Digital Library[ Search Result ]
Improvement of Machine Learning-Based Event-Related Desynchronization Accuracy
http://doi.org/10.5626/JOK.2023.50.12.1131
The biometrics field is known for providing fast and accurate identity verification. Recently, motor imagery (MI) brainwaves have gained prominence, accompanied by event-related desynchronization (ERD) signals. The purpose of this study is to optimize existing ERD models to enhance inter-user classification accuracy. We used a well-known common spatial pattern (CSP) and ERD as representative features for MI, and classified them using naïve bayes (NB). To evaluate the reliability of the binary classification results of the SVM, equal error rate (EER) and area under the curve (AUC) were used. The proposed ERD model exhibited superior accuracy compared to CSP and traditional ERD, achieving classification accuracies of 86.4%, 86.3%, and 63%, respectively. Based on this results, the proposed ERD method is presented as a suitable future biometric marker.
A Study on Compliance of Data and Control Coupling of Weapon System Software Airworthiness Certification
http://doi.org/10.5626/JOK.2023.50.11.995
In 2009, To secure flight safety of military aircraft and enhance the competitiveness of our aircraft exports by applying internationally recognized airworthiness certification standards, South Korea established the "Act on Certification of Flight Safety for Military Aircraft" along with its enforcement decree and regulations. According to these regulations, domestically developed military aircraft are required to be certified following the airworthiness certification laws, procedures, and standards. The standard airworthiness certification criteria for military aircraft, which serve as the basis for airworthiness assessment, was developed by the Defense Acquisition Program Administration (DAPA) and has been revised up to the 7th edition. Among the recent changes, the most impactful area is Chapter 15, which pertains to computer resources in software. As the proportion of software development within weapon systems continues to increase, the related standards are becoming more detailed and refined to keep up with the evolving. This study aimed to clarify and propose verification methods for newly incorporated software coupling criteria in the revised airworthiness certification standards.
Biometrics Performance Improvement of Face Recognition Smart Door Using Binary Classifier
Taeseong Kim, Changsoo Eun, Jongwon Park
http://doi.org/10.5626/JOK.2023.50.7.598
Face recognition based smart door is a biometric system that collects images using a camera and decides whether a visitor is registered by recognizing the face. Recently, with increasing number of single-person households, demand for access convenience has increased. Accordingly, research on smart doors using face recognition method is active. Face recognition based smart doors use deep learning method to recognize visitor"s faces. Difference between the visitor"s face and the registrant"s face is converted into a distance through encoding. If the distance between the two faces is less than the threshold value, the door is opened as it is determined to be the same person. Facial similarity thresholds differ according to region, race, and clothing cultures. Also, biometrics performance varies according to threshold settings. In previous studies, a constant of 0.4 was used as the facial similarity threshold, which was the criterion for determining registration. In this paper, facial similarity thresholds were calculated using five binary classifiers and biometric performance was compared. As a result of the experiment using the LFW dataset, the average EER was improved by 16.59% compared to that when the constant was used.
A Robust Three-Factor User Authentication Scheme based on Elliptic Curve Cryptography and Fuzzy Extractor
Trung Thanh Ngo, Tae-Young Choe
http://doi.org/10.5626/JOK.2019.46.6.587
A three-factor user authentication is appropriate to ensure a high degree of authentication. Fan and Lin proposed a typical three-factor authentication scheme, which requires token, password, and fingerprint. The scheme does not allow authentication in the absence of any of the three factors. Unfortunately, Fan and Lin"s scheme is associated with security risks such as vulnerability to insider attacks, stolen-verifier attacks, and message modification attacks. Yeh et al. proposed a three-factor user authentication, which overcomes such pitfalls and improves security and performance using elliptic curve cryptography. We found that Yeh et al."s scheme is still vulnerable to user impersonation attacks and server masquerading attacks. We propose a robust three-factor authentication scheme entailing server smart cards, elliptic curve cryptography, and a fuzzy extractor that address the foregoing flaws and result in enhanced security. The proposed scheme is resistant to various attacks and improves system performance. BAN logic is used to prove that the scheme establishes a secure channel.
Evaluation of Interest Point Detectors for Data Authentication in Wireless Multimedia Sensor Network (WMSN)
http://doi.org/10.5626/JOK.2019.46.2.184
In Wireless Multimedia Sensor Networks (WMSNs), authentication of multimedia data is very important because the data can be used in making crucial decisions. This study evaluates interest point detectors in terms of resilience to channel error occurred in WMSNs, robustness to JPEG compression, and sensitivity to image tampering. SIFT, SURF, ORB, AKAZE, SADDLE and HOG were evaluated with USC-SIPI image database by computing recall and precision between the original images and modified images by channel errors and JPEG compression and tampering. In addition, median filter and Gaussian filter were applied to reduce channel error and quantization errors from JPEG compression respectively and produced significant performance. AKAZE showed best performance for all conditions of experiments. The evaluation of interest point detectors showed the possibility of their application to authentication in WMSNs.
Efficient Authentication of Aggregation Queries for Outsourced Databases
http://doi.org/10.5626/JOK.2017.44.7.703
Outsourcing databases is to offload storage and computationally intensive tasks to the third party server. Therefore, data owners can manage big data, and handle queries from clients, without building a costly infrastructure. However, because of the insecurity of network systems, the third-party server may be untrusted, thus the query results from the server may be tampered with. This problem has motivated significant research efforts on authenticating various queries such as range query, kNN query, function query, etc. Although aggregation queries play a key role in analyzing big data, authenticating aggregation queries has not been extensively studied, and the previous works are not efficient for data with high dimension or a large number of distinct values. In this paper, we propose the AMR-tree that is a data structure, applied to authenticate aggregation queries. We also propose an efficient proof construction method and a verification method with the AMR-tree. Furthermore, we validate the performance of the proposed algorithm by conducting various experiments through changing parameters such as the number of distinct values, the number of records, and the dimension of data.
Continuous-authentication Method based on the Risk Profile associated with Context-awareness to Lock Smart Devices
In order to block the access of the information in the smartphone of a user by other users, it is checked if the current user is the owner or not in the smartphone authentication process, whenever a user begins to use a smartphone. This makes smartphone users in front of frequent smartphone authentications, which leads significant inconvenience to them. Because of such inconvenience, users tend not to use the smartphone authentication anymore. Finally, their smartphones become very vulnerable against malicious access. This paper proposes a progressive authentication method on the android-platform in order to solve the problem described above. With the proposed method, smartphones can identify relevant risks based on users" past experiences and determine whether an authentication is needed. Because authentication occurs only when the identified risk level is high, it can achieve both a high-level of security in the high-level risk situation and user convenience in the low-level risk situation.
Analysis of Research Trend and Performance Comparison on Message Authentication Code
Cryptographic technologies providing confidentiality and integrity such as encryption algorithms and message authentication codes (MACs) are necessary for preventing security threats in the Internet of Things (IoT) where various kinds of devices are interconnected. As a number of encryption schemes that have passed security verification are not necessarily suitable for low-power and low-performance IoT devices, various lightweight cryptographic schemes have been proposed. However, a study of lightweight MACs is not sufficient in comparison to that of lightweight block ciphers. Therefore, in this paper, we reviewed various kinds of MACs for their classification and analysis and then, we presented a new way for future MAC development. We also implemented major MAC algorithms and performed experiments to investigate their performance degradation on low-end micro-controllers.
Risk Analysis on Various Contextual Situations and Progressive Authentication Method based on Contextual-Situation-based Risk Degree on Android Devices
Jihwan Kim, SeungHyun Kim, Soo-Hyung Kim, Younho Lee
To prevent the use of one’s smartphone by another user, the authentication checks the owner in several ways. However, whenever the owner does use his/her smartphone, this authentication requires an unnecessary action, and sometimes he/she finally decides not to use an authentication method. This can cause a fatal problem in the smartphone’s security. We propose a sustainable android platform-based authentication mode to solve this security issue and to facilitate secure authentication. In the proposed model, a smartphone identifies the current situation and then performs the authentication. In order to define the risk of the situation, we conducted a survey and analyzed the survey results by age, location, behavior, etc. Finally, a demonstration program was implemented to show the relationship between risk and security authentication methods.
A Secure BLE Integration Authentication System for a BLE Device Control Server based on Physical Web and Eddystone
ChoonSung Nam, Hyunhee Jung, Dongryeol Shin
Physical Web and Eddystone can be serviced by a single integrated application on the device by using their servers’ URL. However, they have a limitation that their servers must be customized for service characteristics on a case by case basis. In other words, regardless of the service selected for BLE, it should have a modified linkage application for each device. Hence, we think that a new integrated service platform, which is able to link and support its Beacon from the central server and is also able to support its application, is needed for achieving better service quality. This platform consists of push (Broadcasting for Beacon service) parts and pull (Connection) parts to establish communication. Especially, Pull should be operated and controlled under the authorization (secure) management for safe and trustable communication. It means that BLE must have its new authorization communications protocol to protect its data as much as possible. In this paper, we propose a BLE integrated authorization protocol for a BLE device control server based on Physical Web and Eddystone.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr