National Institute of Standards and Technology における超伝導研究及び生活

The objective of this paper is to give a comprehensive introduction to applied cryptography with an engineer or computer scientist in mind. The emphasis is on the knowledge needed to create practical systems which supports integrity, confidentiality, or authenticity. Topics covered includes an introduction to the concepts in cryptography, attacks against cryptographic systems, key use and handling, random bit generation, encryption modes, and message authentication codes. Recommendations on algorithms and further reading is given in the end of the paper. This paper should make the reader able to build, understand and evaluate system descriptions and designs based on the cryptographic components described in the paper.

[서평]「Applied Cryptography」

Cognitive engineering

Network intrusion detection systems (NIDSs) play a crucial role in defending computer networks. However, there are concerns regarding the feasibility and sustainability of current approaches when faced with the demands of modern networks. More specifically, these concerns relate to the increasing levels of required human interaction and the decreasing levels of detection accuracy. This paper presents a novel deep learning technique for intrusion detection, which addresses these concerns. We detail our proposed nonsymmetric deep autoencoder (NDAE) for unsupervised feature learning. Furthermore, we also propose our novel deep learning classification model constructed using stacked NDAEs. Our proposed classifier has been implemented in graphics processing unit (GPU)-enabled TensorFlow and evaluated using the benchmark KDD Cup ’99 and NSL-KDD datasets. Promising results have been obtained from our model thus far, demonstrating improvements over existing approaches and the strong potential for use in modern NIDSs.

/pdf/a-deep-learning-approach-to-network-intrusion-detection-n63kpq7big.pdf

A Deep Learning Approach to Network Intrusion Detection

Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyberattacks at the network-level and the host-level in a timely and automatic manner. However, many challenges arise since malicious attacks are continually changing and are occurring in very large volumes requiring a scalable solution. There are different malware datasets available publicly for further research by cyber security community. However, no existing study has shown the detailed analysis of the performance of various machine learning algorithms on various publicly available datasets. Due to the dynamic nature of malware with continuously changing attacking methods, the malware datasets available publicly are to be updated systematically and benchmarked. In this paper, a deep neural network (DNN), a type of deep learning model, is explored to develop a flexible and effective IDS to detect and classify unforeseen and unpredictable cyberattacks. The continuous change in network behavior and rapid evolution of attacks makes it necessary to evaluate various datasets which are generated over the years through static and dynamic approaches. This type of study facilitates to identify the best algorithm which can effectively work in detecting future cyberattacks. A comprehensive evaluation of experiments of DNNs and other classical machine learning classifiers are shown on various publicly available benchmark malware datasets. The optimal network parameters and network topologies for DNNs are chosen through the following hyperparameter selection methods with KDDCup 99 dataset. All the experiments of DNNs are run till 1,000 epochs with the learning rate varying in the range [0.01-0.5]. The DNN model which performed well on KDDCup 99 is applied on other datasets, such as NSL-KDD, UNSW-NB15, Kyoto, WSN-DS, and CICIDS 2017, to conduct the benchmark. Our DNN model learns the abstract and high-dimensional feature representation of the IDS data by passing them into many hidden layers. Through a rigorous experimental testing, it is confirmed that DNNs perform well in comparison with the classical machine learning classifiers. Finally, we propose a highly scalable and hybrid DNNs framework called scale-hybrid-IDS-AlertNet which can be used in real-time to effectively monitor the network traffic and host-level events to proactively alert possible cyberattacks.

/pdf/deep-learning-approach-for-intelligent-intrusion-detection-19gksnoeyl.pdf

Deep Learning Approach for Intelligent Intrusion Detection System

On Android environment, program development is conducted with JAVA SDK. However, using JAVA, it is operated over virtual machine which shows lower performance in terms of speed than traditional C language programming. The method writes program in C language, which conducts operation efficiently. In the paper, we implement multiplication using NDK and SDK to analyze the public key cryptography over Android environment. In case of SDK, we used BigInteger package and in case of NDK, we used Comb method. Moreover, execution time of arithmetic, branch and call operations over Android environment is compared to understand performance enhancement using NDK package.

/pdf/implementation-and-analysis-of-multi-precision-34qc3st9xu.pdf

Implementation and Analysis of Multi-precision Multiplication for Public Key Cryptography Based on NDK

Wearable technology provides user friendly and customized services with multiple sensor data. However, user's sensor data is very personal and sensitive information. If malicious user abuses this information, it would cause huge social problems. In this paper, we present a novel hacking method to identify the user's password from wearable devices. We gathered three axis acceleration information from user's wearable devices and estimated the user's activity. After then we conducted post-processing to eliminate the impossible cases. This approach reduces the password complexity by 99.99i¾?%.

Open Sesame! Hacking the Password

Since realization of E-voting system expands participation of voters and efficient count of voting, political and social and technical revolution is possible. However, without secure e-voting system, practical usages are infeasible. In the paper, we propose an e-voting system which is able to open votes in server without decryption during midst process using EC-ELGAMAL homomorphic cryptography. Users ensure anonymity with pseudo id from server and check their voting with Bloom Filter technology. Furthermore, we combine attributes and voters` information, so we can collect information of voter under the condition of anonymity.

/pdf/ec-elgamal-homomorphic-cryptography-based-e-voting-system-3i7obt5ake.pdf

EC-ELGAMAL Homomorphic Cryptography based E-voting System

The present invention relates to a device and a method for classifying appliances by using electric power data analysis, which classify appliances by analyzing electric power data that are collected from customers and extracting an impedance component of electric power, including: an electric power consumption data detection unit which detects electric power consumption data; a frequency component extraction unit which receives the input of the electric power consumption data as a stream and separates and extracts a low-frequency component and a high-frequency component; a low-frequency component analysis data output unit which outputs electric energy data from the low-frequency component and outputs electric power analysis data employing developments of the data; a high-frequency component analysis data output unit which outputs phase angle data from the high-frequency component and outputs frequency analysis data from the high-frequency component; and an impedance modeling unit which performs impedance modeling based on a change in an electric current amount and a change in a phase angle and classifies appliances by using same.

Device and method for classifying appliances by using electric power data analysis

In a typical data pipeline, the dataflow starts from the first node, where the data is initiated, and moves to the last node in the pipeline, where the processed data will be stored. Due to the sheer number of involved participants, it is crucial to protect the dataflow integrity in the pipeline. While previous studies have outlined solutions to this matter, the solution for an untrusted data pipeline is still left unexplored, which motivates us to propose SIGNORA. Our proposal combines the concept of a chain of signatures with blockchain receipt to provide dataflow integrity. The chain of signatures provides a non-repudiation guarantee from participants, while the hash of the data and signatures is anchored in the blockchain for a non-tampering guarantee through blockchain receipt. Aside from that, SIGNORA also satisfies essential requirements of running data pipeline processing in an open and untrusted environment, such as (i) providing reliable identity management, (ii) solving the trust and accountability issues through a reputation system, (iii) supporting various devices through multiple cryptographic algorithms (i.e., ECDSA, EdDSA, RSA, and HMAC), and (iv) off-chain processing. Our experiment results show that SIGNORA can provide dataflow integrity provisioning in multiple scenarios of data payload size with reasonable overhead. Furthermore, the cost of smart contract methods has also been analyzed, and several off-chain solutions have been addressed to reduce transaction costs. Finally, the reputation system can adapt to the history of nodes’ activities by increasing their scores when they actively perform honest behavior while reducing their scores when they become inactive. Therefore, SIGNORA can provide a high degree of accountability for participants collaborating in an untrusted environment.

https://ieeexplore.ieee.org/ielx7/6287639/6514899/09861623.pdf

Howon Kim

Papers

Implementation and Analysis of Multi-precision Multiplication for Public Key Cryptography Based on NDK

Open Sesame! Hacking the Password

EC-ELGAMAL Homomorphic Cryptography based E-voting System

Device and method for classifying appliances by using electric power data analysis

SIGNORA: A Blockchain-Based Framework for Dataflow Integrity Provisioning in an Untrusted Data Pipeline