abnormal sessions as biased. To quantify difference between each spectrum and the standard one, we can obtain entropy using Shannon-Hartley theorem. By spectrum analysis based on such assumption, it is possible to create the Detection-table which can be determined either normal or abnormal sessions. And we also find out that our quantification method will discover the feature of unknown attack session.