• Nuclear Engineering and Technology
• /
• v.54 no.10
• /
• pp.3604-3613
• /
• 2022

The Physical Protection System (PPS) plays an important role and must effectively deal with various adversary attacks in nuclear security. In specific single adversary path scenarios, we can calculate the PPS effectiveness by EASI (Estimated Adversary Sequence Interruption) through Probability of Interruption (P_I) calculation. EASI uses a single value of the probability of detection (P_D) and the probability of alarm communications (P_C) in the PPS. In this study, we develop a multi-path analysis code based on EASI to evaluate the effectiveness of PPS. Our quantification method for P_I considers the variability and uncertainty of P_D and P_C value by Monte Carlo simulation. We converted the 2-D scheme of the nuclear facility into an Adversary Sequence Diagram (ASD). We used ASD to find the adversary path with the lowest probability of interruption as the most vulnerable paths (MVP). We examined a hypothetical facility (Hypothetical National Nuclear Research Facility - HNNRF) to confirm our code compared with EASI. The results show that implementing the variability extension can estimate the P_I value and its associated uncertainty. The multi-path analysis code allows the analyst to make it easier to assess PPS with more extensive facilities with more complex adversary paths. However, the variability of the P_D value in each protection element allows a significant decrease in the PI value. The possibility of this decrease needs to be an important concern for PPS designers to determine the P_D value correctly or set a higher standard for PPS performance that remains reliable.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.8
• /
• pp.3328-3349
• /
• 2020

With rapid development of ubiquitous computing and location-based services (LBSs), human trajectory data and associated activities are increasingly easily recorded. Inappropriately publishing trajectory data may leak users' privacy. Therefore, we study publishing trajectory data while preserving privacy, denoted privacy-preserving activity trajectories publishing (PPATP). We propose S-PPATP to solve this problem. S-PPATP comprises three steps: modeling, algorithm design and algorithm adjustment. During modeling, two user models describe users' behaviors: one based on a Markov chain and the other based on the hidden Markov model. We assume a potential adversary who intends to infer users' privacy, defined as a set of sensitive information. An adversary model is then proposed to define the adversary's background knowledge and inference method. Additionally, privacy requirements and a data quality metric are defined for assessment. During algorithm design, we propose two publishing algorithms corresponding to the user models and prove that both algorithms satisfy the privacy requirement. Then, we perform a comparative analysis on utility, efficiency and speedup techniques. Finally, we evaluate our algorithms through experiments on several datasets. The experiment results verify that our proposed algorithms preserve users' privay. We also test utility and discuss the privacy-utility tradeoff that real-world data publishers may face.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.46 no.4
• /
• pp.53-62
• /
• 2023

Effects-Based Operations (EBO) refers to a process for achieving strategic goals by focusing on effects rather than attrition-based destruction. For a successful implementation of EBO, identifying key nodes in an adversary network is crucial in the process of EBO. In this study, we suggest a network-based approach that combines network centrality and optimization to select the most influential nodes. First, we analyze the adversary's network structure to identify the node influence using degree and betweenness centrality. Degree centrality refers to the extent of direct links of a node to other nodes, and betweenness centrality refers to the extent to which a node lies between the paths connecting other nodes of a network together. Based on the centrality results, we then suggest an optimization model in which we minimize the sum of the main effects of the adversary by identifying the most influential nodes under the dynamic nature of the adversary network structure. Our results show that key node identification based on our optimization model outperforms simple centrality-based node identification in terms of decreasing the entire network value. We expect that these results can provide insight not only to military field for selecting key targets, but also to other multidisciplinary areas in identifying key nodes when they are interacting to each other in a network.

• Journal of Korea Multimedia Society
• /
• v.17 no.8
• /
• pp.953-960
• /
• 2014

In Shamir's (t,n)-threshold based secret image sharing schemes, there exists a problem that the secret image can be reconstructed when an arbitrary attacker becomes aware of t secret image pieces, or t participants are malicious collusion. It is because that utilizes linear combination polynomial arithmetic operation. In order to overcome the problem, we propose a secret image sharing scheme using matrix decomposition and adversary structure. In the proposed scheme, there is no reconstruction of the secret image even when an arbitrary attacker become aware of t secret image pieces. Also, we utilize a simple matrix decomposition operation in order to improve the security of the secret image. In experiments, we show that performances of embedding capacity and image distortion ratio of the proposed scheme are superior to previous schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4552-4567
• /
• 2014

A (n,t,n) secret sharing scheme is to share a secret among n group members, where each member also plays a role of a dealer,and any t shares can be used to recover the secret. In this paper, we propose a strong (k,t,n) verifiable multi-secret sharing scheme, where any k out of n participants operate as dealers. The scheme realizes both threshold structure and adversary structure simultaneously, and removes a trusted third party. The secret reconstruction phase is performed using an additive homomorphism for decreasing the storage cost. Meanwhile, the scheme achieves the pre-verification property in the sense that any participant doesn't need to reveal any information about real master shares in the verification phase. We compare our proposal with the previous (n,t,n) secret sharing schemes from the perspectives of what kinds of access structures they achieve, what kinds of functionalities they support and whether heavy storage cost for secret share is required. Then it shows that our scheme takes the following advantages: (a) realizing the adversary structure, (b) allowing any k out of n participants to operate as dealers, (c) small sized secret share. Moreover, our proposed scheme is a favorable candidate to be used in many applications, such as secure multi-party computation and privacy preserving data mining, etc.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.5
• /
• pp.1717-1732
• /
• 2015

The widespread use of location-based services (LBSs), which allows untrusted service provider to collect large number of user request records, leads to serious privacy concerns. In response to these issues, a number of LBS privacy protection mechanisms (LPPMs) have been recently proposed. However, the evaluation of these LPPMs usually disregards the background knowledge that the adversary may possess about users' contextual information, which runs the risk of wrongly evaluating users' query privacy. In this paper, we address these issues by proposing a generic formal quantification framework,which comprehensively contemplate the various elements that influence the query privacy of users and explicitly states the knowledge that an adversary might have in the context of query privacy. Moreover, a way to model the adversary's attack on query privacy is proposed, which allows us to show the insufficiency of the existing query privacy metrics, e.g., k-anonymity. Thus we propose two new metrics: entropy anonymity and mutual information anonymity. Lastly, we run a set of experiments on datasets generated by network based generator of moving objects proposed by Thomas Brinkhoff. The results show the effectiveness and efficient of our framework to measure the LPPM.

• ETRI Journal
• /
• v.35 no.1
• /
• pp.170-172
• /
• 2013

With the rapid progress of RFID security technologies, the international standard group ISO/IEC JTC 1/SC 31 is developing a few security technologies for RFID systems. One of the initial proposals is ISO/IEC working draft (WD) 29167-6. Recently, Song and others stated that Protocol 1 of ISO/IEC WD 29167-6 is vulnerable to a malicious adversary. However, their analysis comes from a misunderstanding regarding a communication parameter called Handle. In this letter, we point out that an adversary cannot obtain any sensitive information from intervening in Protocol 1.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2007.02a
• /
• pp.116-119
• /
• 2007

In a keyword search scheme a user stores encrypted data on an untrusted server and gives a database manager a capability for a keyword which enables a database manager to find encrypted data containing the keyword without revealing the keyword to the database manager. Conjunctive keyword search scheme enables a user to obtain data containing all of several keywords through only one query. One of the security requirements of conjunctive keyword search schemes is that a malicious adversary should not be able to generate new valid capabilities from the observed capabilities. In U:5 paper we show that conjunctive keyword search schemes are not secure. In particular, given two capabilities corresponding two sets of keywords, an adversary is able to generate a new capability corresponding to the dierence set of two keywords sets.

• Journal of applied mathematics & informatics
• /
• v.24 no.1_2
• /
• pp.461-470
• /
• 2007

In CRYPTO 1995, Bellare, $Gu\'{e}rin$, and Rogaway proposed a very efficient message authentication scheme. This scheme is secure against adaptive chosen message attacks, under the assumption that its underlying primitive is a pseudorandom function. This article studies how to weaken that assumption. For an adaptive chosen message attack, we take into account two scenarios. On the one hand, the adversary intercepts the authenticated messages corresponding to messages chosen adaptively by herself, so the verifier does not receive them. On the other hand, the adversary can only eavesdrop the authenticated messages corresponding to messages chosen adaptively by herself, so the verifier receives them. We modify the original scheme. In the first scenario, our scheme is secure if the underlying primitive is a pseudorandom function. In the second scenario, our scheme is still secure under a weaker assumption that the underlying primitive is an indistinguishable-uniform function.

• Journal of Communications and Networks
• /
• v.7 no.1
• /
• pp.87-92
• /
• 2005

This paper presents basic queueing analysis contributing to teletraffc theory, with commonly accessible mathematical tools. This paper studies queueing systems with bulk arrivals. It is assumed that the number of arrivals and the expected number of arrivals in each bulk are bounded by some constraints B and (equation omitted), respectively. Subject to these constraints, convexity argument is used to show that the bulk-size probability distribution that results in the worst mean queue performance is an extremal distribution with support {1, B} and mean equal to A. Furthermore, from the viewpoint of security against denial-of-service attacks, this distribution remains the worst even if an adversary were allowed to choose the bulk-size distribution at each arrival instant as a function of past queue lengths; that is, the adversary can produce as bad queueing performance with an open-loop strategy as with any closed-loop strategy. These results are proven for an arbitrary arrival process with bulk arrivals and a general service model.