Digital Library[ Search Result ]
Improvement of Machine Learning-Based Event-Related Desynchronization Accuracy
http://doi.org/10.5626/JOK.2023.50.12.1131
The biometrics field is known for providing fast and accurate identity verification. Recently, motor imagery (MI) brainwaves have gained prominence, accompanied by event-related desynchronization (ERD) signals. The purpose of this study is to optimize existing ERD models to enhance inter-user classification accuracy. We used a well-known common spatial pattern (CSP) and ERD as representative features for MI, and classified them using naïve bayes (NB). To evaluate the reliability of the binary classification results of the SVM, equal error rate (EER) and area under the curve (AUC) were used. The proposed ERD model exhibited superior accuracy compared to CSP and traditional ERD, achieving classification accuracies of 86.4%, 86.3%, and 63%, respectively. Based on this results, the proposed ERD method is presented as a suitable future biometric marker.
A Robust Three-Factor User Authentication Scheme based on Elliptic Curve Cryptography and Fuzzy Extractor
Trung Thanh Ngo, Tae-Young Choe
http://doi.org/10.5626/JOK.2019.46.6.587
A three-factor user authentication is appropriate to ensure a high degree of authentication. Fan and Lin proposed a typical three-factor authentication scheme, which requires token, password, and fingerprint. The scheme does not allow authentication in the absence of any of the three factors. Unfortunately, Fan and Lin"s scheme is associated with security risks such as vulnerability to insider attacks, stolen-verifier attacks, and message modification attacks. Yeh et al. proposed a three-factor user authentication, which overcomes such pitfalls and improves security and performance using elliptic curve cryptography. We found that Yeh et al."s scheme is still vulnerable to user impersonation attacks and server masquerading attacks. We propose a robust three-factor authentication scheme entailing server smart cards, elliptic curve cryptography, and a fuzzy extractor that address the foregoing flaws and result in enhanced security. The proposed scheme is resistant to various attacks and improves system performance. BAN logic is used to prove that the scheme establishes a secure channel.
RSU-independent Message Authentication Scheme using CRT-based Group Key in VANET
Jin Sook Bong, Yu Hwa Suh, Ui Jin Jang, Yongtae Shin
http://doi.org/10.5626/JOK.2019.46.3.277
Security in communication is still an important issue because information transmitted via VANET provides safety-related services to drivers. In this context, there have been many studies related to the sending and receiving messages securely in VANET. In many studies, the RSU was assumed as a trust or semi-trust device and RSU played an important role in message authentication. However, a large number of RSUs cannot be considered trustworthy because the security of the RSU cannot be secured. Therefore, this paper proposes a message authentication scheme that is not dependent on the RSU. For this, a group key based on CRT (Chinese Remainder Theorem) is used. In the proposed scheme, the CRT-based key server calculates and distributes a `private key` and a `group key seed` to each vehicle. Then, each vehicle extracts the group key from the group key seed and uses it to authenticate the message. The proposed scheme eliminates the RSU dependence in a message verification. And it is also possible to easily withdraw a vehicle from a group.
Evaluation of Interest Point Detectors for Data Authentication in Wireless Multimedia Sensor Network (WMSN)
http://doi.org/10.5626/JOK.2019.46.2.184
In Wireless Multimedia Sensor Networks (WMSNs), authentication of multimedia data is very important because the data can be used in making crucial decisions. This study evaluates interest point detectors in terms of resilience to channel error occurred in WMSNs, robustness to JPEG compression, and sensitivity to image tampering. SIFT, SURF, ORB, AKAZE, SADDLE and HOG were evaluated with USC-SIPI image database by computing recall and precision between the original images and modified images by channel errors and JPEG compression and tampering. In addition, median filter and Gaussian filter were applied to reduce channel error and quantization errors from JPEG compression respectively and produced significant performance. AKAZE showed best performance for all conditions of experiments. The evaluation of interest point detectors showed the possibility of their application to authentication in WMSNs.
A Defense Technique against ARP Spoofing Attacks using a Keystone Authentication Table in the OpenStack Cloud Environment
Hyo Sung Kang, Choong Seon Hong
http://doi.org/10.5626/JOK.2018.45.8.755
Recently cloud service has been introduced to enable many enterprises to achieve their purposes such as improving efficiency, reducing costs, and revolutionizing business processes. However spoofing or poison attacks on VM inside the cloud deteriorate the cloud system and those attacks can be a stumbling block for spreading cloud services. To solve such problems, much research has been done, but it all seems to be impractical and limited in terms of finding techniques for detecting attacks and applying to large scale of networks. In this paper, we propose a way to prevent loss of VM resources because of such attacks on the OpenStack environment by using a reliable ARP table in a cloud computing environment and showing that the proposed mechanism is an effective way to defend against the ARP spoofing attacks.
Efficient Authentication of Aggregation Queries for Outsourced Databases
http://doi.org/10.5626/JOK.2017.44.7.703
Outsourcing databases is to offload storage and computationally intensive tasks to the third party server. Therefore, data owners can manage big data, and handle queries from clients, without building a costly infrastructure. However, because of the insecurity of network systems, the third-party server may be untrusted, thus the query results from the server may be tampered with. This problem has motivated significant research efforts on authenticating various queries such as range query, kNN query, function query, etc. Although aggregation queries play a key role in analyzing big data, authenticating aggregation queries has not been extensively studied, and the previous works are not efficient for data with high dimension or a large number of distinct values. In this paper, we propose the AMR-tree that is a data structure, applied to authenticate aggregation queries. We also propose an efficient proof construction method and a verification method with the AMR-tree. Furthermore, we validate the performance of the proposed algorithm by conducting various experiments through changing parameters such as the number of distinct values, the number of records, and the dimension of data.
Continuous-authentication Method based on the Risk Profile associated with Context-awareness to Lock Smart Devices
In order to block the access of the information in the smartphone of a user by other users, it is checked if the current user is the owner or not in the smartphone authentication process, whenever a user begins to use a smartphone. This makes smartphone users in front of frequent smartphone authentications, which leads significant inconvenience to them. Because of such inconvenience, users tend not to use the smartphone authentication anymore. Finally, their smartphones become very vulnerable against malicious access. This paper proposes a progressive authentication method on the android-platform in order to solve the problem described above. With the proposed method, smartphones can identify relevant risks based on users" past experiences and determine whether an authentication is needed. Because authentication occurs only when the identified risk level is high, it can achieve both a high-level of security in the high-level risk situation and user convenience in the low-level risk situation.
Analysis of Research Trend and Performance Comparison on Message Authentication Code
Cryptographic technologies providing confidentiality and integrity such as encryption algorithms and message authentication codes (MACs) are necessary for preventing security threats in the Internet of Things (IoT) where various kinds of devices are interconnected. As a number of encryption schemes that have passed security verification are not necessarily suitable for low-power and low-performance IoT devices, various lightweight cryptographic schemes have been proposed. However, a study of lightweight MACs is not sufficient in comparison to that of lightweight block ciphers. Therefore, in this paper, we reviewed various kinds of MACs for their classification and analysis and then, we presented a new way for future MAC development. We also implemented major MAC algorithms and performed experiments to investigate their performance degradation on low-end micro-controllers.
Risk Analysis on Various Contextual Situations and Progressive Authentication Method based on Contextual-Situation-based Risk Degree on Android Devices
Jihwan Kim, SeungHyun Kim, Soo-Hyung Kim, Younho Lee
To prevent the use of one’s smartphone by another user, the authentication checks the owner in several ways. However, whenever the owner does use his/her smartphone, this authentication requires an unnecessary action, and sometimes he/she finally decides not to use an authentication method. This can cause a fatal problem in the smartphone’s security. We propose a sustainable android platform-based authentication mode to solve this security issue and to facilitate secure authentication. In the proposed model, a smartphone identifies the current situation and then performs the authentication. In order to define the risk of the situation, we conducted a survey and analyzed the survey results by age, location, behavior, etc. Finally, a demonstration program was implemented to show the relationship between risk and security authentication methods.
A Secure BLE Integration Authentication System for a BLE Device Control Server based on Physical Web and Eddystone
ChoonSung Nam, Hyunhee Jung, Dongryeol Shin
Physical Web and Eddystone can be serviced by a single integrated application on the device by using their servers’ URL. However, they have a limitation that their servers must be customized for service characteristics on a case by case basis. In other words, regardless of the service selected for BLE, it should have a modified linkage application for each device. Hence, we think that a new integrated service platform, which is able to link and support its Beacon from the central server and is also able to support its application, is needed for achieving better service quality. This platform consists of push (Broadcasting for Beacon service) parts and pull (Connection) parts to establish communication. Especially, Pull should be operated and controlled under the authorization (secure) management for safe and trustable communication. It means that BLE must have its new authorization communications protocol to protect its data as much as possible. In this paper, we propose a BLE integrated authorization protocol for a BLE device control server based on Physical Web and Eddystone.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr