• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1572-1593
• /
• 2018

The diversity and fast growth of Internet traffic volume are highly influenced by mobile and computer applications being developed. Moreover, the developed applications are too dynamic to be identified and monitored by network administrators. Several approaches have been proposed to identify network applications, however, are still not robust enough to identify modern applications. This paper proposes both, TSA (Traffic collection, Signature generation and Applications identification) system and a derived algorithm so called CSP (Contiguous Sequential Patterns) to identify applications for management and security in IP networks. The major focus of this paper is the CSP algorithm which is automated in two modules (Signature generation and Applications identification) of the proposed system. The proposed CSP algorithm generates DNA-like unique signatures capable of identifying applications and their individual services. In this paper, we show that the algorithm is suitable for generating efficient signatures to identify applications and application services in high accuracy.

• The Magazine of the IEIE
• /
• v.28 no.9
• /
• pp.80.2-81
• /
• 2001

• Journal of the Korean Institute of Telematics and Electronics B
• /
• v.30B no.8
• /
• pp.1-7
• /
• 1993

This paper proposed an algorithm that extracts the optimum characteristics parameters to identify the signatures from the spectrum using 2-D FFT. The signature image input through a scanner is normalized into 250*128 pixels in the prepocessor. Normalized image is divided into block segments and each segment is transformed into space spectrum by 2-d FFT. There are several methods extracting the signature characteristic parameters from that spectrum. The result of experimentations which use the characteristic parameters extracted between $0^{\circ}and\;90^{\circ}$ in (0, 0), (63, 0) corners from 64$\times$64 block spectrum shows that the signature identification rate using that method gives 92.5% of successful achievement for 100 signatures, higher than the others.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.3
• /
• pp.575-585
• /
• 2015

The traffic classification is a preliminary and essential step for stable network service provision and efficient network resource management. However, the payload signature-based method has significant drawbacks in high-speed network environment that the processing speed is much slower than other methods such as header-based and statistical methods. In addition, as signature numbers are increasing, traffic analysis speed also declines because of signature matching method that does not consider analytic efficiency of each signature and traffic occurrence feature. In this paper, we propose a signature list reordering method in order by analytic value of each signature. When we reordered the signature list by the proposed method, we achieved about 30% improvement in speed of the traffic analysis compared with random signature list.

• Journal of the Chungcheong Mathematical Society
• /
• v.21 no.3
• /
• pp.403-411
• /
• 2008

In 2005, A. Saxena, B. Soh and S. Priymak [10] proposed a two-flow blind identification protocol. But it has a weakness of the active-intruder attack and uses the pairing operation that causes slow implementation in smart cards. In 2008, Y. W. Lee [9] made a method of the active-intruder attack on their identification scheme and proposed a new zero-knowledge blind identification protocol for smart cards. In this paper, we give more simple and fast protocols than above protocols such that the prover using computationally limited devices such as smart cards has no need of computing the bilinear pairings. Computing the bilinear pairings is needed only for the verifier and is secure assuming the hardness of the Discrete-Logarithm Problem (DLP).

• Journal of applied mathematics & informatics
• /
• v.26 no.5_6
• /
• pp.1139-1147
• /
• 2008

A. Saxena et al. first proposed a two-flow blind identification protocol in 2005. But it has a weakness of the active-intruder attack and uses the pairing operation that causes slow implementation in smart cards. In this paper, we give a method of the active-intruder attack on their identification scheme and propose a new zero- knowledge blind identification protocol for Smart cards. Our protocol consists of only two message flows and does not rely on any underlying signature or encryption scheme. The prover using computationally limited devices such as smart cards has no need of computing the bilinear pairings. It needs only for the verifier. Our protocol is secure assuming the hardness of the Discrete-Logarithm Problem in bilinear groups.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.2
• /
• pp.21-28
• /
• 2008

There are some problems on the system that uses a password comprising a digital signature to identify the secret key owner under the public key infrastructure. For example, the password can be difficult to remember or easy to be disclosure, and users should make more complex password to protect it. A number of studies have been proceeded in order to overcome these defects using the fingerprint identification technologies, but they need to change the current standard of public key infrastructure. On the suggested private key escrow system, the private key can be withdrawn only through the enrollment and identification of a fingerprint template after it is saved to a reliable third system. Therefore, this new private key escrow system can remove previous inconveniences of managingthe private key on current public key infrastructure, and it exhibited superior results in terms of the evaluation items when compared with the integrated method of the existing fingerprint identification and public key infrastructure.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2008.11a
• /
• pp.229-232
• /
• 2008

본 논문에서는 방송프로그램 저작권 식별관리를 위한 방송프로그램의 Video Signature와 국가표준콘텐츠식별 체계인 UCI(Universal & Ubiquitous Content Identifier)와의 연계 방안을 제시한다. Video Signature는 UCI와 같은 식별자의 인위적인 부여 과정이 없더라도 비디오 콘텐츠 자체에서 직접 특징정보를 추출할 수 있기 때문에, 이미 배포 유통된 콘텐츠에 대해서도 식별 확인이 가능하다. 따라서, 본 연구에서는 UCI 표준식별체계와 방송프로그램의 Video Signature와의 지속적인 연계를 위하여, 바이너리로 표현된 Video Signature가 포함된 UCI 응용 메타데이터를 정의한다. 그리고 UCI 표준식별체계 기반의 Video Signature 전송 및 관리 메카니즘에 기반한 방송프로그램의 저작권 식별관리 시나리오를 제시한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.2
• /
• pp.169-177
• /
• 2020

Malware analysis is one of the important concerns of computer security, and advances in analysis techniques have become important for computer security. In the past, the signature-based method was used to detect malware. However, as the percentage of packed malware increased, it became more difficult to detect using the conventional method. In this paper, we propose a method for identifying packers of packed programs using machine learning. The proposed method parses the packed program to extract specific PE information that can identify the packer and identifies the packer using the Adaptive Boosting algorithm among the machine learning models. To verify the accuracy of the proposed method, we collected and tested 391 programs packed with 12 types of packers and found that the packers were identified with an accuracy of about 99.2%. In addition, we presented the results of identification using PEiD, a signature-based PE identification tool, and existing machine learning method. The proposed method shows better performance in terms of accuracy and speed in identifying packers than existing methods.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.41-50
• /
• 2010

This paper proposes a mutual identification and session key exchange scheme in secure vehicular communication based on the group signature. In VANETs, security requirements such as authentication, conditional privacy, non-repudiation, and confidentiality are required to satisfy various vehicular applications. However, existing VANET security methods based on the group signature do not support a mutual identification and session key exchange for data confidentiality. The proposed scheme allows only one credential to authenticate ephemeral Diffie-Hellman parameters generated every key exchange session. Our scheme provides a robust key exchange and reduces storage and communication overhead. The proposed scheme also satisfies security requirements for various application services in VANETs.