• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1284-1297
• /
• 2019

The network environment is presently becoming very increased. Accordingly, the study of traffic classification for network management is becoming difficult. Automatic signature extraction system is a hot topic in the field of traffic classification research. However, existing automatic payload signature generation systems suffer problems such as semi-automatic system, generating of disposable signatures, generating of false-positive signatures and signatures are not kept up to date. Therefore, we provide a fully automatic signature update system that automatically performs all the processes, such as traffic collection, signature generation, signature management and signature verification. The step of traffic collection automatically collects ground-truth traffic through the traffic measurement agent (TMA) and traffic management server (TMS). The step of signature management removes unnecessary signatures. The step of signature generation generates new signatures. Finally, the step of signature verification removes the false-positive signatures. The proposed system can solve the problems of existing systems. The result of this system to a campus network showed that, in the case of four applications, high recall values and low false-positive rates can be maintained.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.615-622
• /
• 2013

Fast and accurate signature extraction is essential to improve the performance of the payload signature-based traffic analysis methods. However the slow manual process in extracting signatures make difficult to deal with the rapidly changing application in current Internet environment. Therefore, in this paper we propose a system automatically generating signatures from ground-truth traffic data. In addition, we improve the efficiency of signature extraction by recognizing the application protocol using a protocol filters and generating signatures automatically according to the application-specific protocol contents. In order to verify the validity of the system proposed in this paper, we compared the signatures automatically generated from our system with the signatures manually created for a few popular applications.

• The KIPS Transactions:PartC
• /
• v.17C no.1
• /
• pp.99-108
• /
• 2010

The traffic classification is a preliminary but essentialstep for stable network service provision and efficient network resource management. While various classification methods have been introduced in literature, the payload signature-based classification is accepted to give the highest performance in terms of accuracy, completeness, and practicality. However, the collection and maintenance of up-to-date signatures is very difficult and time consuming process to cope with the dynamics of Internet traffic over time. In this paper, We propose an automatic payload signature generation mechanism which reduces the time for signature generation and increases the granularity of signatures. Furthermore, We describe a signature update system to keep the latest signatures over time. By experiments with our campus network traffic we proved the feasibility of our mechanism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.1
• /
• pp.98-107
• /
• 2017

In these days, the increase of applications that highly use network resources has revealed the limitations of the current research phase from the traffic classification for network management. Various researches have been conducted to solutions for such limitations. The representative study is automatic finding of the common pattern of traffic. However, since the study of automatic signature generation is a semi-automatic system, users should collect the traffic. Therefore, these limitations cause problems in the traffic collection step leading to untrusted accuracy of the signature verification process because it does not contain any of the generated signature. In this paper, we propose an automated traffic collection, signature management, signature generation and signature verification process to overcome the limitations of the automatic signature update system. By applying the proposed method in the campus network, actual traffic signatures maintained the completeness with no false-positive.

• The Journal of the Acoustical Society of Korea
• /
• v.20 no.1E
• /
• pp.25-30
• /
• 2001

The unstable signature that is defined as frequency change with respect to the time or frequency modulation, is caused by the external loading variation in specific machinery component and Doppler shift etc. In this study, we analyze the generation mechanism of the unstable signature and apply the Extended Kalman filter (EKF) algorithm for its detection. The performance of Extended Kalman Filter is examined for numerical and measured signals and the results show its validity for unstable signature detection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1572-1593
• /
• 2018

The diversity and fast growth of Internet traffic volume are highly influenced by mobile and computer applications being developed. Moreover, the developed applications are too dynamic to be identified and monitored by network administrators. Several approaches have been proposed to identify network applications, however, are still not robust enough to identify modern applications. This paper proposes both, TSA (Traffic collection, Signature generation and Applications identification) system and a derived algorithm so called CSP (Contiguous Sequential Patterns) to identify applications for management and security in IP networks. The major focus of this paper is the CSP algorithm which is automated in two modules (Signature generation and Applications identification) of the proposed system. The proposed CSP algorithm generates DNA-like unique signatures capable of identifying applications and their individual services. In this paper, we show that the algorithm is suitable for generating efficient signatures to identify applications and application services in high accuracy.

• KIISE Transactions on Computing Practices
• /
• v.23 no.3
• /
• pp.141-147
• /
• 2017

Recently there has been an increasing demand for developing a domestic software (S/W) for infrared signature generation to prevent technology leakage and match the domestic operating environment. In this study, we developed a S/W for infrared signature generation and presented its structures and functions for creating and analyzing the IR images of designated spectral bands. The proposed S/W generates IR images of an object through calculations of surface temperatures and IR signals including the self-emitted, surface reflected and path dependent radiances. Moreover, the proposed S/W includes the features of infrared threat analyses from the generated IR images including the infrared contrast radiant intensity (CRI), detection ranges or detection probability analyses, unlike the imported, commercial infrared signature generation S/W.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.389-395
• /
• 2014

In a biometric signature scheme, a user's biometric key is used to sign the document. It also requires the user be authenticated with biometric recognition method, prior to signing the document. Because the biometric recognition is launched every time the signature session started, it is not suitable for electronic commerce applications such as shopping malls where large number of documents to sign are required. Therefore, to commercialize biometric based signature schemes, the new proxy signature scheme is needed to ease the burden of the signer. In the proxy signature scheme, the signer can delegate signing activities to trustful third parties. In this study, the biometric based signature delegation method is proposed. The proposed scheme is suitable for applications where a lot of signing are required. It is consisted of biometric key generation, PKI based mutual authentication, signature generation and verification protocols.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.2
• /
• pp.13-24
• /
• 1999

Electronic cash is a digital signature issued by bank. If the concept of the distributed secret sharing and magic ink signature is introduced in the existing electronic cash system we can increase the security level and the availability of electronic cash system and trace the electronic cash itself and the owner of electronic cash which was issued anonymously to a user in case of illegal usage of electronic cash by users. If the trust is concentrated on one bank system. the problem of misuse of bank can be occurred. To solve this problem, the distributed secrete sharing scheme need to be introduced in electronic cash system. In this paper We propose a DSS(Digital Signature Standard) distributed magic ink signature scheme and a KCDSA(Korea Certificate-based Digital Signature Algorithm) distributed magic ink signature scheme using a verifiable secret sharing method. and we compare two methods with respect to the required computation amount for the generation of magic-ink signature.

• Journal of KIISE
• /
• v.44 no.4
• /
• pp.344-351
• /
• 2017

An attribute based signature system is a cryptographic system where users produce signatures based on some predicate of attributes, using keys issued by one or more attribute authorities. If a private key is leaked during signature generation, the signature can be forged. Therefore, signing operation computations should be performed using secure hardware, which is called tamper resistant hardware in this paper. However, since tamper resistant hardware does not provide high performance, it cannot perform many operations requiring attribute based signatures in a short time frame. This paper proposes a new attribute based signature system using high performance general hardware and low performance tamper resistant hardware. The proposed signature scheme consists of two signature schemes within a existing attribute based signature scheme and a digital signature scheme. In the proposed scheme, although the attribute based signature is performed in insecure environments, the digital signature scheme using tamper resistant hardware guarantees the security of the signature scheme. The proposed scheme improves the performance by 11 times compared to the traditional attribute based signature scheme on a system using only tamper resistant hardware.