Ung Mo Kim

An off-line dictionary attack on a simple three-party key exchange protocol

Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. Due to their significance in building a secure communication channel, a number of key exchange protocols have been suggested over the years for a variety of settings. Among these is the so-called S-3PAKE protocol proposed by Lu and Cao for password-authenticated key exchange in the three-party setting. In the current work, we are concerned with the password security of the S-3PAKE protocol. We first show that S-3PAKE is vulnerable to an off-line dictionary attack in which an attacker exhaustively enumerates all possible passwords in an off-line manner to determine the correct one. We then figure out how to eliminate the security vulnerability of S-3PAKE.

Mining Frequent Itemsets with Normalized Weight in Continuous Data Streams

Abstract —A data stream is a massive unbounded sequence of data elements continuously generated at a rapid rate. The continuous characteristic of streaming data necessitates the use of algorithms that require only one scan over the stream for knowledge discovery. Data mining over data streams should support the flexible trade-off between processing time and mining accuracy. In many application areas, mining frequent itemsets has been suggested to find important frequent itemsets by considering the weight of itemsets. In this paper, we present an efficient algorithm WSFI (Weighted Support Frequent Itemsets)-Mine with normalized weight over data streams. Moreover, we propose a novel tree structure, called the Weighted Support FP-Tree (WSFP-Tree), that stores compressed crucial information about frequent itemsets. Empirical results show that our algorithm outperforms comparative algorithms un der the windowed streaming model. Keywords —Frequent Itemsets, Weighted Support, Window Sliding, Weighted Support

A method for opinion mining of product reviews using association rules

When most people buy the products, they inquire about other peoples opinion and refer to recommended product. Today, the result of explosive development of the Web makes it easy to consult other peoples opinion information. These variety of opinion data are not only useful to customers, but also manufacturers. As a result, opinion mining research to analyze opinion data on the web has become a popular topic recently. In this paper, we proposed opinion mining method for product reviews. In our approach, we first do POS tagging on each review sentence, and we extract feature and opinion words in form of transaction data. Then we discover association rules of needed type from the transaction data, and provide information that is summarized advantages and disadvantages using PMI-IR algorithm.

Resource-aware protocols for authenticated group key exchange in integrated wired and wireless networks

Protocols for group key exchange are cryptographic algorithms that describe how a group of parties communicating over a public network can come up with a common secret key. Due to their critical role in building secure multicast channels, a number of group key exchange protocols have been proposed over the years in a variety of settings. However despite many impressive achievements, there seems to have been no previous systematic look at the growing problem of key exchange over integrated wired and wireless (IWW) networks which consist of two distinct types of users: users having low-performance mobile devices with some form of battery power and users having high-performance stationary computers with no power constraint. The contribution of the present work is to fill this deficiency by providing a secure and efficient protocol for resource-aware group key exchange over the rapidly expanding IWW networks. By evenly spreading much of the total amount of computation across high power users, our protocol avoids any potential performance bottleneck of the system while keeping the burden on low power users at minimal. Our protocol also achieves provable security against powerful active adversaries under the decisional Diffie-Hellman assumption. We provide a rigorous proof of security for the protocol in a well-defined formal model of communication and adversarial capabilities.

Mining Maximally Common Substructures from XML Trees with Lists-Based Pattern-Growth Method

With the continuous growth in XML data sources over the Internet, the discovery of useful information from a col- lection of XML documents is currently one of the main re- search areas occupying the data mining community. The mostly used approach to this task is to extract frequently oc- curred subtrees in XML trees. But, because the number of frequent subtrees grows exponentially with the size of trees, a more practical and scalable alternative is required, which is the discovery of maximal frequent subtrees. In this paper, we present the first algorithm that directly discovers maxi- mal frequent subtrees from a concise data structure, without any candidate subtree generation.

DHT-Based Mobile Service Discovery Protocol for Mobile Ad Hoc Networks

Service discovery to search for a service available in a mobile ad-hoc network is an important issue. Although mobile computing technologies grow ever more powerful and accessible, MANET, consisting of mobile devices without any fixed infrastructure, has such features as high mobility and resource constraints. In this paper, we propose an effective service discovery protocol which is based on the concept of peer-to-peer caching of service information and DHT-based forwarding of service requests to solve these problems. Neighboring information, such as services and power is shared not only through logical neighbors but also through physically nearby neighboring nodes. Our protocol is that physical hop counts and the number of messages exchanged have been significantly reduced, since it does not require a central lookup server and does not rely on multicasting and flooding. The results of the simulation show that our proposed scheme works very well on dynamic MANET.

Extracting Temporal Behavior Patterns of Mobile User

Finding prevalent mobile user patterns in large amount of data has been one of the major problems in the area of mobile data mining. Particularly, the algorithms of discovering frequent users behavior patterns in the mobile agent system have been studied extensively in recent years. The key feature in most of these algorithms is that they use a location log dataset with userpsilas requested services. In this case, some problems occur because they do not consider that mobile users behavior patterns are dynamically variable as time passes. In this paper, we propose a novel data mining method based on temporal mobile access patterns that can efficiently discover mobile users behavior patterns. An advantage of our method compactly stores users behavior patterns according to location log dataset and requested services in memory. Thus, even the information datasets require large shared memory when they store, our approach still provides faster access and consume less memory than existing techniques.

A Collaborative Access Control Based on XACML in Pervasive Environments

Pervasive environments consist of the heterogeneous network system. And these mean environment that can be the various Web service to sharing of mutual information. However, this requires not only advance security but also districted access control. Because the indiscreet resource access bring on the problem by the mobile devices and wireless network without the time and space, pervasive access control is very important. Access control must be defines the technologies for the new service and the optimized access policy for these environments. Cooperation administration is serious point too. This requires dynamic control how to use the sharing resources. Therefore we propose collaborative access control based XACML in pervasive environments. Proposed mechanism applies to XACML of OASIS standard in pervasive environments. XACML is designed to express authorization policies in XML against objects that are themselves identified in XML. But XACML combination algorithms can not support requirement condition of collaboration. In this paper, we propose extended XACML of collaborative access control based on RBAC hierarchy.

Remote Control Multi-Agent System for u-Healthcare Service

In this paper, we proposed a multi-agent based healthcare system (MAHS) which is the combination of medical sensor module and wireless communication technology. This MAHS provides wide services to mobile telemedicine, patient monitoring, emergency management, doctors diagnosis and prescription, patients and doctors, information exchange between hospital workers in a long distance. Also, MAHS is connected to Body Area Network (BAN) and a doctor and hospital workers. In addition, we designed and implemented extended JADE based MAHS that reduces hospital servers burden. Agents gather, integrate, and deliver the collected patients information from sensor, and provide presentation in healthcare environment. Proposed MAHS has advantage that can handle urgent situation in the far away area from hospital like Islands through PDA and mobile device. In addition, by monitoring condition of patient (old man) in a real time base, it shortens time and expense and supports medical service efficiently.

Agent-Based Delegation Model for the Secure Web Service in Ubiquitous Computing Environments

Web services are the new building block of todays Internet, and provides interoperability among heterogeneous distributed systems. Recently in Web services environment, security has become one of the most critical issues. An attacker may expose user privacy and service information without authentication. Furthermore, in the ubiquitous computing environment, the users of Web services must temporarily delegate some or all of their rights to agents in order to perform actions on their behalf. This results in the exposure of user privacy information by agents. We propose a delegation model for providing safety of Web service and user privacy in ubiquitous computing environments. In order to provide safety of Web service and user privacy, XML-based encryption and a digital signature mechanism needs to be efficiently integrated. In this paper, we propose Web service management server based on XACML, in order to manage services and policies of Web service providers. For this purpose, we extend SAML, in order to declare delegation assertions transferred to Web service providers by delegation among agents