• ETRI Journal
• /
• 제28권3호
• /
• pp.320-328
• /
• 2006

Using biometrics to verify a person's identity has several advantages over the present practice of personal identification numbers (PINs) and passwords. To gain maximum security in a verification system using biometrics, the computation of the verification as well as the storing of the biometric pattern has to take place in a smart card. However, there is an open issue of integrating biometrics into a smart card because of its limited resources (processing power and memory space). In this paper, we propose a speaker verification algorithm using a support vector machine (SVM) with a very few features, and implemented it on a 32-bit smart card. The proposed algorithm can reduce the required memory space by a factor of more than 100 and can be executed in real-time. Also, we propose a hardware design for the algorithm on a field-programmable gate array (FPGA)-based platform. Based on the experimental results, our SVM solution can provide superior performance over typical speaker verification solutions. Furthermore, our FPGA-based solution can achieve a speed-up of 50 times over a software-based solution.

• 한국정보보호학회:학술대회논문집
• /
• 한국정보보호학회 2006년도 하계학술대회
• /
• pp.133-137
• /
• 2006

In iris recognition, iris segmentation plays a very important role because its accuracy affects directly to the performance of the whole system. This paper proposes a new approach for segmenting iris that is fast, accurate and especially robust to occlusion and illumination. In this method, a circular filter is used for detecting the center of the inner circle. Then, a technique to linearize the limbus is applied and the limbus is detected using a linear filter. Experimental results show that the proposed method has promising performance for improving the iris recognition accuracy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권10호
• /
• pp.5159-5178
• /
• 2018

Network Intrusion detection is a rapidly growing field of information security due to its importance for modern IT infrastructure. Many supervised and unsupervised learning techniques have been devised by researchers from discipline of machine learning and data mining to achieve reliable detection of anomalies. In this paper, a deep convolutional neural network (DCNN) based intrusion detection system (IDS) is proposed, implemented and analyzed. Deep CNN core of proposed IDS is fine-tuned using Randomized search over configuration space. Proposed system is trained and tested on NSLKDD training and testing datasets using GPU. Performance comparisons of proposed DCNN model are provided with other classifiers using well-known metrics including Receiver operating characteristics (RoC) curve, Area under RoC curve (AuC), accuracy, precision-recall curve and mean average precision (mAP). The experimental results of proposed DCNN based IDS shows promising results for real world application in anomaly detection systems.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권7호
• /
• pp.3608-3628
• /
• 2017

Several block cipher modes of operation have been proposed in the literature to protect sensitive information. However, different security analysis models have been presented for attacking them. The analysis indicated that most of the current modes of operation are vulnerable to several attacks such as known plaintext and chosen plaintext/cipher-text attacks. Therefore, this paper proposes a secure block cipher mode of operation to thwart such attacks. In general, the proposed mode combines one-time chain keys with each plaintext before its encryption. The challenge of the proposed mode is the generation of the chain keys. The proposed mode employs the logistic map together with a nonce to dynamically generate a unique set of chain keys for every plaintext. Utilizing the logistic map assures the dynamic behavior while employing the nonce guarantees the uniqueness of the chain keys even if the same message is encrypted again. In this way, the proposed mode called SPCBC can resist the most powerful attacks including the known plaintext and chosen plaintext/cipher-text attacks. In addition, the SPCBC mode improves encryption time performance through supporting parallelized implementation. Finally, the security analysis and experimental results demonstrate that the proposed mode is robust compared to the current modes of operation.

• ETRI Journal
• /
• 제28권4호
• /
• pp.444-452
• /
• 2006

Biometric-based authentication can provide a strong security guarantee of the identity of users. However, the security of biometric data is particularly important as any compromise of the biometric data will be permanent. In this paper, we propose a secure and efficient protocol to transmit fingerprint images from a fingerprint sensor to a client by exploiting the characteristics of the fingerprint images. Because the fingerprint sensor is computationally limited, a standard encryption algorithm may not be applied to the full fingerprint images in real-time to guarantee the integrity and confidentiality of the fingerprint images transmitted. To reduce the computational workload on the resource-constrained sensor, we apply the encryption algorithm to a nonce for integrity and to a specific bitplane of each pixel of the fingerprint image for confidentiality. Experimental results show that the integrity and confidentiality of the fingerprint images can be guaranteed without any leakage of the fingerprint ridge information and can be completed in real-time on embedded processors.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권11호
• /
• pp.2235-2253
• /
• 2011

Digital document file such as Adobe Acrobat or MS-Office is encrypted by its own ciphering algorithm with a user password. When this password is not known to a user or a forensic inspector, it is necessary to recover the password to open the encrypted file. Password cracking by brute-force search is a perfect approach to discover the password but a time consuming process. This paper presents a new method of speeding up password recovery on Graphic Processing Unit (GPU) using a Compute Unified Device Architecture (CUDA). PDF files are chosen as a password cracking target, and the Abode Acrobat password recovery algorithm is examined. Experimental results show that the proposed method gives high performance at low cost, with a cluster of GPU nodes significantly speeding up the password recovery by exploiting a number of computing nodes. Password cracking performance is increased linearly in proportion to the number of computing nodes and GPUs.

• 한국정보통신학회논문지
• /
• 제20권11호
• /
• pp.2014-2020
• /
• 2016

일반적으로 스마트 도어락을 이용한 공공 시설물 관리 시스템은 블루투스 무선 통신 구간에서 항상 보안 취약점을 가지게 된다. 특히 인증 절차 과정에서 비밀키와 같은 중요한 정보를 교환할 때는 주로 무선 구간에서 공격자에 노출될 위험이 높다. 그러므로 무선 구간에서 교환되는 정보는 적절하게 암호화되어 전송될 필요가 있다. 지하철 환기구와 같은 공공 시설물 관리 시스템의 보안 취약점을 분석하기 위해서 GNU Radio 플랫폼과 HackRF 장비의 도입을 통해 소프트웨어적 전력분석 공격이 효율적으로 수행 가능함을 확인하였다. 실험장비를 통해 얻어진 무선 패킷은 패킷 타입, CRC, 데이터 길이 및 데이터 등으로 간단하게 디코딩할 수 있으며 이는 보안취약점 개선에 활용될 예정이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권10호
• /
• pp.2708-2730
• /
• 2012

The growing concern for the protection of personal information has made it critical to implement effective technologies for privacy and data management. By observing the limitations of existing approaches, we found that there is an urgent need for a flexible, privacy-aware system that is able to meet the privacy preservation needs at both the role levels and the personal levels. We proposed a conceptual system that considered these two requirements: a graph-based, access control model to safeguard patient privacy. We present a case study of the healthcare field in this paper. While our model was tested in the field of healthcare, it is generic and can be adapted to use in other fields. The proof-of-concept demos were also provided with the aim of valuating the efficacy of our system. In the end, based on the hospital scenarios, we present the experimental results to demonstrate the performance of our system, and we also compared those results to existing privacy-aware systems. As a result, we ensured a high quality of medical care service by preserving patient privacy.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제6권2호
• /
• pp.734-750
• /
• 2012

CAPTCHAs are automated tests that are there to avoid misuse of computing and information resources by bots. Typical text-based CAPTCHAs are proven to be vulnerable against malicious automated programs. In this paper, we present an image-based CAPTCHA scheme using easily identifiable human appearance characteristics that overcomes the weaknesses of current text-based schemes. We propose and evaluate two applications for our scheme involving 25 participants. Both applications use same characteristics but different classes against those characteristics. Application 1 is optimized for security while application 2 is optimized for usability. Experimental evaluation shows promising results having 83% human success rate with Application 2 as compared to 62% with Application 1.

• Journal of information and communication convergence engineering
• /
• 제1권1호
• /
• pp.39-43
• /
• 2003

The technology required to advance the state of the art of ultra-high-intensity excimer amplifier construction to the 100 J/100fs output pulse level is identified. The preliminary design work for very large final amplifier pumped by electron beam module is described, and key design problems and approaches are presented and discussed in detail based on the recent experimental and theoretical results.