Main Program
Session 1 Attack and Defense I
〮===========================================================================
Paper #5: Lightweight Fault Attack Resistance in Software Using
Intra-Instruction Redundancy, Revisited
---------------------------------------------------------------------------
Authors: hwajeong seo (hansung university)
taehwan park (pusan national university)
janghyun ji (pusan national university)
howon kim (pusan national university)
---------------------------------------------------------------------------
Fast implementations of block cipher is fundamental building block to achieve the high-speed and secure communication between IT platforms. Even though the communication is securely encrypted, the system can be exploited by malicious users if the attackers inject fault signal to the system and extract the secret information. For this reason, we need to ensure the high performance encryption together with secure countermeasures against side channel attacks. In this paper, we present a novel countermeasure against fault attack on Single Instruction Multiple Data (SIMD) architecture (e.g., ARM-NEON, INTEL-SSE, INTEL-AVX2). The methods achieved the fault attack resistance by using intra-instruction redundancy feature in SIMD instruction set performing multiple data in single instruction. Finally, we applied the new fault attack countermeasures on the block cipher LEA and achieved the intra-instruction redundancy and high performance over modern ARM-NEON architectures.
===========================================================================
Paper #46: Exposing Digital Forgeries by Detecting a Contextual
Violation Using Deep Neural Networks
---------------------------------------------------------------------------
Authors: Jong-Uk Hou (KAIST)
Hanul Jang (KAIST)
Jin-Seok Park (KAIST)
Heung-Kyu Lee (KAIST)
---------------------------------------------------------------------------
Previous digital image forensics focused on the low-level features that include traces of the image modifying history. In this paper, we present a framework to detect the manipulation of images through a contextual violation. First, we proposed a context learning convolutional neural networks (CL-CNN) that detects the contextual violation in the image. In combination with a well-known object detector such as R-CNN, the proposed method can evaluate the contextual scores according to the combination of objects in the image. Through experiments, we showed that our method effectively detects the contextual violation in the target image.
===========================================================================
Paper #42: Robust 3D Mesh Watermarking Scheme for an Anti-Collusion
Fingerprint Code
---------------------------------------------------------------------------
Authors: Jong-Uk Hou (KAIST)
In-Jae Yu (KAIST)
Hyun-Ji Song (KAIST)
Heung-Kyu Lee (KAIST)
---------------------------------------------------------------------------
Collusion attack is one of the techniques used for unauthorized removal of embedded marks. In this paper, we propose a robust 3D mesh fingerprinting scheme for an anti-collusion code. In contrast to the existing robust mesh watermarking which provides unsuitable primitives for anti-collusion code, the proposed method has well-operated capacity to carry the anti-collusion fingerprint code. In order to minimize the detection error, we also modeled the response of the detector and herein present optimized thresholds for our method. Based on the experiments, the proposed method outperformed conventional robust mesh watermarking against collusion attack in all cases.
Session 2 Theory in Security
===========================================================================
Paper #7: The Search Successive Minima Problem is Equivalent to Its
Optimization Version
---------------------------------------------------------------------------
Authors: Haoyu Li (Key Laboratory of Mathematics Mechanization,
Academy of Mathematics and Systems Science, NCMIS, Chinese Academy of Sciences, Beijing 100190, China &Science an Technology on Communication Security Laboratory, Chengdu 610041, China)
Yanbin Pan (Key Laboratory of Mathematics Mechanization, Academy of Mathematics and Systems Science, NCMIS, Chinese Academy of Sciences, Beijing 100190, China &Science and Technology on Communication Security Laboratory, Chengdu 610041, China)
---------------------------------------------------------------------------
The shortest vector problem (SVP) and the shortest independent vectors problem (SIVP) are two famous problems in lattice, which are usually used to evaluate the hardness of some computational problems related to lattice. It is well known that the search-SVP is equivalent to its optimization version. However, it seems very difficult to prove the equivalence between search-SIVP and optimization-SIVP. In this paper, we revisit the Successive Minima Problem (SMP), which is proved the equivalence relation with SIVP. Naturally we will consider its optimization version as to find all successive minima of a given lattice, finally we will prove that it is equivalent to its search version.
===========================================================================
Paper #19: An Improved Algorithm to Solve the Systems of Univariate
Modular Equations
---------------------------------------------------------------------------
Authors: Jingguo Bi (Institute for Advanced Study,Tsinghua University;Laboratory of Cryptology,P. O.Box 5159, Beijing)
Mingqiang Wang (School of Mathematics,Shandong University)
Wei Wei (China Information Technology Security Evaluation Center, Beijing)
---------------------------------------------------------------------------
In this paper, we propose an improved algorithm to solve the univariate
modular equations with mutually co-prime moduli problem. This problem was first proposed in H{\aa}stad's original RSA broadcast attack. At PKC 2008, May and Ritzenhofen improved H{\aa}stad's result by using a slightly different transformation
from polynomial systems to a single polynomial. In this work, we propose a new construction method to combine all the $k$ equations into a single equation $f(x)\equiv 0 \mod \prod_{i=1}^{k}N_i$.
Our improved algorithm possesses two advantages compared with the two previous ones. Compared with H{\aa}stad's approach, our algorithm only needs fewer number of
equations which suffice for a recovery of all common roots. Compared with May and Ritzenhofen's, our method obtains the single equation $f(x)$ with a smaller degree. The benefit is that this new algorithm will find the small solution $x_0$ more efficiently when we invoke Coppersmith's algorithm.
===========================================================================
〮 Paper #28: O2TR: Offline Off-the-Record (OTR) messaging
---------------------------------------------------------------------------
Authors: Mahdi Daghmehchi Firoozjaei (Sungkyunkwan University)
Sang Min Lee (Sungkyunkwan University)
Hyoungshick Kim (Sungkyunkwan University)
---------------------------------------------------------------------------
Off-the-record (OTR) is a security protocol to provide privacy preserving in instant messaging (IM) systems. However, the original OTR is not applicable in some practical scenarios (e.g., when communication network became disconnected) because OTR requires both parties to be online at the same time. To address this limitation, we extend the original OTR into a new protocol named offline OTR (O2TR). O2TR makes the conversation parties be able to handle an offline message with no live private session. To show the feasibility of the proposed protocol, we implemented O2TR using the Gajim XMMP instant messaging platform. Our experiments showed that O2TR can be used when a network party is broken down. Moreover, O2TR provides the efficient session refreshment which is about 34% faster than the original OTR.
===========================================================================
Paper #43: ARM/NEON Co-Design of Multiplication/Squaring
---------------------------------------------------------------------------
Authors: hwajeong seo (hansung university)
taehwan park (pusan national university)
janghyun ji (pusan national university)
zhi hu (Central South University, China)
howon kim (pusan national university)
---------------------------------------------------------------------------
Many modern mobile processors support new SIMD extensions (e.g. NEON engine) and previous applications (e.g. image processing, cryptography) written in SISD are accelerated by re-writing the previous implementations in SIMD instruction sets. Particularly, integer multiplication and squaring operations are the most expensive in Public Key Cryptography (PKC). Many works have been conducted to reduce
the execution timing in NEON instruction set. However, ARM-NEON processor also supports powerful ARM instruction set as well. By exploiting the ARM instruction together with NEON engine, we can achieve
further improved performance. After this observation, we introduce new
parallel approach for integer multiplication and squaring operations on
ARM{NEON processors. Unlike previous implementations, we mix-use
both ARM and NEON instructions to hide computation latency for ARM
into NEON. Since ARM and NEON modules are separated units, the assignments are successfully issued independently. The integer multiplication and squaring are finely divided into several sub-tasks and the
sub-tasks are properly assigned to ARM and NEON in order to balance
the workloads. Finally, the proposed implementations outperform the
best-known results on the identical ARM{NEON processors by 22.4%
and 18.3% for 2048-bit integer multiplication and squaring, respectively.
Session 3 Web Security and Emerging Technologies
===========================================================================
Paper #16: WheelLogger : Driver Tracing using Smart Watch
---------------------------------------------------------------------------
Authors: Joon Young Park (Graduate School of Information Security, Korea University)
Jong Pil Yun (Graduate School of Information Security, Korea University)
Dong Hoon Lee (Graduate School of Information Security, Korea University)
---------------------------------------------------------------------------
Stealing of sensitive information on mobile device is always considered to be serious threats to users. Most of all, location related data is the one of the most sensitive data for every conditions. Yet the confirmation of the permissions on modern smart devices can prevent the explicit privacy leak from location related sensors, recent researches are showing that side-channel attacks using the sensors with zero-permission application can infer the user's location related information. In this paper, we show that a zero-permission smart watch application can infer the driven route of the vehicle without any attention of the user. Especially, we only used the accelerometer sensor to infer the route on Apple Watch in the experiment, which is considered to the most constrained device in the market, showing that the attack can be done in any other circumstance. We show that the probability of our attack is higher than 83\% of targeted user, proving that the zero-permission application also can be a high-threatening malware.
===========================================================================
Paper #48: Evolution of Spamming Attacks on Facebook
---------------------------------------------------------------------------
Authors: Minsu Lee (KAIST)
Hyungu Lee (Sejong University)
Ji Sun Shin (Sejong University)
---------------------------------------------------------------------------
Defence techniques against spamming attack have been introduced and developed in many different areas, such as e-mail, web, and even social net-work service, over the past decades. Whereas, we have still been suffering from the attack though the service vendors as well as academia have been making best effort on winning such arms race. Such being the case, Facebook have also been inevitable to confront spamming campaign in order not to be overwhelmed by massive junk messages. Certain spamming patterns have recently been remarka-bly common on Facebook which collaborates with other social network messen-ger. We study such the advanced spamming campaign so as to demystify how it has been worked and settled down on Facebook ecosystem. We build a crawler and analyser which collect 0.6 million of comments; afterwards, extracts the tar-geted spams. Our data shows that the spams are systematic, well-structured, ob-fuscated and even localized.
Session 4 Systems Security and Authentication
〮===========================================================================
Paper #54: Model Parameter Estimation and Inference on Encrypted domain:
Application to Noise Reduction in Encrypted Images
---------------------------------------------------------------------------
Authors: Saetbyeol Lee (Korea University)
Jiwon Yoon (Korea University)
---------------------------------------------------------------------------
One of the major issues in security is how to protect the privacy of multimedia big data on cloud systems.
Homomorphic Encryption(HE) is increasingly regarded as a way to maintain user privacy on the untrusted cloud.
However, HE is not widely used in machine learning and signal processing communities because the HE libraries are currently supporting only simple operations like integer addition and multiplication.
It is known that division and other advanced operations cannot feasibly be designed and implemented in HE libraries.
Therefore, we propose a novel approach to building a practical matrix inversion operation using approximation theory on HE.
The approximated inversion operation is applied to reduce unwanted noise on encrypted images.
Our research also suggests the efficient computation techniques for encrypted matrices.
We conduct the experiment with real binary images using open source library of HE.
〮===========================================================================
〮 Paper #33: Breaking Text CAPTCHA by Repeated Information
---------------------------------------------------------------------------
Authors: Jae Hyeon Woo (Korea University)
Moosung Park (Agency for Defense Development)
Kyungho Lee (Korea University)
---------------------------------------------------------------------------
CAPTCHA is a simple challenge-fresponse tool to determine whether the user is a bot or human. The user must answer required text, calculate questions, or choose some images from the provider's choice. D portal site, which is one of the most famous web portal site in Korea, asks text response in CAPTCHA image when joining a cafe group, but this CAPTCHA is structured in a very regular format which can be read very simply if used repeatedly. We can read the text characters by bot with very high accuracy through some easy steps, among 2,000 sample CAPTHCAs.
Session 4: Systems Security and Authentication
===========================================================================
Paper #3: Automatic Mitigation of Kernel Rootkits in Cloud Environments
---------------------------------------------------------------------------
Authors: Jonathan Grimm (University of New Orleans)
Irfan Ahmed (University of New Orleans)
Vassil Roussev (University of New Orleans)
Manish Bhatt (University of New Orleans)
ManPyo Hong (Ajou University, South Korea)
---------------------------------------------------------------------------
In cloud environments, the typical response to a malware attack is to snapshot and shutdown the virtual machine (VM), and revert it to a prior state. This approach often leads to service disruption and loss of availability, which can have much more damaging consequences than the original attack. Critical evidence needed to understand and permanently remedy the original vulnerability may also be lost. In this work, we propose an alternative solution, which seeks to automatically identify and disable rootkit malware by restoring normal system control flows. Our approach employs virtual machine introspection (VMI), which allows a privileged VM to view and manipulate the physical memory of other VMs with the aid of the hypervisor. This opens up the opportunity to identify common attacks on the integrity of kernel data structures and code, and to restore them to their original state.
To produce an automated solution, we monitor a pool of VMs running the same kernel version to identify kernel invariants, and deviations from them, and use the observed invariants to restore the normal state of the kernel. In the process, we automatically handle address space layout randomization and are able to protect critical kernel data structures and all kernel code.
We evaluate a proof-of-concept prototype of the proposed system, called Nixer, against real-world malware samples in different scenarios. The results show that changes caused by the rootkits are properly identified and patched at runtime and that the malware functionality has been disabled. We were able to repair kernel memory in all scenarios considered with no impairment of the functionality and minimal performance impact on the infected VMs.
===========================================================================
Paper #55: Glitch Recall: A Hardware Trojan Exploiting Natural Glitches
in Logic Circuits
---------------------------------------------------------------------------
Authors: Jungwoo Joh (Yonsei University)
Yezee Seo (Yonsei University)
Hoon-Kyu Kim (Agency for Defense Development)
Taekyoung Kwon (Yonsei University)
---------------------------------------------------------------------------
As the IoT era comes to the full-fledged, hardware Trojans that involve malicious modifications of circuitry are becoming a growing security concern.
To avoid a detection mechanism, hardware Trojans may need a stealthy nature in their existence for being dormant, and even when triggered.
In this paper, we devise a new hardware Trojan concept that exploits natural glitches and their control mechanisms for information leakage in a stealthy manner.
We indeed reversely exploit the glitch control mechanisms to be bypassed when triggered, and try to recall the natural glitches for the purpose.
An adversary who triggered the hardware Trojan may infer multiple input values from a single output of the target logic, thereby obtaining multiple outputs of the preceding logics, by monitoring the existence of the natural glitches.
We perform experiments and discuss the results and threats, not to be neglected, along with a possible mitigation.
===========================================================================
Paper #23: Design and Implementation of Android Container Monitoring
Server and Agent
---------------------------------------------------------------------------
Authors: Kwon-Jin Yoon (Lotte data communication, Korea)
Jaehyeon Yoon (Department of Software Convergence, Soongsil University)
Souhwan Jung (School of Electronic Engineering, Soongsil University)
---------------------------------------------------------------------------
Security companies have been struggling with malware analysis for many years as they become more and more intelligent. In order to yield better analysis result, the analysis environment must be well-equipped to cover wide range of applications. For instance, applications are analyzed dynamically in a period of time in various environments, including a virtual environment and a real device. Yet many intelligent Android malware still find a way to stop running when they inspect the environment. In order to solve this problem, Android container technology has been studied, but there is still a lack of research on monitoring server that can analyze operation information in malicious application. This paper proposes a server-agent model to monitor application behaviors in Android container. We design and implement agents that collect behavioral information from malicious applications running in the Android containers, and monitoring server that organizes these information for further analyses.
〮===========================================================================
Paper #18: Improved EM Side-Channel Authentication Using Profile-Based
XOR Model
---------------------------------------------------------------------------
Authors: Momoka Kasuya (The University of Electro-Communications)
Kazuo Sakiyama (The University of Electro-Communications)
---------------------------------------------------------------------------
A new approach for authentication, side-channel authentication, has been proposed.
In side-channel authentication, the authenticity of the device is confirmed with high accuracy by using electromagnetic radiation from the device and response in the conventional challenge--response authentication.
The side-channel model or profiled template is used as one of the inputs of the distinguisher when authenticated.
The performance of side-channel authentication is greatly affected by the precision of the model or template.
In this paper, we evaluate the authentication performance when using profile- and non-profile-based HD models and a profile-based XOR model.
We report the results of the experiment in detail using FPGA.
===========================================================================
Paper #21: Holistic Tracking of Products on the Blockchain using NFC and
Verified Users
---------------------------------------------------------------------------
Authors: Vanesco A. J. Boehm (POSTECH (Pohang University of Science and Technology))
Jong Kim (POSTECH (Pohang University of Science and Technology))
James Won-Ki Hong (POSTECH (Pohang University of Science and Technology))
---------------------------------------------------------------------------
Tracking the history of products and its parts has become a common way to detect many incidents of counterfeit. However, once a product leaves the manufacturing process, reliably capturing changes that a product undergoes becomes even more challenging. Anti-counterfeit solutions using blockchain technology promise several benefits. For example, updating the blockchain is
only possible if a transaction is signed with the correct private key. To assure the confidentiality of such a key, it can be stored on an NFC tag in a way that only the tag can read it. By incorporating such a tag into a product, anyone possessing the product can connect with it and transactions for the blockchain can be signed by the tag. To regulate which kind of updates a user can perform, we suggest that users must be verified and to update a product’s history on the blockchain valid user credentials must be provided. This way various actors such as service providers or authorities can be enabled to report changes of a product to the blockchain and the capabilities of other user groups can be restricted at the same time. As a result, holistic tracking of products throughout their lifespan can be achieved.
Session 5 Attack and Defense II and Network Security
Paper #6: Abusing TCP retransmission for DoS Attack inside virtual
network
---------------------------------------------------------------------------
Authors: Son Duc Nguyen (National Defense Academy of Japan)
Mamoru Mimura (National Defense Academy of Japan)
Hidema Tanaka (National Defense Academy of Japan)
---------------------------------------------------------------------------
Among DoS attack techniques, abusing UDP-based public servers like DNS or NTP for reflective amplification attack is continued to pose a great threat. Recent studies show that attacker can also use TCP retransmission before the three-way-handshake completion to perform this kind of attack. In this paper, we focus on the virtual environment, in which we evaluate the potential of abusing the virtual switch system to perform amplification attack. We created a virtual network that able to connect to an external network and observed the virtual switch system's behavior while receiving TCP packets from outside the network. We show that the virtual switch system itself can retransmit TCP packets and therefore can be abused for amplification attack by an internal attacker. In other words, he/she can make amplification using TCP hosts from outside the network and the virtual switch system's retransmission ability. Furthermore, we test the endurance of different OS and show that Windows OS family and macOS are more vulnerable than Linux Ubuntu OS against this kind of attack.
Paper #9: Improving Detection of Wi-Fi Impersonation by Fully
Unsupervised Deep Learning
---------------------------------------------------------------------------
Authors: Muhamad Erza Aminanto (Korea Advanced Institute of Science
and Technology (KAIST))
Kwangjo Kim (Korea Advanced Institute of Science and
Technology (KAIST))
---------------------------------------------------------------------------
Intrusion Detection System (IDS) has been becoming a vital measure in any networks, especially Wi-Fi networks. Wi-Fi networks growth is undeniable due to a huge amount of tiny devices connected via Wi-Fi networks. Regrettably, adversaries may take advantage by launching an impersonation attack, a common wireless network attack. Any IDS usually depends on classification capabilities of machine learning, which supervised learning approaches give the best performance to distinguish benign and malicious data. However, due to massive traffic, it is difficult to collect labeled data in Wi-Fi networks. Therefore, we propose a novel fully unsupervised method which can detect attacks without prior information on data label. Our method is equipped by an unsupervised stacked autoencoder for extracting features and a $k$-means clustering algorithm for clustering task. We validate our method using a comprehensive Wi-Fi network dataset, Aegean Wi-Fi Intrusion Dataset (AWID). Our experiments show that by using fully unsupervised approach, our method is able to classify impersonation attack in Wi-Fi networks with 92% detection rate without any label needed during training.
===========================================================================
Paper #30: Cyber Influence Attacks: Changes in Cyber Threats Seen in the
Russian Scandal
---------------------------------------------------------------------------
Authors: Mookyu Park (Center for Information Security Technologies (CIST), Korea University)
Moosung Park (Agency for Defense Development)
Kyungho Lee (Center for Information Security Technologies (CIST), Korea University)
---------------------------------------------------------------------------
As the Russian government is revealed that it had intervened in the US presidential election by hacking, the social confusion caused by cyber attacks increased. This incident has led to the impeachment of the president by the dismissal of FBI director James Comey. In the French presidential election held in 2017, the social confusion created because of fake news during the period of election silence. The past cyber attacks were used as deception tactics, like the Georgian war. Nowadays, these attacks are concentrated in the period of social issues. In other words, these recent changes in cyber attacks have begun to have an adverse effect on systems in the real world, such as hybrid battlefields. This attack is called cyber influence attacks. This paper identifies the weaknesses of the basic democratic election system and classifies it against cyber influence attacks. In addition, we analyze the cyber influence attacks in Russia during the US presidential election in 2016 as a case study.
〮==========================================================================
Paper #1: A Protection Technique for Screen Image-based Authentication
Protocols Utilizing the SetCursorPos function
---------------------------------------------------------------------------
Authors: Insu Oh (Soonchunhyang University)
Kyungroul Lee (Soonchunhyang University)
Kangbin Yim (Soonchunhyang University)
---------------------------------------------------------------------------
This paper focuses on security problems of password-based authentication systems and password exposure by login users following image-based authentication protocols requiring a mouse HID. One of these systems consists of on-screen virtual keyboard authentication protocol, which is commonly utilized by Internet banking services and electronic payment services. Nevertheless, this protocol presents the vulnerability of mouse coordinate data exposure through the GetCursorPos() AIP. Authentication information involving image-based authentication systems is thus still vulnerable to attacker’s attacks and theft. Accordingly, we propose a security protection technique that utilizes the SetCursorPos() function to introduce random irrelevant mouse coordinate data.
Session 6 Crypto Protocols
===========================================================================
Paper #13: A General Two-Server Cryptosystem Supporting Complex Queries
---------------------------------------------------------------------------
Authors: Sha Ma (College of Mathematics and Informatics, South China
Agricultural University, Guangzhou, Guangdong, China)
Yunhao Ling (College of Mathematics and Informatics, South
China Agricultural University, Guangzhou, Guangdong, China)
---------------------------------------------------------------------------
In the era of cloud computing, searchable encryption is an essential technology to provide security measure to protect the outsource data security and meanwhile support the desired computation on the ciphertexts. In this paper, we focus on the following cases: if the plaintext messages are considered as integers, given the ciphertexts of $M_{1}$ and $M_{2}$, how to enable the server to test (1) whether $aM_{1}+bM_{2}+c=0$, (2) whether $M_{1}^{a}M_{2}^{b}c=1$, where $a,b$ and $c$ are integers. Under the extension, this equation queries could be used as a building block for range join queries on encrypted data. In order to overcome offline message guessing attack as an inherent vulnerability of searchable encryption, we consider the setting of two non-colluded servers and propose a general public-key cryptosystem based on smooth projective hash function (SPHF) with linear and homomorphic properties. Thanks to the efficient SPHF instantiations without any pairing, our scheme would have many interesting applications.
===========================================================================
Paper #17: Efficient Software Implementation of Modular Multiplication
in Prime Fields on TI's DSP TMS320C6678
---------------------------------------------------------------------------
Authors: Eito Miyamoto (The University of Electro-Communications)
Takeshi Sugawara (The University of Electro-Communications)
Kazuo Sakiyama (The University of Electro-Communications)
---------------------------------------------------------------------------
Fast modular multiplication on the state-of-the-art digital signal processor (DSP) is studied in this work.
More specifically, Montgomery multiplication over a prime field for an arbitrary 256-bit p is implemented on TMS320C6678 DSP by Texas Instruments. Two implementations optimized for latency and throughput are designed.
The implementations are based on the k-bit divided Montgomery modular multiplication algorithm by Kornerup.
The algorithm is extended to run two independent Montgomery multiplication in parallel thereby running efficiently on the target DSP by exploiting its symmetric functional units.
The proposed implementations are advantageous than the previous implementation proposed by Itoh et al. in terms of latency and throughput.
The latency of 0.496 [us] of the proposed implementation is only 17% of 2.86 [u/s] for the implementation proposed by Itoh et al.
Moreover, the throughput 4.03x10^6 [Montgomery multiplication (MM)/s] in the present case is more than x10 the value of 0.37x10^6 [MM/s] from the previous work.
===========================================================================
Paper #53: Key managements of Underwater Acoustic Communication
Environments
---------------------------------------------------------------------------
Authors: Hyunki Kim (Kookmin Univ.)
Jaehoon Lee (Kookmin Univ.)
Okyeon Yi (Kookmin Univ.)
---------------------------------------------------------------------------
In the underwater environment, it is difficult to use the RF signal used on the ground due to the characteristics of the medium different from the terrestrial. Therefore, when communicating with each node, acoustic communication is per-formed instead. Since the acoustic communication environment is poor in various aspects such as transmission speed and bandwidth compared to RF communication, it is difficult to apply the existing security method used in RF communication as it is. In this paper, we propose a key management method between entities considering underwater environment.
===========================================================================
Paper #26: Parallel Implementations of SIMON and SPECK, Revisited
---------------------------------------------------------------------------
Authors: Park Taehwan (Pusan National University)
Seo Hwajeong (Hansung University)
Lee Garam (Pusan National University)
Khandaker Md. Al-Amin (Okayama University)
Nogami Yasuyuki (Okayama University)
Kim Howon (Pusan National University)
---------------------------------------------------------------------------
In this paper, we revisited the parallel implementation of SIMON and SPECK block ciphers. The performances of SIMON and SPECK are significantly improved by using ARM NEON SIMD(Single Instruction Multiple Data) parallel computing and OpenMP SIMT(Single Instruction Multiple Thread). We optimized the implementation on ARM NEON architecture. For optimized NEON, we reduced the number of registers for round key and increased the number of registers for plaintexts. Furthermore, we proposed the efficient forward and backward alignment methods. Finally, we maximize the performance by using SIMT(Single Instruction Multiple Threads). In the case of performance of proposed methods and proposed methods with SIMT, SIMON 128/128 encryption within 32.4, 14.3 cycles/byte, SIMON 128/192 encryption within 30.1, 15.9 cycles/byte, SIMON 128/256 encryption within 32.4, 16.9 cycles/byte, SPECK 128/128 encryption within 9.7, 5.1 cycles/byte, SPECK 128/192 encryption within 10.4, 5.6 cycles/byte, SPECK 128/256 encryption within 11.0, and 5.6 cycles/byte respectively on ARM Cortex- A53 environment.
Session 7 Attact detections and Legal Aspects
====================== =====================================================
Paper #49: Detecting Online Game Payment Fraud based on Transaction
Sequence Modeling using Recurrent Neural Network
---------------------------------------------------------------------------
Authors: Namsub Lee (KAIST)
Hyunsoo Yoon (KAIST)
Daeseon Choi (Kongju National University)
---------------------------------------------------------------------------
We propose an online game money chargeback fraud detection method using operation sequence, gradient of charge/purchase amount, time and country as features of a transaction. We model the sequence of transactions with a recurrent neural network which also combines charge and purchase transaction features in single feature vector. In experiments using real data (a 483,410 transaction log) from a famous online game company in Korea, the proposed method shows a 78% recall rate with a 0.057% false positive rate. This recall rate is 7% better than current methodology utilizing transaction statistics as features.
===========================================================================
Paper #25: The Digits Hidden in the Virtual World: Approximate
Estimation Applying Capture and Recapture
---------------------------------------------------------------------------
Authors: Da-Mi Hwang (Korea University, Center for Information
Security Technologies(CIST))
In-Seok Kim (Korea University, Center for Information
Security Technologies(CIST))
---------------------------------------------------------------------------
In general, game players want their own characters that project themselves to have stronger power and honor in a virtual world. Their aspiration is achieved by pulling up character’s level or accumulating wealth in game. Some players, thus, cheat at games in a variety of ways to skip the repetitive and tedious process of gaining experience and wealth that consumes a considerable amount of time and effort. Cheatings are regarded as harmful behaviors toward both game producers and players in good faith, and if the rate of the cheating players exceeds a certain threshold, the game producers will not be able to provide fair and successful services anymore. Therefore, the game producers make various efforts to detect and impose a sanction on the cheaters. In this paper, we propose a method to estimate population size of the cheaters more quickly and accurately, in a relatively shorter time and lower cost than traditional methods, by using the method which is used frequently by ecologists. Among the various ecological estimation methods, Jolly-Seber estimator, based on capture and recapture method, was selected to estimate the characteristics of players in virtual world. Moreover, the video footage recorded for estimation is expected to become a legal evidence for game producers to impose sanctions such as permanent account suspension. Based on the estimated population size, the ratio of the cheaters among ordinary players can be estimated, and this ratio is expected to help the game producers to make swift decisions on the timing of sanctions. In this paper, we estimate the population size of cheating players in Blade & Soul, a popular MMORPG game. The total number of cheating players was estimated to be 274,639 players in four selected areas. In 2012, according to official press release of the game producer (NCSOFT Corporation), Blade & Soul had 230,000 concurrent users at every second. The number of active users is approximately estimated to be 2,300,000. Using the method proposed in this paper, the rate of cheating players in the game is approximately 11.94%.
===========================================================================
Paper #4: Legal Consideration on the Use of Artificial Intelligence
Technology and Self-Regulation: Focused on Robo-Advisors
---------------------------------------------------------------------------
Authors: Keun Young Lee (Korea University)
Heon Young Kwon (Korea University)
Jong In Lim (Korea University)
---------------------------------------------------------------------------
Artificial Intelligence(AI) technology is being used throughout the industry due to the introduction of the era of the Fourth Industrial Revolution. In the financial industry, AI technology is used in sales and marketing, fraud and illegality prevention, credit evaluation and screening, and chat-bot. The robo-advisor can apply the AI technology in case of investment advisory to provide a large and cost-effective portfolio of investment information. It also has positive function to the field in the fact that it has ability to generate popular investors and create new customers and services. However, robo-advisor that uses AI technology is still at its initial stage in introducing the technology and there are currently legal, institutional and policy limitations in providing comprehensive and customized advisory services. Thus, at first, this paper will consider the area of legal argument on the issues related to AI on the legal status and responsibility, financial IT, security and privacy. And focused on robo-advisor, the main issues concerning the current legal system and security self-regulatory method are elucidated and analyzed to provide the basic direction of regulation for development of utilization of AI technology in financial sector. In an environment that is shifting from ex-ante regulation to ex-post regulation, which is a current paradigm of financial IT security regulation, in order to modernize the regulations for the digital age, we propose specific measures to strengthen the use of regulatory sandbox as an autonomous regulatory scheme for the use of new technologies such as AI
===========================================================================