Yuna Kim

Reducing IPTV channel zapping time based on viewer’s surfing behavior and preference

This paper presents a method of prejoining the expected next TV channels for reducing IPTV channel zapping time with a consideration of the channel surfing behavior and the particular preference of each viewer. In this method, a home gateway of multicast protocol proxy for set-top boxes (STB) prejoins the expected and preferred channels based on aggregated data from STBs. The experimental results show that the method improves the prediction accuracy of prejoin channels with little network bandwidth overhead, which leads to reduce the channel zapping time for IPTV services.

binOb+: a framework for potent and stealthy binary obfuscation

Reverse engineering is the process of discovering a high-level structure and its semantics from a lower-level structure. In order to prevent malicious use of reverse engineering against binaries, various techniques have been developed called binary obfuscation. Obfuscated binary is a transformed binary which retains original binarys executing behavior while its outer representation obstructs the reverse engineering. In this paper we propose three novel approaches to improve the binary obfuscation. First we propose a generalized binary obfuscation algorithm that covers any specific or whole part of a binary code by using confusing code and redirecting control-flow using exceptions. Second, we employ a data-mining method to make our obfuscated binary look like a normal binary. And third, we address the issue that the previous techniques could not be applied to Windows binaries by designing a new exception hooking mechanism in Windows. Experimental results show that our obfuscated binary can hide 60--90% of the original instructions from reverse engineering tools, while its execution slows down a little, and moreover the obfuscated binarys stealth can be guaranteed.

Web prefetching using display-based prediction

Since the amount of network traffic has rapidly increased with the WWW expansion, users have experienced a long latency when retrieving Web pages. To solve the latency problem, we propose a client-side prefetching mechanism, which reflects changes on Web document structures and utilizes information from the entrance pages of frequently visited Web sites. It starts by constructing link graphs by gathering usage information of visited Web sites, and predicts the next document to be referenced based on the overall displayed documents in the Web browser. We also manage entrance pages not to be easily replaced from the cache. Our simulation results show that it has a remarkably improved performance: an increased cache hit ratio (by 48%) and a high prefetching effect (by 297%), with a slightly increased network overhead compared to similar previous schemes.

A distributed energy-efficient clustering scheme for deploying IDS in MANETs

Cluster-based intrusion detection systems, where cluster heads (CHs) detect misbehavior of their member nodes, have been proposed in mobile ad-hoc networks (MANETs) in order to protect the network and save the energy. However, long-term survival of all nodes is more important so as not to partition the network. The extension of the network lifetime in the cluster-based IDS depends on which nodes are selected as CHs, which consume much more energy than cluster members due to monitoring them and detecting intrusions. In this paper, we propose a Distributed Energy Efficient Cluster Formation (DEECF) scheme, which exploits the expected residual energy of mobile nodes to select CHs and starts the cluster formation from leaf nodes to reduce the number of clusters. The scheme consists of the cluster construction algorithm and the cluster maintenance algorithm, both of which can be performed at each node in a distributed way without any global knowledge. We prove the correctness of the algorithms, and show that the DEECF scheme is more energy efficient than other clustering schemes by extensive simulation.

LT-OLSR: Attack-tolerant OLSR against link spoofing

Optimized Link State Routing is a routing protocol that has been extensively studied for mobile ad-hoc networks. Link spoofing, which disturbs the routing service, is one of the critical security problems related to the OLSR protocol. Existing approaches against link spoofing attack have several drawbacks. In this paper, we propose an LT-OLSR protocol that broadcasts Hello messages to neighbors within two-hops to defend networks against link spoofing attacks. Simulation and analysis results show that the LT-OLSR protocol tolerates link spoofing attacks extensively. The contributions presented in this paper are as follows: (1) We design a mechanism to ensure the integrity of a routing table. (2) In addition, our approach against link spoofing attack is not only extensive but also compact. (3) Finally, it can be practically implemented under various types of MANET environments.

Allowing user-specified failure handling in web services composition

Recently, the advent of Web services gets rid of the troubles in cooperating with other systems regardless of their underlying platforms. Web services can be composed dynamically on demand and possibly produce value-added services which are mesmerizing enterprises. For dependable execution of the composite services, many failure handling and recovery schemes have been proposed. However, those schemes lack in supporting specific handling of failures as an individual user desires.n In this paper, we propose a service composition framework for user-specified failure handling in web services orchestration. In this framework, an instance of executable business process is dynamically generated from common business logic with failure handling specific to each user. We also design an XML expression of a users failure acceptance specification, and an algorithm for automatically generating an executable business process embedding user-specified failure handling, with architecture of the composite service provider for applying our proposed framework. The comparison of properties between previous works and the proposed one in terms of failure handling is provided as well.

PolyI-D: polymorphic worm detection based on instruction distribution

With lack of diversity in platforms and softwares running in Internet-attached hosts, Internet worms can spread all over the world in just a few minutes. Many researchers suggest the signature-based Network Intrusion Detection System(NIDS) to defend the network against it. However, the polymorphic worm evolved from the traditional Internet worm was devised to evade signature-based detection schemes, which actually makes NIDS useless. Some schemes are proposed for detecting it, but they have some shortcomings such as belated detection and huge overhead. n nIn this paper, we propose a new system, called PolyI-D, that detects the polymorphic worm through some tests based on instruction distribution in real-time with little overhead. This is particularly suitable even for fast spread and continuously mutated worms.

Exclusion of Forged Files from Multi-source Downloadable P2P Systems

Recently, P2P file sharing systems have been designed to enable peers to concurrently download files fragmented into small blocks from multiple sources to improve the download speed. If block corruption occurs during download, the corresponding block is downloaded again until the corruption does not occur any more. However, malicious peers share corrupt blocks intentionally, called forged blocks, which cause significant waste of network bandwidth and delay in download completion. In this paper, we propose a method of excluding forged files that comprise forged blocks from the P2P systems. The method has an algorithm for systematically detecting forged files based on corruption reports given by peer agents and preventing the files from being searched by any further queries. Experimental results show that the proposed method sufficiently excludes forged files only, and is tolerable to false reports.