Jae-Cheol Ryou

Enhancing privacy of universal re-encryption scheme for RFID tags

A Radio-Frequency-Identification (RFID) tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. It emits an ID in response to a query from a radio communication device called as a reader. For this reason, the RFID tag is used for management of goods and it is used as a substitute for a bar code. However, RFID system may infringe on a consumer’s privacy because it has a strong tracing ability. Although ID of a RFID tag can be encrypted, it is possible to pursue an object by tracing specific information. Therefore, we discuss the privacy protection using universal re-encryption proposed by Golle, Jakobsson, Juels and Syverson. Since the system does not protect a modification of the information on RFID tags, it can be exploited by an attacker. Therefore we point out two attacks using modification of the information on RFID tags. Moreover, we offer two proposed schemes for addressing the problem.

Integrated DDoS Attack Defense Infrastructure for Effective Attack Prevention

Currently attackers are trying to paralyze servers and networks with various types of DDoS attacks. For example, on 7th July in 2009, a DDoS attack occurred against 48 web sites in South Korea and U.S.A. In this attack, the attack traffic pattern and the botnet construction methods are different from that of previous version. Due to the differences of the attack patterns, the 7.7 DDoS attack was not detected easily. These days, such new types of sophisticated attacks occur and it???s not easy to detect those attacks effectively. In fact, it???s been more than ten years since DDoS attacks discovered in late 1990s. However, DDoS attack is still one of the biggest threats in Internet infrastructure and IT environment. It is because almost all the DDoS defense techniques are not focused on general characteristics and infrastructure but on specific characteristics in each attack. In order to develop a general purpose DDoS defense technology, all the attack process and general characteristics should be analyzed. Furthermore, based on the each attack phases and location of network topology also have to be analyzed. For that, in this paper, we show a general DDoS attack process and each phase in this process. For each phase, we propose DDoS attack prevention requirements and finally suggest the integrated DDoS attack defense infrastructure. For the detailed explanation, we classify attack detection techniques into three categories.

Multi-party fair exchange protocol using ring architecture model

Abstract We present a new protocol which allows multiple parties to exchange electronic items over the Internet in a secure and fair way. This allows either each party to get what it expects to receive, or neither party to receive anything. This protocol is applicable to various electronic businesses, for example, electronic shopping, group purchases, electronic voting, electronic auctions, and electronic bidding. The multi-party fair exchange protocol using the ring model is more efficient and robust than the protocol using the full-mesh model proposed by SEMPER. Our protocol reduces its communication complexity and simplifies its recovery procedures compared with SEMPER’s.

Adult Image Detection Using Bayesian Decision Rule Weighted by SVM Probability

The SVM (support vector machine) and the SCM (skin color model) are used in detection of adult contents on images. The SVM consists of multi-class learning model and is very effective method for face detection, but complex. On the contrary, the SCM is very simple for detecting adult images using skin ratio derived from statistical characteristics of RGB color information, but less effective in close-up facial images. Hence, we propose a hybrid scheme that combines the SVM for the 1st filtering scheme using learning model (with classes of adult, benign and close-up facial images) with the SCM for the 2nd filtering scheme using skin ratio and adaptive MAP (maximum a posterior) hypothesis test based on Bayes’ theorem that improves the probability of true positive detection rate of adult images.

Efficient Hardware Architecture of SHA-256 Algorithm for Trusted Mobile Computing

We present a compact SHA-256 hardware architecture suitable for the Trusted Mobile Platform (TMP), which requires low-area and low-power characteristics. The built-in hardware engine to compute a hash algorithm in TMP is one of the most important circuit blocks and contributes the performance of the whole platform because it is used as key primitives supporting platform integrity and command authentication. Unlike personal computers, mobile platform have very stringent limitations with respect to available power, physical circuit area, and cost. Therefore, special architecture and design methods for a compact hash hardware module are required. Our SHA-256 hardware can compute 512-bit data block using 8,588 gates on a 0.25μm CMOS process. The highest operation frequency and throughput of the proposed architecture are 136MHz and 142Mbps, which satisfies processing requirement for the mobile application.

Low-cost Cryptographic Circuits for Authentication in Radio Frequency Identification Systems

We present a new architecture of Advanced Encryption Standard (AES) cryptographic circuit which can be used as cryptographic primitives supporting privacy and authentication for radio frequency identification (RFID). RFID is a technology to identify goods or person containing the tags. While it is a convenient way to track items, it also provides chances to track people and their activities through their belongings. For these reasons, privacy and authentication are a major concern with RFID system and many solutions have been proposed. M. Feldhofer, S. Dominikus, and J. Wolkerstorfer introduced the Interleaved Protocol which serves as a means of authenticating RFID tag to reader devices in M. Feldhofer et al., 2004. They designed very small AES hardware circuit as a cryptographic primitive. The proposed circuit requires about 1,000 clock cycles to encrypt a 128-bit block of data. In this contribution, we introduce a novel method to increase the operating speed of previous method for low-cost AES cryptographic circuits. Our low-cost AES cryptographic circuit can encrypt 128-bit data block within 870 clock cycles using less than 4000 gates on a 0.25 mum CMOS process

DWroidDump: executable code extraction from Android applications for malware analysis

We suggest an idea to dump executable code from memory for malicious application analysis on Android platform. Malicious applications are getting enhanced in terms of antianalysis techniques. Recently, sophisticated malicious applications have been found, which are not decompiled and debugged by existing analysis tools. It becomes serious threat to services related to embedded devices based on Android. Thus, we have implemented the idea to obtain main code from the memory by modifying a part of Dalvik Virtual Machine of Android. As a result, we have confirmed that the executable code is completely obtainable. In this paper, we introduce the existing analysis techniques for Android application, and antianalysis techniques. We then describe the proposed method with a sample malicious application which has strong antianalysis techniques.

Efficient implementation of the keyed-hash message authentication code based on SHA-1 algorithm for mobile trusted computing

The Mobile Trusted Platform (MTP) is developed and promoted by the Trusted Computing Group (TCG), which is an industry standard body to enhance the security of the mobile computing environment. The dedicated SHA-1 and HMAC engine in Mobile Trusted Module (MTM) are one of the most important circuit blocks and contribute the performance of the whole platform because they are used as key primitives verifying platform code, integrity and command authentication. Unlike desktop computers, mobile devices have very stringent limitations with respect to available power, physical circuit area, and cost. Therefore special architecture and design methods for low power SHA-1 and HMAC circuit are required. In this paper, we present a compact and efficient hardware architecture of low power SHA-1 and HMAC design for MTM. Our SHA-1 hardware can compute 512-bit data block using about 8,200 gates and has a power consumption about 1.1 mA on a 0.25µm CMOS process. The implementation of HMAC using the SHA-1 circuit requires additional 8,100 gates and consumes about 2.58 mA on the same process.

DDoS Detection Algorithm Using the Bidirectional Session

Due to the proliferation of smartphones and wireless internet, the number of DoS/DDoS attacks has increased significantly, and it creates a lot of network traffic. The DoS/DDoS attacks consume the resources of the service server so that the network and the continuity of service cannot be guaranteed [1,2,3]. Current studies on DoS/DDoS focus on a radical change of total traffic or traffic pattern. Results of these type of studies cannot react to ever changing attack patterns and service types [4,5]. This paper proposes a new algorithm to detect DoS/DDoS attacks based on the session information of the service. In this paper, we propose BSDDA(bidirectional session aware DDoS detection algorithm) that detects DoS/DDoS attacks by analyzing the session information that contains service requests as well as service replies. Since the algorithm consideres session information of service requests and responses, its effectiveness is experimentally shown the algorithm effectively responds to the ever changing attack patterns.

Recognizing hand gestures using wrist shapes

We introduce a new hand gesture recognition interface, called virtual button. The virtual button utilizes patterns of the wrist shape. It can recognize a pinch motion and it can be used as a generic button event. Using the pinch motion is favorable in multi-touch based interactions or games because it can express picking, moving, and releasing (or putting) activities in a natural way. We use a small-sized IR optic sensor to get patterns of finger flexor tendons on wrist cause by moving fingers. These patterns are used to recognize finger/hand movements. Our method can also measure applied forces at the picking operation where using a vision-based approach may encounter difficulties. Finally, our experimental result shows that using the IR-optic sensor can be an effective solution to implement the virtual button. Our system also shows that it can recognize effectively various kinds of other hand motions such as a shaking of hands or bending of fingers.