Efficient and privacy preserving k-Nearest neighbor classification in outsourced environment

박정수 Graduate School of Information security, Korea Uni 2020 국내박사

Cloud services with powerful resources are popularly used to manage exponentially increasing data and to carry out data mining to analyze the data. However, data mining in a cloud environment can cause privacy problems by disclosing both data and query. As for techniques to protect privacy, there are two: secure multiparty computation (SMC) and homomorphic encryption. Classification as one task in data mining is used in a wide range of applications and we focus on k-nearest neighbor (kNN) to realize classification. Although several studies have already attempted to address the privacy problems associated with kNN, the results of these studies are inefficient. In addition, as existing SMC protocols are unsuitable for devices with constraint computing power, we focus on SMC protocol consisting of simple operations. In this thesis, we put forward new constructions for privacy-preserving kNN (PPkNN) classification and SMC protocols as follows. - Firstly, we propose PPkNN classification protocol based on SMC which provides privacy of data, query, kNN result and data access patterns during protocol. As a building block of our PPkNN, we propose privacy-preserving and efficient protocol to find k data with the largest value (top-k data), which is denoted by PE-FTK. PE-FTK reduces the average running time by 35% compared to that of a previous work. Moreover, the result of the previous work is probabilistic, i.e., the result can contain some error, while the result of PE-FTK is deterministic, i.e., the result is correct without any error probability. - Secondly, we propose very efficient PPkNN classification protocol based ion homomorphic encryption in dual non-colluding cloud server environment. When conducting experiments with the same dataset, the most efficient PPkNN classification proposed in prior study took 12.02 to 55.5 minutes but our PPkNN classification took 4.16 minutes. Furthermore, since our PPkNN classification allows to be carried out in parallel for each data, its performance can be improved extremely if it is carried out on machine to allow more parallel operations. Our PPkNN classification also protects the privacy of dataset, input query, kNN result, and data access patterns, where we prove its security formally. In order to construct efficient PPkNN classification protocol, we improve PE-FTK and propose protocols that privately find k largest or smallest elements in array, which are denoted by SkLE/SkSE. - Lastly, we propose generic SMC protocol for any number of parties, which only consists of very simple operations such as multiplication and addition without cryptographic operations. Our SMC protocol is information-theoretically secure in the presence of semi-honest adversary and in honest majority setting. We prove its security by simulation paradigm.

Secure vehicle communication using vehicular secrecy capacity

안나영 Graduate School of Information Security, Korea Uni 2020 국내박사

This study was started to implement secure vehicle communication to achieve physical layer security. Physical layer security is basically achieved through the index of secrecy capacity. My research has applied physical layer security to vehicle communications, which is considered one of the answers to the disabling of existing cryptographic systems with the advent of quantum computers. Chapter 1 discusses the necessity of physical layer security in vehicle communications, the definition of secrecy capacity, and various standards related to the vehicle communication. In Chapter 2, we investigated the effects of parameters related to autonomous driving on secrecy capacity, such as vehicle speed, response time and power. In this modeling, the security capacities for fixed eavesdroppers were outline in highway and city intersection situations. The secrecy capacity was found to be affected by the parameters such as vehicle speed, response time, and power. Chapter 3 defines secrecy capacity for vehicles. It is difficult to apply existing secrecy capacity, due to issues such as presence or absence of eavesdropper and channel information of the eavesdropper in actual vehicle communications. As an alternative to this problem, I defined -vehicle secrecy capacity defined solely by an SNR value. In Chapter 4, we investigated depth of the various parameters affecting secrecy capacity in physical layer security. I divided these vehicle security parameters into vehicle-related parameters, antenna-related parameters, path-related parameters, and noise-related parameters. And detailed studies were conducted on each of the parameter groups. These security parameters can be used to control the secrecy capacity in vehicle communications. In Chapter 5, various vehicle communications, using the vehicle secrecy capacity defined above, are proposed. Basically, vehicle communication, maintaining a certain level of security for vehicles, has been proposed. In addition, the concept of a security cluster, having a certain level of vehicle secrecy capacity, is introduced. We also discussed practical techniques for management such as creation, maintenance, or deletion of security clusters. Chapter 6 introduces techniques to strengthen physical layer security. For example, compression sensing, data encryption, quantum cryptography, and geo-fence are introduced. Chapter 7 describes the simulation and results of vehicle communication in intersection and highway situations. I am confident that my research will be a necessity for implementing autonomous driving. In addition to the convenience of autonomous driving, the difficulty of security is compelling. In particular, the advent of quantum computers makes it difficult to achieve the security of vehicle communication with the security of existing application layers. At this point, my research will be the first step towards safe vehicle communications from these threats, and I believe that more advanced studies will be made in the future.

Secure data storage architecture for mobile devices

박진형 Graduate School of Information Security, Korea Uni 2019 국내박사

As mobile devices are increasingly used in various daily activities, they also double as a movable storage that stores various personal/business information of users. Most mobile OS store personal data in its on-device data storage (e.g., file, database, etc.) and provide APIs for apps, which can be used to access data storage managed by the system or to manage its own data storage. Since the data stored in mobile devices might include sensitive information, major mobile OS offer various encryption functionalities such as per-file encryption and full disk encryption to protect privacy. However, the existing methods are not sufficient to provide an effective degree of protection. On an unlocked device, all data in the device are decrypted. Thus, the stored data can be leaked unintentionally through several vulnerabilities, even if FDE is applied. Moreover, even if the data is securely stored and protected in encrypted form, conventional encryption cannot protect against a coercive attacker who can capture the device and force the owner to reveal the encrypted information. Because encrypted binary itself proves the presence of information that the owner does not want others to see, allowing an attacker to realize that the device contains sensitive information might be as dangerous as the disclosure of such information. In order to protect a user against such a coercive attacker, Plausibly Deniable Encryption (PDE) was introduced into mobile devices. However, all the previous works on PDE-enabled storage have insurmountable limitations due to their design principle. Their limitations can compromise the deniability of the existing system. In this thesis, security architectures for mobile data storage are proposed. In the first part, a security architecture for on-device data storage---especially, for database---is presented. Next, the thesis presents an architecture for cloud-based deniable storage to provide security functionalities against a coercive attacker. Last but not least, the thesis presents an optimization technique of cryptographic algorithm that can be leveraged to improve the performance of various security systems including ones in this thesis. To evaluate the feasibility of the proposed architecture, we conduct a series of experiments on our prototype implementation, and the results show that the proposed architectures are feasible with acceptable overhead.

Efficient user authentication based on biometric Data

서민혜 Graduate School of Information Security, Korea Uni 2020 국내박사

Remote user authentication is essential for secure communication over a network. For user convenience and usability, a number of studies have been conducted to authenticate a user with his/her biometric data. Since biometric data is noisy, the readings may differ from time to time although they are derived from the same individual. In this regard, authentication must be equipped to recognize two pieces of fuzzy biometric data within a certain minimal threshold. In the early stages of research, the fuzziness of biometric data was addressed with biometric templates stored intact on the server (in the enrollment phase), which made it possible to measure the degree of similarity with the newly extracted template (in the authentication phase). However, the threat of compromise and limited biometric resources available for authentication prompted the development of biometric cryptosystems to authenticate users while protecting biometric data. These solutions mainly consist of two technologies, a fuzzy extractor that generates a cryptographic key from a user’s biometric data and a fuzzy signature that generates a signature directly from a user’s biometric data. In this thesis, three technologies for remote user authentication based on biometric data are presented. 1. The first result of this thesis presents a biometric-based key derivation function, which generates a cryptographic key from a user’s biometric data. Unlike fuzzy extractors, it does not require any randomized user-dependent information, such as helper data of the fuzzy extractor, to reproduce an identical key from two similar biometric readings. Since the proposed biometric-based key derivation function is conceptually simple and computationally efficient, it can be deployed in a wide range of devices across the Internet of Things. The experimental results on both efficiency in various settings and accuracy using actual biometric databases FVC2002 are given. 2. The second result presents a biometric-based fuzzy extractor, which is an extension of the biometric-based key derivation function. The proposed biometric-based fuzzy extractor is reusable and is the first fuzzy extractor to use real numbers to represent biometric data instead of bit strings or integers. This change requires a new paradigm for constructing fuzzy extractors other than the sketch-and-extract paradigm, thus a new method of generating helper data for real valued biometric data is introduced. Our construction provides much smaller helper data in comparison to the existing reusable fuzzy extractors, which alleviates user inconvenience. The experimental results on accuracy using actual biometric databases FVC2002 and FVC2004 are given. 3. The third result presents a fuzzy vector signature, which is a variant of a fuzzy signature. Unlike the existing fuzzy signature schemes, it uses bit strings or integers to represent biometric data instead of real numbers. Also, the fuzzy vector signature uses additional user-dependent public information to generate a signature. This user-dependent public information consists only of random values that are not associated with the user’s biometric data, thus making the fuzzy vector signature reusable. The fuzzy vector signature also provides VK privacy and Anonymity to ensure user privacy against both malicious servers and external attackers.

Research on security architecture using ship cyberthreat analysis and attack surface index

조용현 Graduate School of Information Security, Korea Uni 2022 국내박사

Contemporary ships are being built by applying information and communications technology. Digital ship systems have become available to many ships and crew members, providing easier and more efficient navigation than ever. However, as the digitization of ships has been applied, the risk of cyberattacks has also increased. A new concept of cybersecurity is required for a ship, in response to thus far unknown cyberthreats. There have been debates over recent years in the maritime industry. Many reports have mentioned the security threats against ships, while there is a lack of systematic threat analysis and security design. Thus, this study surveys the cybersecurity trends of ships, presents security threats that can affect ships, and introduces actual attack cases. The MITRE ATT&CK framework, a systematic cyberattack analysis method, is utilized for detailed analysis. Furthermore, we propose a methodology to identify and quantify the “ship attack surface.” This study further analyzes the difference according to the change in ship attack surface information. Based on these results, ship security architecture using a cube-based model is introduced as the concept of ship cybersecurity. Because international regulations and guidelines for cybersecurity in the shipping and maritime industry are continuously developing, a system is also proposed for researchers and engineers to share information on ship cybersecurity vulnerabilities, threats, and related trends

(A) secure ID-based anonymous authentication scheme for wireless body area networks

정민수 Graduate School of Information Security, Korea Uni 2017 국내석사

Wireless Body Area Networks is an environment that provides an appropriate service remotely by collecting user's biometric information. With the growing importance of sensor, WBAN also attracts extensive attention. Since WBAN is representatively used in medical field, it can be directly related to the patient's life. Hence security is very important in WBAN. Mutual authentication between the client and the application provider is essential. And efficiency is also important because used device is limited to computation cost. In this reason, ID-based anonymous authentication scheme in WBAN has been intensively studied. We review security of the existing schemes. And we show that the recent research result of Wu et al. which is about the ID-based anonymous authentication scheme is to be vulnerable to impersonation attack. So we propose a new ID-based anonymous authentication scheme that is efficient and secure against the attacks revealed in the existing schemes.

Implementation of the automated de-obfuscation tool to restore working executables

강유진 Graduate School of Information Security, Korea Uni 2018 국내석사

As cyber threats using malicious code continue to increase, many security and vaccine companies are putting a lot of effort into analysis and detection of malicious codes. However, obfuscation techniques that make software analysis more difficult, are applied to malicious codes, making it difficult to respond rapidly. In particular, commercial obfuscation tools can rapidly and easily generate new variants of malicious codes so making code analysts hard to respond to malicious codes. In order for analysts to rapidly analyze the actual malicious behavior of the new variants, reverse obfuscation(=de-obfuscation) is needed to disable obfuscation. In this paper, general analysis methodology is proposed to de-obfuscate the software used by a commercial obfuscation tool, Themida. First, We describe the operation principle of Themida by analyzing obfuscated executable file using Themida. Next, We extract original code and data information of the executable from obfuscated executable using Pintool, DBI(Dynamic Binary Instrumentation) framework, and explained the implementation results of automated analysis tool which can deobfuscate to original executable using the extracted original code and data information. Finally, We evaluate the performance of our automated analysis tool by comparing the original executable with the de-obfuscated executable.

(A) study to identify a source of the SmartPhone JPEG image file

김민식 Graduate School of Information Security, Korea Uni 2017 국내석사

As taking pictures using Smartphones has become popular, there have been many issues with manipulations of images and leak of confidential information. Therefore, the demand to prove the forgery/alteration of image files and to identify its origin is constantly increasing. In general, Smartphones save image file as the form of JPEG files, and header part of the images saves DQT which determines compressiblitity of the image. There is also DQT in Thumbnail image inside of JPEG. Existing researches were trying to distinguish devices which take the image by using only DQT. However, those researches have low accuracy. In this research, therefore, procedure has been set up to find out both Smartphone device which takes a photo and application which edits and saves the image file through not only DQT information but also experimenting DQT information in Thumbnail image. Also, distinguishing the source of image will be more accurate by establishing DQT information of JPEG file and DQT information database.

(An) enhanced scheme of PUF-assisted group key distribution in SDWSN

오정민 Graduate School of Information Security, Korea Uni 2020 국내석사

In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.’s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.’s scheme by adding counter strings and random information but deleting the redundant synchronization information.

Fault attacks and countermeasures on public key cryptosystems

김성경 Graduate School of Information Security, Korea Uni 2012 국내박사

The security of public key signature and identification schemes is related to the difficulties of factorization (e.g. RSA-type schemes), discrete logarithm problems (e.g. ElGamal-type schemes), and finding a square root modulo a composite number (e.g. Fiat-Shamir schemes) and so on. Although public key cryptosystems are mathematically secure, we cannot guarantee that it is also secure when it is implemented in cryptographic devices. After the introduction of the concept of side channel analysis in 1996, various attacks to break cryptographic algorithms implemented in embedded devices have been proposed. Among them, fault attacks are a powerful cryptanalysis technique that enables to break cryptographic implementations embedded in portable devices more efficiently than any other techniques. Therefore, the main aim of this thesis is to make efficient schemes based on public key cryptosystems secure against fault attacks: RSA-type schemes, ElGamal-type schemes, and Fiat-Shamir-type schemes. For RSA-type schemes, only one or few faulty executions suffices to factorize the public modulus and fully recover the private key. Studies on countermeasures against fault attacks for RSA-type schemes and modular exponentiation algorithms are of great importance, since RSA-type schemes are undoubtedly the most common digital signature schemes used in embedded security devices. We describe existing problems and new weaknesses of previous countermeasures. Then we propose new modular exponentiation and CRT-RSA algorithms that can defend against all known attacks. ElGamal-type signature schemes are well-known and popular among the discrete logarithm problem based schemes. There are several fault attacks on ElGamal-type signature schemes. However neither sound nor effective countermeasures for these schemes have been proposed to date. Therefore, we summarize all possible fault attacks on ElGamal-type signature schemes and propose secure variants immune to the listed vulnerabilities. Furthermore, we propose a secure and practical modification of the Fiat-Shamir identification scheme resistant against fault attacks. The Fiat-Shamir identification scheme is popular for `light' consumer devices, such as smart cards, in a wide range of consumer services. However, it can also be vulnerable to fault attacks, even though a cryptographic algorithm is theoretically secure. But, countermeasures on the Fiat-Shamir identification scheme are nonexistent. Thus, we should pay more attention to a study on fault based attacks and their countermeasures for various public key cryptographic algorithms and schemes.