• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.4
• /
• pp.1516-1528
• /
• 2015

We introduce attribute set based signature (ASBS), a new cryptographic primitive which organizes user attributes into a recursive set based structure such that dynamic constraints can be imposed on how those attributes may be combined to satisfy a signing policy. Compared with attribute based signature (ABS), ASBS is more flexible and efficient in managing user attributes and specifying signing policies. We present a practical construction of ASBS and prove its security in the standard model under three subgroup decision related assumptions. Its efficiency is comparable to that of the most efficient ABS scheme.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.865-867
• /
• 2009

This paper is a research on the statistical analysis of the feature information for the dynamic signature verification. we could improved processing time and reduce signature database without increase of error rate. We have used statistical analysis method T-test for the verification based on the experimental results.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1572-1593
• /
• 2018

The diversity and fast growth of Internet traffic volume are highly influenced by mobile and computer applications being developed. Moreover, the developed applications are too dynamic to be identified and monitored by network administrators. Several approaches have been proposed to identify network applications, however, are still not robust enough to identify modern applications. This paper proposes both, TSA (Traffic collection, Signature generation and Applications identification) system and a derived algorithm so called CSP (Contiguous Sequential Patterns) to identify applications for management and security in IP networks. The major focus of this paper is the CSP algorithm which is automated in two modules (Signature generation and Applications identification) of the proposed system. The proposed CSP algorithm generates DNA-like unique signatures capable of identifying applications and their individual services. In this paper, we show that the algorithm is suitable for generating efficient signatures to identify applications and application services in high accuracy.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.4 s.36
• /
• pp.385-396
• /
• 2005

In this paper, a new structural approach to on-line signature verification is presented. A primitive pattern is defined as a part segmented by a local minimal position of speed. And a structural description of signature is composed of subpatterns which are defined as such forms as rotation shape, cusp shape and bell shape, acquired by composition of the primitives regarding the directional changes. As the matching method to find identical parts between two signatures, a modified DP(dynamic programming) matching algorithm is presented. And also, variation and complexity of local parts are computed from the training samples, and reference model and decision boundary are derived from these. Error rate, execution time and memory usage are compared among the functional approach, the parametric approach and the proposed structural approach. It is found that the average error rate can be reduced from 14.2% to 4.05% when the local parts of a signature are weighted and the complexity is used as a factor of decision threshold. Though the error rate is similar to that of functional approaches. time consumption and memory usage of the proposed structural approach are shown to be very effective.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4250-4267
• /
• 2015

Although many revocable group signature schemes has been proposed in vehicular ad hoc networks (VANETs), the existing schemes suffer from long computation delay on revocation that they cannot adapt to the dynamic VANETs. Based on Chinese remainder theorem and Schnorr signature algorithm, this paper proposes an efficient revocable group signature scheme in VANETs. In the proposed scheme, it only need to update the corresponding group public key when a member quits the group, and in the meanwhile the key pairs of unchanged group members are not influenced. Furthermore, this scheme can achieve privacy protection by making use of blind certificates. Before joining to the VANETs, users register at local trusted agencies (LTAs) with their ID cards to obtain blind certificates. The blind certificate will be submitted to road-side units (RSUs) to verify the legality of users. Thus, the real identities of users can be protected. In addition, if there is a dispute, users can combine to submit open applications to RSUs against a disputed member. And LTAs can determine the real identity of the disputed member. Moreover, since the key pairs employed by a user are different in different groups, attackers are not able to track the movement of users with the obtained public keys in a group. Furthermore, performance analysis shows that proposed scheme has less computation cost than existing schemes.

• Smart Media Journal
• /
• v.8 no.4
• /
• pp.25-32
• /
• 2019

While the development of the Internet has made information more accessible, this also has provided a variety of intrusion paths for malicious programs. Traditional Signature-based malware-detectors cannot identify new malware. Although Dynamic Analysis may analyze new malware that the Signature cannot do, it still is inefficient for detecting variants while most of the behaviors are similar. In this paper, we propose a detection method using behavioral similarity with existing malicious codes, assuming that they have parallel patterns. The proposed method is to extract the behavior targets common to variants and detect programs that have similar targets. Here, we verified behavioral similarities between variants through the conducted experiments with 1,000 malicious codes.

• KIISE Transactions on Computing Practices
• /
• v.24 no.2
• /
• pp.99-104
• /
• 2018

Recently, there are increasing damages by ransomware in the world. Ransomware is a malicious software that infects computer systems and restricts user's access to them by locking the system or encrypting user's files saved in the hard drive. Victims are forced to pay the 'ransom' to recover from the damage and regain access to their personal files. Strong countermeasure is needed due to the extremely vicious way of attack with enormous damage. Malware analysis method can be divided into two approaches: static analysis and dynamic analysis. Recent malwares are usually equipped with elaborate packing techniques which are main obstacles for static analysis of malware. Therefore, this paper suggests a dynamic analysis method to monitor activities of ransomware. The proposed method can analyze ransomwares more accurately. The suggested method is comprised of extracting signatures of benign program, malware, and ransomware, and selecting the most appropriate signatures for ransomware detection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.721-729
• /
• 2017

In order to take rapid action against malware, efficiency in malware analysis is essential. For instance, it would be helpful to identify and eliminate open-source function bodies or other safe portions out of the target binary codes. In this paper, we propose an tool to create open source dynamic link library files in Windows environment, extract signature information by opensource and compiler version, and compare open source function information to find suspicious function. In addition, the tool can save the information used in the comparison to the DB and use it later, reducing the analysis time overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.396-413
• /
• 2017

Dynamically checking the integrity of software at run-time is always a hot and difficult spot for trusted computing. Control-flow integrity is a basic and important safety property of software integrity. Many classic and emerging security attacks who introduce illegal control-flow to applications can cause unpredictable behaviors of computer-based systems. In this paper, we present a software-based approach to checking violation of control flow integrity at run-time. This paper proposes a high-performance and low-overhead software control flow checking solution, control flow checking at virtual edges (CFCVE). CFCVE assigns a unique signature to each basic block and then inserts a virtual vertex into each edge at compile time. This together with insertion of signature updating instructions and checking instructions into corresponding vertexes and virtual vertexes. Control flow faults can be detected by comparing the run-time signature with the saved one at compile time. Our experimental results show that CFCVE incurs only 10.61% performance overhead on average for several C benchmark programs and the average undetected error rate is only 9.29%. Compared with previous techniques, CFCVE has the characteristics of both high fault coverage and low memory and performance overhead.

• Smart Structures and Systems
• /
• v.15 no.2
• /
• pp.375-393
• /
• 2015

In this study, local dynamic characteristics of mountable PZT interfaces are numerically analyzed to verify their feasibility on impedance monitoring of the prestress-loss in tendon anchorage subsystems. Firstly, a prestressed tendon-anchorage system with mountable PZT interfaces is described. Two types of mountable interfaces which are different in geometric and boundary conditions are designed for impedance monitoring in the tendon-anchorage subsystems. Secondly, laboratory experiments are performed to evaluate the impedance monitoring via the two mountable PZT interfaces placed on the tendon-anchorage under the variation of prestress forces. Impedance features such as frequency-shifts and root-mean-square-deviations are quantified for the two PZT interfaces. Finally, local dynamic characteristics of the two PZT interfaces are numerically analyzed to verify their performances on impedance monitoring at the tendon-anchorage system. For the two PZT interfaces, the relationships between structural parameters and local vibration responses are examined by modal sensitivity analyses.