• IEMEK Journal of Embedded Systems and Applications
• /
• v.13 no.5
• /
• pp.225-234
• /
• 2018

Control flow errors are caused by the vulnerability of memory and result in system failure. Signature-based control flow monitoring is a representative method for alleviating the problem. The method commonly consists of two routines; one routine is signature update and the other is signature verification. However, in the existing signature-based control flow monitoring, monitoring target application is tightly combined with the monitoring code, and the operation of monitoring in a single thread is the basic model. This makes the signature-based monitoring method difficult to expect performance improvement that can be taken in multi-thread and multi-core environments. In this paper, we propose a new signature-based control flow monitoring model that separates signature update and signature verification in thread level. The signature update is combined with application thread and signature verification runs on a separate monitor thread. In the proposed model, the application thread and the monitor thread are separated from each other, so that we can expect a performance improvement that can be taken in a multi-core and multi-thread environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.4
• /
• pp.743-751
• /
• 2017

As smart phones are becoming popular, an operating system is being used at wearable devices, home appliances and smart TVs. A user is able to use various applications on devices with operating system, but there is an increased threat of hacker. Thus, the technology for detecting the forgery of applications is becoming more important on operating system. To detect the forgery of the application, a digital signature technology is used on the filed of application digital signature. According to W3C recommendation, the signing process of application digital signature must be performed at least twice, and the applications which are signed by the application digital signature have to be validated for all signature files when the application is installed in the operating system. Hence, the performance of the application digital signature validation system is closely related to the installer performance on the operating system. Existing validation system has performance degradation due to redundancy of integrity verification among application components. This research was conducted to improve the performance of the application digital signature validation system. The proposal of validation system which is applied proxy system shows a performance improvement compared to the existing verification system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.10
• /
• pp.1301-1308
• /
• 2016

Internet traffic identification is an essential preliminary step for stable service provision and efficient network management. The payload signature-based-classification is considered as a reliable method for Internet traffic identification. But its performance is highly dependent on the number and the structure of signatures. If the numbers and structural complexity of signatures are not proper, the performance of payload signature-based-classification easily deteriorates. Therefore, in order to improve the performance of the identification system, it is necessary to regulate the numbers of the signature. In this paper, we propose a novel signature quality evaluation method to decide which signature is highly efficient for Internet traffic identification. We newly define the signature quality evaluation criteria and find the highly efficient signature through the method. Quality evaluation is performed in three different perspectives and the weight of each signature is computed through those perspectives values. And we construct the signature map(S-MAP) to find the highly efficient signature. The proposed method achieved an approximately fourfold increased efficiency in application traffic identification.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.7
• /
• pp.2261-2280
• /
• 2014

Recently, network traffic has become more complex and diverse due to the emergence of new applications and services. Therefore, the importance of application-level traffic classification is increasing rapidly, and it has become a very popular research area. Although a lot of methods for traffic classification have been introduced in literature, they have some limitations to achieve an acceptable level of performance in real-time application-level traffic classification. In this paper, we propose a novel application-level traffic classification method using payload size sequence (PSS) signature. The proposed method generates unique PSS signatures for each application using packet order, direction and payload size of the first N packets in a flow, and uses them to classify application traffic. The evaluation shows that this method can classify application traffic easily and quickly with high accuracy rates, over 99.97%. Furthermore, the method can also classify application traffic that uses the same application protocol or is encrypted.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.615-622
• /
• 2013

Fast and accurate signature extraction is essential to improve the performance of the payload signature-based traffic analysis methods. However the slow manual process in extracting signatures make difficult to deal with the rapidly changing application in current Internet environment. Therefore, in this paper we propose a system automatically generating signatures from ground-truth traffic data. In addition, we improve the efficiency of signature extraction by recognizing the application protocol using a protocol filters and generating signatures automatically according to the application-specific protocol contents. In order to verify the validity of the system proposed in this paper, we compared the signatures automatically generated from our system with the signatures manually created for a few popular applications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.368-376
• /
• 2013

The importance of application traffic identification is emphasized for the efficient network management with recent rapid development of internet. In this paper, we present the application traffic identification method using the behavior based signature to improve the previous limitations. The behavior based signature is made by combining the existing various traffic features, and uses the Inter-Flow unit that is combination of the first request packet of each flow. All signatures have 100% precision when measured the accuracy of 5 applications using at home and abroad to prove the feasibility of the proposed signature.

• Journal of Internet Computing and Services
• /
• v.12 no.6
• /
• pp.19-33
• /
• 2011

The need for application traffic classification becomes important for the effective use of network resources. The header-based identification method uses the header signature {IP address, port number, transport layer protocol TCP/UDP)}extracted from Internet application server to overcome some limitations overhead, payload encryption, etc.) of previous methods. A lots signature is extracted because this method uses header information of server. So, we need a maintenance method to keep essential signatures. In this paper, we represent the signature maintenance method using properties of identified traffic and history of the signature. Also, we prove the feasibility and applicability of our proposed method by an acceptable experimental result.

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.169-174
• /
• 2005

Electronic signature system is required to be used in the promotion of the e-Commerce. Because the application system for electronic signature system has inconvenience and vulnerability of security, users are reluctant to use it. Therefore, the electronic signature system should give a guarantee of convenience and security. In this paper, we propose server-based application model, which uses identity information and makes users access transparently to solve electronic signature problems. We also design and verify electronic signature system that reduces threats to security, which cause server attack by distributing the part of signature key to both server and client. The application model with lightweight server system based on the electronic signature system is expected to be used in the promotion of the e-Commerce and help to make its business more efficient and competitive.

• Journal of Korea Multimedia Society
• /
• v.13 no.6
• /
• pp.865-874
• /
• 2010

Recently, Hao et al. proposed a privacy preservation protocol based on group signature scheme for secure vehicular communications to overcome a well-recognized problems of secure VANETs based on PKI. However, although efficient group signature schemes have been proposed in cryptographic literatures, group signature itself is still a rather much time consuming operation. In this paper, we propose a more efficient privacy preservation protocol than that of Hao et al. In order to design a more efficient anonymous authentication protocol, we consider a key-insulated signature scheme as our cryptographic building block. We demonstrate experimental results to confirm that the proposed protocol is more efficient than the previous scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.1
• /
• pp.287-304
• /
• 2022

With the development of quantum computers, ring signature schemes based on large integer prime factorization, discrete logarithm problem, and bilinear pairing are under threat. For this reason, we design a ring signature scheme based on lattice with a fixed verification key. Compared with the previous ring signature scheme based on lattice, our design has a fixed verification key and does not disclose the signer's identity. Meanwhile, we propose an anonymous electronic voting scheme by using our ring signature scheme based on lattice and (t, n) threshold scheme, which makes up for the lack of current anonymous electronic voting that cannot resist attacks of the quantum computer. Finally, under standard model (SM), we prove that our ring signature scheme based on lattice is anonymous against the full-key exposure, and existentially non-forgeable against insider corruption. Furthermore, we also briefly analyze the security of our anonymous electronic voting scheme.