Wooguil Pak

Selectively triggered cooperative sensing in cognitive radio networks

In cognitive radio networks, spectrum sensing is critical to the discovery of spectrum opportunities for secondary systems. To enhance the accuracy of spectrum sensing, cooperative sensing has been considered, but it incurs communication overhead as well as more energy consumption of secondary users. To alleviate these problems while taking advantage of cooperative sensing, the authors propose a two-step spectrum sensing scheme, where only one or a few selected sensors are involved in the first step, but the second step occurs for cooperative sensing when the outcome of the first step is uncertain to make a decision in the presence of primary users. For this, there are two thresholds for measured energy in the first step; if the sensed energy by the designated sensor in the first step is between these thresholds, the second step incurs cooperative sensing of all the other sensors; otherwise, the second step is not triggered. This way, they can enhance the probability of detection and reduce consumed energy as well as communication overhead while maintaining a reasonable sensing time. The authors analysis and simulation results confirm that their proposed selectively triggered cooperative sensing with two steps outperforms the conventional schemes.

High Performance and High Scalable Packet Classification Algorithm for Network Security Systems

Packet classification is a core function in network and security systems; hence, hardware-based solutions, such as packet classification accelerator chips or Ternary Content Addressable Memory (T-CAM), have been widely adopted for high-performance systems. With the rapid improvement of general hardware architectures and growing popularity of multi-core multi-threaded processors, software-based packet classification algorithms are attracting considerable attention, owing to their high flexibility in satisfying various industrial requirements for security and network systems. For high classification speed, these algorithms internally use large tables, whose size increases exponentially with the ruleset size; consequently, they cannot be used with a large rulesets. To overcome this problem, we propose a new software-based packet classification algorithm that simultaneously supports high scalability and fast classification performance by merging partition decision trees in a search table. While most partitioning-based packet classification algorithms show good scalability at the cost of low classification speed, our algorithm shows very high classification speed, irrespective of the number of rules, with small tables and short table building time. Our test results confirm that the proposed algorithm enables network and security systems to support heavy traffic in the most effective manner.

High-Performance Packet Classification for Network-Device Platforms

Recently, many network-device platforms provide a fast SRAM interface for short access latency. However, existing packet classification algorithms achieve high-speed performance by sacrificing the table size; consequently, the entire table is stored in a large DRAM instead of a small SRAM. In this letter, we propose a new partitioning-based packet classification algorithm that generates very small tables and enables the tables to be stored in an SRAM to achieve a very fast speed. Moreover, by removing overhead for the partitioning search, our algorithm provides excellent performance even with DRAMs as compared to other algorithms.

Fast packet classification for V2X services in 5G networks

Vehicle-to-everything (V2X) is one of the key applications of upcoming 5G systems. The 5G systems are highly anticipated to adopt software defined network/network function virtualization technology in their core networks as it provides high flexibility and maintainability. However, if the flow tables in switches, called OpenFlow switches, overflow due to excessive policy rules, the networks suffer from large packet delay and frequent packet drops, and fail to support V2X services. To resolve this issue, we propose a new packet classification algorithm that runs fast even with the huge number of policy rules. There is the minimal concern for the overflow in our scheme since it is a pure software-based approach. Furthermore, simulation results show that our algorithm enjoys both the fast packet classification speed and the short policy update time. Thus, our scheme is very suitable for highly dynamic environments like 5G networks.

Fast Packet Classification Based on Hybrid Cutting

Most existing packet classification algorithms adopt only one cutting strategy. However, the proposed algorithm adopts a hybrid one that combines equi-sized cuttings with pivot-based cuttings, so it can significantly increase cutting efficiency. Therefore, it can have distinct features, such as smaller table size, larger supportable rule set, and higher classification performance compared with the existing competitors.

Detecting and tracing leaked private phone number data in Android smartphones

Easy and open development environments of Android make itself not only as the most famous platform in the world but also as the most preferred platform for malicious users. In this paper, we propose a new approach to protect the private phone number data in smartphones from leaking and stealing through malicious applications. Our approach differently deals with trusted and suspicious applications and avoids the malfunctions of applications caused by security policy. Most of outstanding feature of our approach is that it can detect the leakage of the private phone number data, trace the leaked data and finally identify which application leaked them. Furthermore, it can minimize the damage owing to the data even though it is abused for cyber-crimes.

Protecting contacts against privacy leaks in smartphones

Due to recent developments in technologies associated with the Internet of Things (IoT), a large number of people now regularly use smart devices, such as smartwatches and smartphones. However, these devices are prone to data leaks because of security vulnerabilities. In particular, Android devices use permission-based security, which allows users to directly approve permissions requested by an app when installing it. As a result, many malicious apps can obtain and leak private user data by requesting more permissions than are needed. However, it is difficult to identify malicious apps based solely on the requested permissions. A system is hence needed to accurately identify malicious apps and protect private data from them. In this paper, we propose a system for hiding data related to a user’s contacts or providing virtual data according to preconfigured policies when an Android app requests access to them. By hiding data related to the contacts, the proposed system can protect them from malicious apps. By using virtual data, it can even detect malicious apps that leak private data. The system requires less storage and provides faster access to user contacts than prevalent solutions to similar problems.

High accessible virtual keyboards for preventing key-logging

Today, most of smart-phones adopt virtual keyboards as input devices for users. However, there are serious secure threats exit such as key-logger attack that leaks key input values of virtual keyboards. Since the smart-phone provides limited virtual keyboards due to its small screen size, it is more vulnerable for such attacks compared to personal computers (PCs). In this paper, we propose a solution for this problem. Our approach has a unique feature to improve security of the keyboard while maintaining high accessibility against existing solutions. Moreover, we can also apply it to various mobile devices with small screens due to its flexibility in terms of the size.

Mandatory access control for Android application

For security of Android operating systems, permission-based solutions are one of popular approaches but still exposed to two problems. First, there is coarse-grained relationship between a permission and its associated methods. Second, mobile users do not have rights to control the permissions of their applications. To solve these problems, we propose MacDroid that enables users to control the system resources of the installed applications through its policy. MacDroid classifies the permission into method units. The results of our performance test show that MacDroid is able to enforce its policy without too much overhead compared to the pure Android systems.