Howon Kim

Bio: Howon Kim is an academic researcher from Pusan National University. The author has contributed to research in topics: Encryption & Multiplication. The author has an hindex of 25, co-authored 270 publications receiving 2788 citations. Previous affiliations of Howon Kim include Electronics and Telecommunications Research Institute & Katholieke Universiteit Leuven.

Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection

Abstract: Due to the advance of information and communication techniques, sharing information through online has been increased. And this leads to creating the new added value. As a result, various online services were created. However, as increasing connection points to the internet, the threats of cyber security have also been increasing. Intrusion detection system(IDS) is one of the important security issues today. In this paper, we construct an IDS model with deep learning approach. We apply Long Short Term Memory(LSTM) architecture to a Recurrent Neural Network(RNN) and train the IDS model using KDD Cup 1999 dataset. Through the performance test, we confirm that the deep learning approach is effective for IDS.

WIPI mobile platform with secure service for mobile RFID network environment

Abstract: Recently, RFID (Radio Frequency Identification) technology is practically applied to a number of logistics processes as well as asset management, and RFID is also expected to be permeated in our daily life with the name of ’Ubiquitous Computing’ or ‘Ubiquitous Network’ within the near future. The R&D groups in global now have paid attention to integrate RFID with mobile devices as well as to associate with the existing mobile telecommunication network. Such a converged technology and services would lead to make new markets and research challenges. However, the privacy violation on tagged products has become stumbling block. We propose light-weight security mechanism which is constructed by mobile RFID security mechanism based on WIPI (Wireless Internet Platform for Interoperability). WIPI-based light-weight mobile RFID security platform can be applicable to various mobile RFID services that required secure business applications in mobile environment.

Nonintrusive Load Monitoring Based on Advanced Deep Learning and Novel Signature

Abstract: Monitoring electricity consumption in the home is an important way to help reduce energy usage. Nonintrusive Load Monitoring (NILM) is existing technique which helps us monitor electricity consumption effectively and costly. NILM is a promising approach to obtain estimates of the electrical power consumption of individual appliances from aggregate measurements of voltage and/or current in the distribution system. Among the previous studies, Hidden Markov Model (HMM) based models have been studied very much. However, increasing appliances, multistate of appliances, and similar power consumption of appliances are three big issues in NILM recently. In this paper, we address these problems through providing our contributions as follows. First, we proposed state-of-the-art energy disaggregation based on Long Short-Term Memory Recurrent Neural Network (LSTM-RNN) model and additional advanced deep learning. Second, we proposed a novel signature to improve classification performance of the proposed model in multistate appliance case. We applied the proposed model on two datasets such as UK-DALE and REDD. Via our experimental results, we have confirmed that our model outperforms the advanced model. Thus, we show that our combination between advanced deep learning and novel signature can be a robust solution to overcome NILM’s issues and improve the performance of load identification.

Design and implementation of a private and public key crypto processor and its application to a security system

Abstract: This paper presents the design and implementation of a crypto processor, a special-purpose microprocessor optimized for the execution of cryptography algorithms. This crypto processor can be used for various security applications such as storage devices, embedded systems, network routers, security gateways using IPSec and SSL protocol, etc. The crypto processor consists of a 32-bit RISC processor block and coprocessor blocks dedicated to the AES, KASUMI, SEED, triple-DES private key crypto algorithms and ECC and RSA public key crypto algorithm. The dedicated coprocessor block permits fast execution of encryption, decryption, and key scheduling operations. The 32-bit RISC processor block can be used to execute various crypto algorithms such as Hash and other application programs such as user authentication and IC card interface. The crypto processor has been designed and implemented using an FPGA, and some parts of crypto algorithms has been fabricated as a single VLSI chip using 0.5 /spl mu/m CMOS technology. To test and demonstrate the capabilities of this chip, a custom board providing real-time data security for a data storage device has been developed.

An Effective Intrusion Detection Classifier Using Long Short-Term Memory with Gradient Descent Optimization

Abstract: Intrusion Detection System (IDS) is one of the important issues in network security. IDSs are built to detect both known and unknown malicious attacks. Several machine learning algorithms are used widely in IDS such as neural network, SVM, KNN etc. However, these algorithms have still some limitations such as high false positive and false alarm rate. In this paper, our contribution is to build a classifier of IDS following deep learning approach. We find the most suitable optimizer among six optimizes for Long Short-Term Memory Recurrent Neural Network (LSTM RNN) model applied in IDS. Through our experiments, we found that LSTM RNN model with Nadam optimizer outperforms to previous works. We demonstrate our approach is really efficiency to intrusion detection with accuracy is 97.54%, detection rate is 98.95%, and false alarm rate is reasonable with 9.98%.

[서평]「Applied Cryptography」

Abstract: The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

A Deep Learning Approach to Network Intrusion Detection

Abstract: Network intrusion detection systems (NIDSs) play a crucial role in defending computer networks. However, there are concerns regarding the feasibility and sustainability of current approaches when faced with the demands of modern networks. More specifically, these concerns relate to the increasing levels of required human interaction and the decreasing levels of detection accuracy. This paper presents a novel deep learning technique for intrusion detection, which addresses these concerns. We detail our proposed nonsymmetric deep autoencoder (NDAE) for unsupervised feature learning. Furthermore, we also propose our novel deep learning classification model constructed using stacked NDAEs. Our proposed classifier has been implemented in graphics processing unit (GPU)-enabled TensorFlow and evaluated using the benchmark KDD Cup ’99 and NSL-KDD datasets. Promising results have been obtained from our model thus far, demonstrating improvements over existing approaches and the strong potential for use in modern NIDSs.

Deep Learning Approach for Intelligent Intrusion Detection System

Abstract: Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyberattacks at the network-level and the host-level in a timely and automatic manner. However, many challenges arise since malicious attacks are continually changing and are occurring in very large volumes requiring a scalable solution. There are different malware datasets available publicly for further research by cyber security community. However, no existing study has shown the detailed analysis of the performance of various machine learning algorithms on various publicly available datasets. Due to the dynamic nature of malware with continuously changing attacking methods, the malware datasets available publicly are to be updated systematically and benchmarked. In this paper, a deep neural network (DNN), a type of deep learning model, is explored to develop a flexible and effective IDS to detect and classify unforeseen and unpredictable cyberattacks. The continuous change in network behavior and rapid evolution of attacks makes it necessary to evaluate various datasets which are generated over the years through static and dynamic approaches. This type of study facilitates to identify the best algorithm which can effectively work in detecting future cyberattacks. A comprehensive evaluation of experiments of DNNs and other classical machine learning classifiers are shown on various publicly available benchmark malware datasets. The optimal network parameters and network topologies for DNNs are chosen through the following hyperparameter selection methods with KDDCup 99 dataset. All the experiments of DNNs are run till 1,000 epochs with the learning rate varying in the range [0.01-0.5]. The DNN model which performed well on KDDCup 99 is applied on other datasets, such as NSL-KDD, UNSW-NB15, Kyoto, WSN-DS, and CICIDS 2017, to conduct the benchmark. Our DNN model learns the abstract and high-dimensional feature representation of the IDS data by passing them into many hidden layers. Through a rigorous experimental testing, it is confirmed that DNNs perform well in comparison with the classical machine learning classifiers. Finally, we propose a highly scalable and hybrid DNNs framework called scale-hybrid-IDS-AlertNet which can be used in real-time to effectively monitor the network traffic and host-level events to proactively alert possible cyberattacks.