記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 0.1109/ACCESS.2021.3065872.

その他リンク： https://ieeexplore.ieee.org/document/9378511

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/ACCESS.2021.3065872

その他リンク： https://ieeexplore.ieee.org/document/9378511

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/ACCESS.2021.3109635

担当区分：責任著者   記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： https://doi.org/10.1145/340718

オープンデータURL： https://dl.acm.org/doi/10.1145/3407189

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Recent research has revealed that the output of deep neural networks (DNNs) can be easily altered by adding relatively small perturbations to the input vector. In this paper, we analyze an attack in an extremely limited scenario where only one pixel can be modified. For that we propose a novel method for generating one-pixel adversarial perturbations based on differential evolution (DE). It requires less adversarial information (a black-box attack) and can fool more types of networks due to the inherent features of DE. The results show that 67.97% of the natural images in Kaggle CIFAR-10 test dataset and 16.04% of the ImageNet (ILSVRC 2012) test images can be perturbed to at least one target class by modifying just one pixel with 74.03% and 22.91% confidence on average. We also show the same vulnerability on the original CIFAR-10 dataset. Thus, the proposed attack explores a different take on adversarial machine learning in an extreme limited scenario, showing that current DNNs are also vulnerable to such low dimension attacks. Besides, we also illustrate an important application of DE (or broadly speaking, evolutionary computation) in the domain of adversarial machine learning: creating tools that can effectively generate low-cost adversarial attacks against neural networks for evaluating robustness.

DOI： 10.1109/TEVC.2019.2890858

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

DOI： 10.1109/TPDS.2017.2782253

担当区分：最終著者   記述言語：その他   掲載種別：研究論文（学術雑誌）  

Recent research has revealed that the output of Deep Neural Networks (DNN)
can be easily altered by adding relatively small perturbations to the input
vector. In this paper, we analyze an attack in an extremely limited scenario
where only one pixel can be modified. For that we propose a novel method for
generating one-pixel adversarial perturbations based on differential evolution
(DE). It requires less adversarial information (a black-box attack) and can
fool more types of networks due to the inherent features of DE. The results
show that 67.97% of the natural images in Kaggle CIFAR-10 test dataset and
16.04% of the ImageNet (ILSVRC 2012) test images can be perturbed to at least
one target class by modifying just one pixel with 74.03% and 22.91% confidence
on average. We also show the same vulnerability on the original CIFAR-10
dataset. Thus, the proposed attack explores a different take on adversarial
machine learning in an extreme limited scenario, showing that current DNNs are
also vulnerable to such low dimension attacks. Besides, we also illustrate an
important application of DE (or broadly speaking, evolutionary computation) in
the domain of adversarial machine learning: creating tools that can effectively
generate low-cost adversarial attacks against neural networks for evaluating
robustness.

DOI： 10.1109/TEVC.2019.2890858

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

その他リンク： http://dl.acm.org/citation.cfm?id=3022240

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： DOI: 10.1002/sec.876

その他リンク： http://onlinelibrary.wiley.com/doi/10.1002/sec.876/abstract

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Internet service has enabled digital contents to be shared faster and easier, but on the other side it raised an issue of illegal copy of the digital contents. Public key encryption schemes solve this issue partially. However, there is still a weak point that the secret key is not completely protected; that is, public key encryption schemes suffer from illegal copy of secret keys (the key-cloning problem). In this paper, first, we discuss the usability of terminal fingerprints for key-cloning protection. Next, we propose a hybrid encryption scheme using terminal fingerprints to protect the secret keys from the key-cloning. Based on an assumption that the terminal fingerprint is unchangeable and unextractable even by the user of the terminal, our hybrid encryption scheme can be effectively used as a method of the key-cloning protection. Then, we instantiate our hybrid encryption scheme as a combination of the attribute-based encryption scheme and the RSA encryption scheme; the attribute-based encryp- tion scheme functions as a mechanism for authentication of user’s attributes, and the RSA encryption scheme functions as a mechanism for authentication of a terminal device. Terminal fingerprint that is a feature of the device is used to generate a secret key of the RSA encryption.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.3934/amc.2015.9.37

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語  

DOI： 10.1109/GLOCOM.2013.6831104

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

2005年からKDDI研究所と共同で設計開発した
動的フィードバックレジスタを採用した
高速ストリーム暗号 アルゴリズムであり、KDDI研と下名が共同で設計し、KDDI研によって商用化された高速ストリーム暗号アルゴリズムである。

記述言語：英語   出版者・発行元：一般社団法人 電子情報通信学会  

DOI： 10.1587/transinf.2023bcf0001

CiNii Research

Web of Science

担当区分：最終著者   記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： https://doi.org/10.1002/cpe.7986

オープンデータURL： https://onlinelibrary.wiley.com/doi/10.1002/cpe.7986

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Proceedings of the 2024 18th International Conference on Ubiquitous Information Management and Communication, IMCOM 2024  

The accelerated advancement and ubiquitous adoption of smart vehicles, coupled with the Internet of Things (IoT), has propelled the Internet of Vehicles (IoV) to prominence as a pivotal and expansive area of research within the IoT sphere. An important challenge in IoV design lies in the efficient execution of data storage and sharing mechanisms. The successful implementation of blockchain technology across various disciplines has sparked intrigue amongst researchers to unearth its potential applicability within the IoV context. In the related works, Blockchain-based IoV systems are usually composed of three layers: the vehicle layer, the roadside units (RSUs) layer, and the blockchain or cloud layer. The RSUs layer is often required to perform numerous tasks throughout the system. Stability during rush hours is worth considering. RSUs need to receive a lot of data during rush hours and may also undertake data computing tasks. Based on the characteristics of distributed ledges, the issue of substantial storage overhead looms as a complex problem with the escalating size of the block list. Although some solutions are being proposed, such as fragmented ledger, there are still security concerns. Data security cannot be guaranteed while reducing storage overhead. To combat the stability and cost concerns associated with Roadside Units (RSUs), we delegate the majority of RSU functionalities to other layers of the system. Further, we incorporate a secure blockchain strategy - deploying an outer and inner blockchain to fortify the security and resilience of the overall blockchain network. Based on the autonomous execution characteristics of smart contracts, we try to use smart contracts for data transmission. We use Solidity to write the smart contract and test it on the Remix IDE with the aim of testing the smart contract's operability in terms of data transmission. We scrutinise the data transmission process via smart contracts, and the empirical results corroborate the effectiveness of our uniquely designed process.

DOI： 10.1109/IMCOM60618.2024.10418375

Scopus

researchmap

担当区分：最終著者   記述言語：英語   掲載種別：研究論文（学術雑誌）  

オープンデータURL： http://www.ijnc.org/index.php/ijnc/article/view/318

出版者・発行元：Lecture Notes on Data Engineering and Communications Technologies  

Consumers use various payment methods to purchase goods and services from retailers, such as cash, credit cards, debit cards, prepaid cards, and barcodes/two-dimensional codes. In the past, in the case of in-store payments using credit cards, the in-store terminal read the card number from the magnetic strip on the card and sent it with other purchase information to the credit card network. Recently, to prevent counterfeiting, the IC chip on the credit card and the in-store terminal communicates to authenticate each other and process the payment transaction. The medium of communication is not only contact but also contactless (“touch" payment), Moreover, the in-store terminal may process the payment either online or offline and optionally may require the customer to input their PIN. Various protocols and protocol flows are used depending on the medium and how the payment is processed. Credit cards are also used for remotely purchasing goods or services; in this case, other protocols and protocol flows are used. In some such protocols, researchers found serious security flaws that allow a malicious party to fraudulently purchase goods in such a way that is not allowed for legitimate customers. Such flaws must be fixed, but it is hard to fix and deploy protocols after they are widely used. Formal verification is a method to analyze and verify the security of such protocols and to detect flaws before they are widely deployed. In this paper, we will discuss the research trends in formal verification of the security of various cashless payment protocols, as well as future issues.

DOI： 10.1007/978-3-031-57916-5_10

Web of Science

Scopus

出版者・発行元：Communications in Computer and Information Science  

This paper reviews current research trends in the formal verification of computer network configurations, specifically focusing on formal verification for software-defined networking (SDN). We explore the challenges encountered when applying formal verification, comparing its application to pre-SDN network verification efforts. Additionally, we discuss the potential application of formal verification in mobile networks. We first provide an overview of research on the formal verification of virtual LAN (VLAN) configurations, which predates the emergence of SDN. We next illustrate SDN and existing research applying formal verification to SDN. Finally, we briefly examine potential scenarios for applying formal verification to mobile networks.

DOI： 10.1007/978-981-97-4465-7_18

Scopus

DOI： 10.1007/978-3-031-57942-4_37

Web of Science

DOI： 10.1007/978-3-031-57870-0_14

Web of Science

出版者・発行元：Lecture Notes on Data Engineering and Communications Technologies  

Recently, as big data and AI technology advance, data privacy and security are increasingly critical. Federated Learning (FL) has become a key solution in machine learning to address these concerns. In this paper, we present a secure and lightweight FL scheme. It employs masking and Secret Sharing (SS) to securely aggregate data from distributed clients, thereby reducing the demands of model training on system resources. The scheme also computes data similarity among clients to evaluate each client’s contribution, defending against challenges posed by malicious clients. This approach safeguards privacy, facilitates accurate model updates, and addresses the challenges of limited resources in edge computing environments. We subjected our framework to rigorous validation using MNIST datasets. Experimental outcomes unequivocally substantiate the efficacy of our proposed methodology.

DOI： 10.1007/978-3-031-57916-5_30

Web of Science

Scopus

出版者・発行元：Lecture Notes on Data Engineering and Communications Technologies  

The DDoS attack remains one of the leading attacks today. To reduce the number of resource-consuming detection algorithm calls, the trigger-based two-stage detection approach has been proposed. In such systems, trigger mechanisms, including trigger features and threshold update algorithms, play an important role in detection performance. It is also important what features are used in the second stage of detection. In this study, 1) we introduce a Riemannian manifold metric (work) as a trigger feature for the first time since it was proven that traffic data is a Riemannian manifold; 2) we propose a new mechanism to update the trigger threshold based on historical flow data and the feedback of the second-stage detection results; 3) the feature selection algorithm ECOFS is used for the second stage detection. Experimental results using public datasets show that our proposal calls much less of the second-stage detection than the latest trigger-based two-step detection systems.

DOI： 10.1007/978-3-031-57916-5_12

Web of Science

Scopus

出版者・発行元：Concurrency and Computation: Practice and Experience  

This article presents a tracing mechanism for group signatures answering the security threats of malicious authorities and users' forgeries. The proposal weakens the high trust placed on the centralized tracing party in previous group signatures by decentralizing tracing power using a multiple tracer setting and limiting the tracers' access using attribute-based encryption and the requirement of the group manager's agreement. We allow the group manager to control tracers identifying his group users. Instead of a centralized tracer, our setting has multiple tracers possessing attribute sets. Thus, after getting the group manager's permission, a tracer should satisfy the access policy in a given signature to identify the signer. On the other hand, our group signature scheme decentralizes the tracing key generation and removes the group manager's tracing ability. Thus, it ensures that only the attribute-satisfying and permitted tracers can identify the signer. Moreover, this article delivers security against malicious users. It presents a verification process of access policy of the signatures to prevent users from utilizing invalid attributes for signing. In addition, the article delivers a collaborative tracing mechanism to satisfy attribute sets that a tracer fails to fulfill alone for identifying a signer. Thus, our tracing mechanism ensures security against malicious authorities and group users in group signatures. The article gives the general construction of the scheme and discusses the security.

DOI： 10.1002/cpe.7986

Web of Science

Scopus

出版者・発行元：IEEE Transactions on Intelligent Transportation Systems  

In recent years, growing research interest from both industry and academia has been aroused to the vehicular networks, which is regarded as the fundamental component of the modern intelligent transportation system (ITS). Lots of remarkable research outputs with respect to secure vehicular data interactions and user privacy preservation has been witnessed. However, the existing schemes all focus on the common vehicular communication scenarios where facilities are deployed, whereas the secure data exchange in the abnormal infrastructure-less vehicular environment has not been properly investigated. To deal with unpredictable abnormal situations caused by artificial or natural disasters such as earthquakes and floods, a distinctive vehicle-assisted aggregate authentication mechanism for infrastructure-less vehicular networks is presented in this paper. With assistance from the neighboring vehicles, the homomorphic signature involving all requesting vehicles is generated and forwarded to the remaining functional RSUs. Meanwhile, vehicular group communication among the validated entities is enabled. Additionally, the fault-tolerant verification method is adopted such that the ineffective entities can be easily distinguished and removed without interfering with other requesting vehicles. The security proofs and discussions regarding vital security properties are presented, while the performance analysis follows. Compared with the state-of-the-art, advantages in terms of security and performance properties can be proved.

DOI： 10.1109/TITS.2022.3176406

Web of Science

Scopus

出版者・発行元：ACM International Conference Proceeding Series  

The ERC721 standard defines a Non-Fungible Token (NFT) as an identifier that uniquely identifies digital data recorded on a blockchain. The NFT currently in use claim to ensure the uniqueness of the contents associated with the NFT by taking advantage of the tamper-resistant characteristics of the blockchain data. Besides, digital signatures based on public-key encryption is a representative technique to prevent digital data from being falsified, and its application to NFT is also discussed. In this study, we first consider an NFT implementation by applying a designated confirmer signature using an interactive verification method without using blockchain technology. We design an NFT issuance protocol that guarantees the uniqueness of data with a designated confirmer signature, and evaluate the security of the protocol. Moreover, we compare it with existing blockchain implementations. By analyzing the both methods, we aim to provide insights into the potential applications and performance in using designated confirmer signatures for NFT. Our findings contribute to the ongoing research on secure and efficient mechanisms for ensuring the integrity and uniqueness of digital assets in decentralized systems.

DOI： 10.1145/3634814.3634831

Scopus

出版者・発行元：IEEE Transactions on Sustainable Computing  

Blockchain is an important supporting technology for various sustainable systems. It relies on a number of distributed nodes running blockchain client software, which is responsible for some critical tasks, such as communicating with other nodes and generating new blocks. However, the quick evolution of blockchain technology brings crucial challenges to blockchain client design. After carefully examining existing blockchain client software, we have identified a critical weakness: Blockchain clients are weak in supporting live upgrades, resulting in a blockchain fork that incurs security concerns and risks. In this article, we propose Phoenix, a novel blockchain client design that is live upgradable. Phoenix uses blockchain service encapsulation to decouple blockchain services. Based on service encapsulation, we propose a live upgrade scheme that packs upgrade codes into blockchain transactions and uses a Just-In-Time engine to avoid service interruption. A parallel execution engine is developed to increase service efficiency. We evaluated Phoenix on a 51-node blockchain, and experimental results show that Phoenix outperforms existing solutions in overhead and upgrade latency.

DOI： 10.1109/TSUSC.2023.3282586

Web of Science

Scopus

出版者・発行元：Biomedical Signal Processing and Control  

Today, depression is a psychological condition that affects many individuals globally and, if untreated, can negatively impact one's emotions and lifestyle quality. Machine learning (ML) techniques have lately been used to identify mental illnesses using Electroencephalography (EEG) data. These signals are difficult and time-consuming to interpret visually because they are intricate, non-static, and irregular. As a result, computer-assisted early depression detection systems are highly desirable. The study proposes a feature extraction method for each EEG signal channel by building a sparse graph from the complete complex network using a k-round minimum spanning tree. The subjects in the dataset depict the graph's nodes, and their relationship represents the edge weights, which are determined using the Euclidean distance. Then, features from the sparse graph are extracted using the Node2vec approach and fed into classifiers to get a probability score. Finally, a fuzzy ensemble strategy is exploited at the decision level for integrating probability scores to distinguish depressed subjects from healthy people. Several experiments comparing the proposed method to seven other approaches on four publicly available datasets demonstrate the importance and superiority of the proposed strategy. The K-Nearest Neighbor classifier used in the suggested method produces the highest classification accuracy across the four datasets, with scores of 0.916, 0,960, and 0.940 respectively.

DOI： 10.1016/j.bspc.2023.104873

Web of Science

Scopus

出版者・発行元：Engineering Applications of Artificial Intelligence  

We propose a multi-agent adversarial neural networks model where a sender (Alice) and a receiver (Bob) are able to learn to use a pair of public/private keys in order to protect their communication from one or more attackers/eavesdroppers. Existing work in the field required shared symmetric information between Alice and Bob before initiating the training process. To the best of our knowledge, this is the first work in which Alice and Bob with asymmetric information can train themselves to protect their communication. Our initial model setup contains five agents: sender Alice, receiver Bob, eavesdropper Eve and two neural networks (we call them public keys generator and private keys generator) that, based on a (secret) random noise from Bob, will generate a pair of public/private keys that allows Alice to encrypt a message with the public key and Bob to decrypt the message with the private key while preventing Eve from decrypting the secret message using the public key. We show that the neural networks are able to establish a communication and secure it from Eve. Finally, we consider adversaries stronger than Eve to model leakage attacks, chosen plaintext attacks (CPA) and test the distinguishability between ciphertexts. The last three experiments show that neural networks (with asymmetric information) can secure the communication providing stronger security guarantees and resilience to leakage attacks which may include leakage from the private key.

DOI： 10.1016/j.engappai.2023.106220

Web of Science

Scopus

記述言語：英語  

DOI： 10.1186/s13041-023-01047-5

Web of Science

PubMed

出版者・発行元：SN Computer Science  

Recently, an increasing number of laws have governed the useability of users’ privacy. For example, Article 17 of the General Data Protection Regulation (GDPR), the right to be forgotten, requires machine learning applications to remove a portion of data from a dataset and retrain it if the user makes such a request. Furthermore, from the security perspective, training data for machine learning models, i.e., data that may contain user privacy, should be effectively protected, including appropriate erasure. Therefore, researchers propose various privacy-preserving methods to deal with such issues as machine unlearning. This paper provides an in-depth review of the security and privacy concerns in machine learning models. First, we present how machine learning can use users’ private data in daily life and the role that the GDPR plays in this problem. Then, we introduce the concept of machine unlearning by describing the security threats in machine learning models and how to protect users’ privacy from being violated using machine learning platforms. As the core content of the paper, we introduce and analyze current machine unlearning approaches and several representative results and discuss them in the context of the data lineage. Furthermore, we also discuss the future research challenges in this field.

DOI： 10.1007/s42979-023-01767-4

Scopus

出版者・発行元：IEEE Security and Privacy  

Digitalization and industrial paradigms are transforming the landscape of critical infrastructures and supply chains. With emerging technologies, it is possible to deploy services to enhance trust and transparency, but they are susceptible to threats, as discussed in this article.

DOI： 10.1109/MSEC.2023.3247946

Web of Science

Scopus

記述言語：英語   出版者・発行元：Multidisciplinary Digital Publishing Institute（MDPI）  

Cyber attack detection technology plays a vital role today, since cyber attacks have been causing great harm and loss to organizations and individuals. Feature selection is a necessary step for many cyber-attack detection systems, because it can reduce training costs, improve detection performance, and make the detection system lightweight. Many techniques related to feature selection for cyber attack detection have been proposed, and each technique has advantages and disadvantages. Determining which technology should be selected is a challenging problem for many researchers and system developers, and although there have been several survey papers on feature selection techniques in the field of cyber security, most of them try to be all-encompassing and are too general, making it difficult for readers to grasp the concrete and comprehensive image of the methods. In this paper, we survey the filter-based feature selection technique in detail and comprehensively for the first time. The filter-based technique is one popular kind of feature selection technique and is widely used in both research and application. In addition to general descriptions of this kind of method, we also explain in detail search algorithms and relevance measures, which are two necessary technical elements commonly used in the filter-based technique.

CiNii Research

記述言語：日本語   出版者・発行元：一般社団法人 人工知能学会  

DOI： 10.11517/jjsai.38.2_197

CiNii Research

記述言語：日本語   出版者・発行元：一般社団法人 人工知能学会  

DOI： 10.11517/jjsai.38.2_178

CiNii Research

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：Information (Switzerland)  

Cyber attack detection technology plays a vital role today, since cyber attacks have been causing great harm and loss to organizations and individuals. Feature selection is a necessary step for many cyber-attack detection systems, because it can reduce training costs, improve detection performance, and make the detection system lightweight. Many techniques related to feature selection for cyber attack detection have been proposed, and each technique has advantages and disadvantages. Determining which technology should be selected is a challenging problem for many researchers and system developers, and although there have been several survey papers on feature selection techniques in the field of cyber security, most of them try to be all-encompassing and are too general, making it difficult for readers to grasp the concrete and comprehensive image of the methods. In this paper, we survey the filter-based feature selection technique in detail and comprehensively for the first time. The filter-based technique is one popular kind of feature selection technique and is widely used in both research and application. In addition to general descriptions of this kind of method, we also explain in detail search algorithms and relevance measures, which are two necessary technical elements commonly used in the filter-based technique.

DOI： 10.3390/info14030191

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： 10.1109/IMCOM56909.2023

researchmap

記述言語：日本語   出版者・発行元：一般社団法人 人工知能学会  

<p>国連法規(UN-R155)により，自動車メーカーは自動車がサイバーセキュリティを満たすことを説明しなければならない．自動運転車ではAI/ML技術を用いるため，AL/ML技術に対するセキュリティについて検討する必要がある．本稿では，AI/ML技術を利用する自動車機能のサイバーセキュリティ論証について，その説明戦略について述べる．</p>

DOI： 10.11517/pjsai.jsai2023.0_4d2gs1105

CiNii Research

記述言語：日本語   出版者・発行元：一般社団法人 人工知能学会  

<p>機械アンラーニング(Machine Unlearning)とは、システムに、記憶しているデータの一部を忘れさせた上で、次の学習訓練を行うことであり、その効率的処理法の研究が注文されている。背景には2016年4月に欧州が制定したGDPR（General Data Protection Regulation, 一般データ保護規則）の尊重する個人データ削除権や、情報漏洩だけではなく、人工知能の訓練データに利用されている個人情報や、芸術作品などのオプトアウトや著作権問題とも深く関係している。本講演では、この研究の現状と課題を紹介する。</p>

DOI： 10.11517/pjsai.jsai2023.0_2l1gs1105

CiNii Research

出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Passwords are playing a major role for authentication in our daily life. However contemporary passwords are typically either difficult to remember or vulnerable to various attacks. In 2017, Blocki, Blum, Datta and Vempala introduced the concept of human computable passwords as a promising authentication method. The fundamental concerns for designing human computable passwords are their usability and security. So far, the security evaluation on human computable passwords authentication schemes is mainly based on complexity-theoretic analysis. In this paper, we initially investigate the security of human computable passwords against neural network-based adversarial attacks. Specifically, we employ the typical multilayer perceptron (MLP) model to attempt to attack the human computable passwords authentication scheme proposed by Blocki-Blum-Datta-Vempala. We present implementation results and the corresponding analysis as well. Our results imply that it is possible for an MLP to learn a simple function, but is difficult for an MLP to learn piecewise functions well.

DOI： 10.1007/978-3-031-25659-2_22

Scopus

出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Federated Learning (FL) and the Internet of Things (IoT) have transformed data processing and analysis, overcoming traditional cloud computing limitations. However, challenges such as catastrophic forgetting in continuous training scenarios arise. To address these, we propose an FL framework that supports continual learning while enhancing system security. We preserve critical knowledge through the incorporation of Knowledge Distillation (KD), addressing the issue of catastrophic forgetting. In addition, we have integrated encryption techniques to secure the updated parameters of clients from potential threats posed by attackers.

DOI： 10.1007/978-3-031-41181-6_40

Web of Science

Scopus

掲載種別：論文集(書籍)内論文   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Over the past decade, the development of both adversarial attack methods and defense strategies has accelerated rapidly. Classification accuracy has been predominantly used as the sole metric for assessing model performance. However, when the reported accuracy rates of two models are identical or very similar, it becomes challenging to determine which model is superior. To address this issue and offer more insights into model performance, this study introduces a novel classification performance metric: the confidence gap. This metric is defined as the difference in confidence level between the true label and either the top 1 prediction or the second-best prediction, depending on the accuracy of the image classification. The confidence level, as indicated by its sign, reflects the correctness of the classification and provides more detailed information on the robustness of the classification result. Recognizing that evaluation results may be inconsistent when employing different criteria, we recommend that future research in this field should report the confidence gap alongside accuracy rates.

DOI： 10.1007/978-3-031-41181-6_41

Web of Science

Scopus

researchmap

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

This paper delivers a post-quantum construction for group-oriented attribute-based encryption (GO-ABE) using lattice-based cryptography. The GO-ABE scheme enables users from the same group to combine their attributes to satisfy a decryption policy without revealing their secret keys. GO-ABE is particularly useful when no single user can fulfill the decryption policy alone, but a group of users can satisfy it together. Li et al. introduced the idea of GO-ABE at NSS 2015, discussing its importance in accessing patient data during emergencies. However, since Li et al.’s scheme uses bilinear mappings, it is not secure against quantum attacks. To ensure security against quantum attacks, we construct the GO-ABE scheme using the post-quantum cryptographic primitive lattices, and employ Shamir’s secret sharing scheme to meet the GO-ABE requirements.

DOI： 10.1007/978-3-031-39828-5_9

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/nss/nss2023.html#PereraNMYS23

出版者・発行元：Proceedings - 2023 11th International Symposium on Computing and Networking, CANDAR 2023  

Federated Learning (FL) and the Internet of Things (IoT) have revolutionized data processing and analysis, overcoming the traditional limitations of cloud computing. However, traditional machine learning strategies lead to increased costs and catastrophic forgetting due to model retraining with new datasets. Continual learning has been proposed to counter this, enabling models to adapt to new data while preserving previous knowledge, which is beneficial for dynamic edge environments. Despite these advantages, the retention of previous knowledge during the continual learning process may lead to the information leakage. To address the inherent challenges of multitask scenarios, we present a Federated Continual Learning (FCL) framework that integrates the privacy-preserving benefits of Federated Learning (FL) into a continual learning system, ensuring both continual learning and privacy preservation in edge computing data processing and analysis. Specifically, our architecture introduces dedicated fully-connected layers for each task. This architecture ensures that distinctive features pertinent to each task are not only captured but also preserved throughout the model's lifespan. Within our framework, data is processed via task-specific layers. Subsequently, the final label is determined by associating it with the paramount prediction value, thus capitalizing on the model's comprehensive knowledge reservoir to bolster prediction accuracy. We subjected our FCL framework to rigorous validation using two benchmark datasets: MNIST and CFAR-10. Experimental outcomes unequivocally substantiate the efficacy of our proposed methodology.

DOI： 10.1109/CANDAR60563.2023.00009

Scopus

記述言語：英語  

DOI： 10.1265/ehpm.23-00059

Web of Science

PubMed

掲載種別：論文集(書籍)内論文   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Non-malleable codes are introduced to protect the communication against adversarial tampering of data, as a relaxation of the error-correcting codes and error-detecting codes. To explicitly construct non-malleable codes is a central and challenging problem which has drawn considerable attention and been extensively studied in the past few years. Recently, Rasmussen and Sahai built an interesting connection between non-malleable codes and (non-bipartite) expander graphs, which is the first explicit construction of non-malleable codes based on graph theory other than the typically exploited extractors. So far, there is no other graph-based construction for non-malleable codes yet. In this paper, we aim to explore more connections between non-malleable codes and graph theory. Specifically, we first extend the Rasmussen-Sahai construction to bipartite expander graphs. Accordingly, we establish several explicit constructions for non-malleable codes based on Lubotzky-Phillips-Sarnak Ramanujan graphs and generalized quadrangles, respectively. It is shown that the resulting codes can either work for a more flexible split-state model or have better code rate in comparison with the existing results.

DOI： 10.1007/978-3-031-22944-2_14

Web of Science

Scopus

researchmap

掲載種別：論文集(書籍)内論文   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Convolutional neural networks are widely used for image recognition tasks, but they are vulnerable to adversarial attacks that can cause the model to misclassify an image. Such attacks pose a significant security risk in safety-critical applications like facial recognition and autonomous driving. Researchers have made progress in defending against adversarial attacks through two approaches: enhancing the neural networks themselves to be more robust and removing the perturbation added to the image through pre-processing. This paper is based upon a recent defense model that belongs to the latter approach, which utilizes image-to-image translation to regenerate images perturbed by adversarial attacks. We optimized the training process of their model and tested the model performance against more recent and strong attacks. The results show that the model is able to regenerate images attacked by the state-of-the-art attack, the AutoAttack, and restores the classification accuracy to a level over 83% to that of the original images.

DOI： 10.1007/978-3-031-41181-6_32

Web of Science

Scopus

researchmap

出版者・発行元：Proceedings of the 2023 17th International Conference on Ubiquitous Information Management and Communication, IMCOM 2023  

Software-defined networking (SDN) has received a lot of attention in academia and industry in recent years, and DDoS attacks are still one of the most dangerous threats. As cyberattacks become more sophisticated, detection systems also become more complex and computationally intensive, for example, Deep Learning-based detection. Against this background, two-stage detection is proposed, in which a trigger is introduced before the complex detection being invoked. That is, the heavy detection module is called only when the requirements in the trigger are satisfied. Clearly, the triggering mechanism plays an important role in such detection systems as it determines when the second stage is invoked. Most of the existing relevant studies utilize one feature and a fixed threshold. However, it is not easy to predefine suitable thresholds in practice, and one feature is often not sufficient for effective trigger conditions that have a significant impact on detection performance of the whole detection system. The latest related work uses dynamic thresholding, but still only one feature, and the threshold adaptation mechanism is too simplistic, which make it too difficult to be used in real applications. Moreover, the performance of the approach in the most of related works are verified only using simulated data. In this study, we increase the number of features and optimized the threshold adjustment method in the trigger. In addition, in the detection module of the second stage, six features carefully determined from traffic bytes, packets, and IP addresses are used. The performance of the proposal is demonstrated in a simulated SDN environment using a public dataset. The experimental results indicate that the times of calling the computationally intensive detection module is significantly reduced, while at the same time the detection performance of the overall system is not degraded.

DOI： 10.1109/IMCOM56909.2023.10035661

Scopus

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Temporal Convolution Network(TCN) has recently been introduced in the cybersecurity field, where two types of TCNs that consider causal relationships are used: causal TCN and non-causal TCN. Previous researchers have utilized causal and non-causal TCNs separately. Causal TCN can predict real-time outcomes, but it ignores traffic data from the time when the detection is activated. Non-causal TCNs can forecast results more globally, but they are less real-time. Employing either causal TCN or non-causal TCN individually has its drawbacks, and overcoming these shortcomings has become an important topic. In this research, we propose a method that combines causal and non-causal TCN in a contingent form to improve detection accuracy, maintain real-time performance, and prevent long detection time. Additionally, we use two datasets to evaluate the performance of the proposed method: NSL-KDD, a well-known dataset for evaluating network intrusion detection systems, and MQTT-IoT-2020, which simulates the MQTT protocol, a standard protocol for IoT machine-to-machine communication. The proposed method in this research increased the detection time by about 0.1ms compared to non-causal TCN when using NSL-KDD, but the accuracy improved by about 1.5%, and the recall improved by about 4%. For MQTT-IoT-2020, the accuracy improved by about 3%, and the recall improved by about 7% compared to causal TCN, but the accuracy decreased by about 1% compared to non-causal TCN. The required time was shortened by 30ms (around 30%), and the recall was improved by about 7%.

DOI： 10.1007/978-3-031-45933-7_30

Web of Science

Scopus

researchmap

出版者・発行元：IEEE Transactions on Information Theory  

All-or-nothing transforms (AONTs) were proposed by Rivest as a message preprocessing technique for encrypting data to protect against brute-force attacks, and have numerous applications in cryptography and information security. Later the unconditionally secure AONTs and their combinatorial characterization were introduced by Stinson. Informally, a combinatorial AONT is an array with the unbiased requirements and its security properties in general depend on the prior probability distribution on the inputs s-tuples. Recently, it was shown by Esfahani and Stinson that a combinatorial AONT has perfect security provided that all the inputs s-tuples are equiprobable, and has weak security provided that all the inputs s-tuples are with non-zero probability. This paper aims to explore on the gap between perfect security and weak security for combinatorial (t,s,v)-AONTs. Concretely, we consider the typical scenario that all the s inputs take values independently (but not necessarily identically) and quantify the amount of information H(X|Y) about any t inputs X that is not revealed by any s-t outputs Y. In particular, we establish the general lower and upper bounds on H(X|Y) for combinatorial AONTs using information-theoretic techniques, and also show that the derived bounds can be attained in certain cases. Furthermore, the discussions are extended for the security properties of combinatorial asymmetric AONTs.

DOI： 10.1109/TIT.2022.3174008

Web of Science

Scopus

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE International Symposium on Information Theory - Proceedings  

All-or-nothing transforms (AONT) were proposed by Rivest as a message preprocessing technique for encrypting data to protect against brute-force attacks, and have many applications in cryptography and information security. Later the unconditionally secure AONT and their combinatorial characterization were introduced by Stinson. Informally, a combinatorial AONT is an array with the unbiased requirements and its security properties in general depend on the prior probability distribution on the inputs s-tuples. Recently, it was shown by Esfahani and Stinson that a combinatorial AONT has perfect security provided that all the inputs s-tuples are equiprobable, and has weak security provided that all the inputs s-tuples are with non-zero probability. This paper aims to explore on the gap between perfect security and weak security for combinatorial (t, s, v)-AONTs. Concretely, we consider the typical scenario that all the s inputs take values independently (but not necessarily identically) and quantify the amount of information H(X|Y) about any t inputs X that is not revealed by any s-t outputs Y. In particular, we establish the general lower and upper bounds on H(X|Y) for combinatorial AONTs using information-theoretic techniques, and also show that the derived bounds can be attained in certain cases.

DOI： 10.1109/isit50566.2022.9834366

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）  

掲載種別：研究論文（学術雑誌）   出版者・発行元：Cryptography  

Vehicular Ad-hoc NETworks (VANETs), a special kind of Mobile Ad-hoc NETworks (MANETs), play an important role in Intelligent Transportation Systems (ITS). Via wireless technology, vehicles exchange information related to road conditions and their status, and, thereby, VANETs enhance transportation safety and efficiency. A critical aspect of VANETs is providing privacy for the vehicles. The employment of pseudonym certificates is a well-known solution to the privacy problems in VANETs. However, certificate management faces challenges in renewing certificates and revoking vehicles. The centralized certificate management, especially resulting in the delay of the revocation process, harms the nodes of VANETs. This paper proposes a blockchain structure-based certificate management for VANETs and voting-based revocation to halt misbehaving vehicles’ actions. Moreover, this paper presents extended privacy for the participants of the voting process using ring signatures.

DOI： 10.3390/cryptography6020020

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）   出版者・発行元：Journal of Information Security and Applications  

Contact tracing has emerged as a powerful and effective measure to curb the spread of contagious diseases. It is a robust tool, but on the downside, it possesses a risk of privacy violations as contact tracing requires gathering a lot of personal information. So there is a need for a cryptographic primitive that obfuscate the personal data of the user. Taking everything into account, private set intersection seems to be the natural choice to address the problem. Nearly all of the existing PSI protocols are relying on the number theoretic assumption based hard problems. However, these problems are not secure in quantum domain. As a consequence, it becomes essential to designing PSI that can resist quantum attack and provide long-term security. One may apply quantum cryptography to develop such PSI protocol. This paper deals with the design of PSI using quantum cryptography (QC), where the security depends on the principles of basic quantum mechanics. Our scheme achieves long-term security and remains secure against quantum attacks due to the use of QC. As opposed to the existing quantum PSI protocols, the communication and computation costs of our scheme are independent of the size of universal set. Particularly, our proposed protocol attains optimal communication cost in the context of quantum PSI. In addition, our designed protocol needs smaller amount of measurements. Moreover, we require only single photon quantum resources and simple single-particle projective measurements, unlike most of the existing quantum PSI protocols.

DOI： 10.1016/j.jisa.2022.103127

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）   出版者・発行元：Cryptography  

This survey reviews the two most prominent group-oriented anonymous signature schemes and analyzes the existing approaches for their problem: balancing anonymity against traceability. Group signatures and ring signatures are the two leading competitive signature schemes with a rich body of research. Both group and ring signatures enable user anonymity with group settings. Any group user can produce a signature while hiding his identity in a group. Although group signatures have predefined group settings, ring signatures allow users to form ad-hoc groups. Preserving user identities provided an advantage for group and ring signatures. Thus, presently many applications utilize them. However, standard group signatures enable an authority to freely revoke signers’ anonymity. Thus, the authority might weaken the anonymity of innocent users. On the other hand, traditional ring signatures maintain permanent user anonymity, allowing space for malicious user activities; thus achieving the requirements of privacy-preserved traceability in group signatures and controlled anonymity in ring signatures has become desirable. This paper reviews group and ring signatures and explores the existing approaches that address the identification of malicious user activities. We selected many papers that discuss balancing user tracing and anonymity in group and ring signatures. Since this paper scrutinizes both signatures from their basic idea to obstacles including tracing users, it provides readers a broad synthesis of information about two signature schemes with the knowledge of current approaches to balance excessive traceability in group signatures and extreme anonymity in ring signatures. This paper will also shape the future research directions of two critical signature schemes that require more awareness.

DOI： 10.3390/cryptography6010003

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 電子情報通信学会  

SUMMARY Smart contracts are becoming more and more popular in financial scenarios like medical insurance. Rather than traditional schemes, using smart contracts as a medium is a better choice for both participants, as it is fairer, more reliable, more efficient, and enables real-time payment. However, medical insurance contracts need to input the patient’s condition information as the judgment logic to trigger subsequent execution. Since the blockchain is a closed network, it lacks a secure network environment for data interaction with the outside world. The Data feed aims to provide the service of the on-chain and off-chain data interaction. Existing researches on the data feed has solved the security problems on it effectively, such as Town Crier, TLS-N and they have also taken into account the privacy-preserving problems. However, these schemes cannot actually protect privacy because when the ciphertext data is executed by the contract, privacy information can still be inferred by analyzing the transaction results, since states of the contract are publicly visible. In this paper, based on zero-knowledge proof and Hawk technology, a on-and-off-chain complete smart contract data feed privacy-preserving scheme is proposed. In order to present our scheme more intuitively, we combined the medical insurance compensation case to implement it, which is called MIPDF. In our MIPDF, the patient and the insurance company are parties involved in the contract, and the hospital is the data provider of data feed. The patient’s medical data is sent to the smart contract under the umbrella of the zero-knowledge proof signature scheme. The smart contract verifies the proof and calculates the insurance premium based on the judgment logic. Meanwhile, we use Hawk technology to ensure the privacy of on-chain contract execution, so that no information will be disclosed due to the result of contract execution. We give a general description of our scheme within the Universal Composability (UC) framework. We experiment and evaluate MIPDF on Ethereum for in-depth analysis. The results show that our scheme can securely and efficiently support the functions of medical insurance and achieve complete privacy-preserving.

DOI： 10.1587/transinf.2021bci0001

Web of Science

Scopus

CiNii Research

researchmap

出版者・発行元：Springer Proceedings in Mathematics and Statistics  

In a symmetric key encryption the sender and the receiver must possess the same pre-distributed key in order to encrypt or decrypt the exchanged messages. Exchanging symmetric keys is a challenging issue in cryptography. In this paper, we put forward a symmetric key encryption technique that does not require any common pre-shared “knowledge” between the parties. More specifically, we use a type of neural network called Tree Parity Machines (TPMs) which, when synchronized, enable two parties to reach a common state. The common state can be used to establish a common secret key. Our method makes use of the Tree Parity Machines to reach a common state between the parties communicating and encrypt the communications with an ElGamal-type encryption methodology. The advantage of our implementation is that the initial key exchange method is fast, lightweight and believed to become a post-quantum candidate. We have analyzed the randomness of the produced ciphertexts from our system using NIST randomness tests and the results are included in the paper. We also demonstrate security against chosen plaintext attacks.

DOI： 10.1007/978-981-19-9307-7_6

Web of Science

Scopus

出版者・発行元：Proceedings - 2022 10th International Symposium on Computing and Networking, CANDAR 2022  

A challenging issue for edge computing is how to correct meaningful information from sensor data while keeping the privacy of the data and individuals. One approach is given by the recent work [Choi et al. 'Guaranteeing Local Differential Privacy on Ultra-Low-Power Systems' 2018 ACM/IEEE 45th Annual International Symposium on Computer Architecture (ISCA)]. They point out that low resolution and fixed point characteristics of Ultra-Low-Power implementations may break privacy guarantees due to the low quality of noising. For overcoming this weakness, they introduce the techniques of resampling and thresholding. They also implemented in hardware to show the proposed method achieves both low overhead and high utility while keeping local differential privacy, with sensor/IoT benchmarks. Whereas, this research show some flaw in the existing work above and improve the method. We give the case in which infinite privacy loss still occurs because of low resolution even though the width of the output distribution is restricted, which was not investigated yet by the original paper of ISCA2018. Our major contribution is to propose an improvement to avoid privacy loss from low resolution and to enhance privacy protection in this circuit. Furthermore, we report the experimental results with software simulations, which guarantees the utility of our improving method. Finally, we discuss the power and limitation of our improved method with future challenging issues.

DOI： 10.1109/CANDAR57322.2022.00033

Web of Science

Scopus

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security  

We propose a decentralized but collaborative attribute-based tracing mechanism (a signer-identifying mechanism) for group signatures. Instead of a central tracing party in our scheme, a set of tracers satisfying the attribute set used for generating the group signature can identify the signer. Thus our proposal limits the parties who can identify the signer. On the other hand, it decentralized the tracing authority.

DOI： 10.1145/3488932.3527295

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/asiaccs/asiaccs2022.html#PereraNHYCS22

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security  

Any person can post arbitrary strings on the bulletin board. Following publication on bulletin board, a party receives a "evidence"that the intended data were posted. The bulletin board is open to the public, which means that anyone can view its contents. The fundamental security criteria for a BB are that its contents cannot be deleted, and that no evidence of publication can be falsified. BB was commonly perceived as a trusted and publicly verifiable channel. It formed the backbone of many important protocols such as e-voting, secure multi-party computation etc. and quite often it was assumed to exist to support the execution of the main protocol. After the advent of blockchain technology, BB systems has found a strong footing regarding its implementation in a distributed manner. In this paper, we aim to provide a concise summary of the evolution of bulletin board, its implementation issues and security analysis with an emphasis on its impact to e-voting systems.

DOI： 10.1145/3488932.3527280

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/asiaccs/asiaccs2022.html#SuwitoTSDTUS22

出版者・発行元：IEEE Access  

Neural networks based cryptography has seen a significant growth since the introduction of adversarial cryptography which makes use of Generative Adversarial Networks (GANs) to build neural networks that can learn encryption. The encryption has been proven weak at first but many follow up works have shown that the neural networks can be made to learn the One Time Pad (OTP) and produce perfectly secure ciphertexts. To the best of our knowledge, existing works only considered communications between two or three parties. In this paper, we show how multiple neural networks in an adversarial setup can remotely synchronize and establish a perfectly secure communication in the presence of different attackers eavesdropping their communication. As an application, we show how to build Secret Sharing Scheme based on this perfectly secure multi-party communication. The results show that it takes around 45,000 training steps for 4 neural networks to synchronize and reach equilibria. When reaching equilibria, all the neural networks are able to communicate between each other and the attackers are not able to break the ciphertexts exchanged between them.

DOI： 10.1109/ACCESS.2022.3223430

Web of Science

Scopus

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ijnc/ijnc12.html#MbowKS22

記述言語：英語   出版者・発行元：IJNC編集委員会  

Network intrusion detection system(NIDS) is the most used tool to detect malicious network activities. The NIDS has achieved in the recent years promising results for detecting known and novel attacks, with the adoption of deep learning. However, these NIDSs still have shortcomings. Most of the datasets used for NIDS are highly imbalanced, where the number of samples that belong to normal traffic is much larger than the attack traffic. The problem of imbalanced class skews the results. It limits the deep learning classifier’s performance for minority classes by misleading the classifier to be biased in favor of the majority class. To improve the detection rate for minority classes while ensuring efficiency, this study proposes a hybrid approach to handle the imbalance problem. This hybrid approach is a combination of oversampling with Synthetic Minority Over-Sampling (SMOTE) and Tomek link, an under-sampling method to reduce noise. Additionally, this study uses two deep learning models such as Long Short-Term Memory Network (LSTM) and Convolutional Neural Network (CNN) to provide a better intrusion detection system. The advantage of our proposed model is tested in NSL-KDD, CICIDS2017 datasets. In addition, we evaluate the method in the most recent intrusion detection dataset, CICIDS2018 dataset. We use 10-fold cross validation in this work to train the learning models and an independent test set for evaluation. The experimental results show that in the multi-class classification with NSLKDD dataset, the proposed model reached an overall accuracy and Fscore of 99% and 99.0.2% respectively on LSTM, an overall accuracy and Fscore of 99.70% and 99.27% respectively for CNN. And with CICIDS2017 an overall ac- curacy and Fscore of 99.65% and 98 % respectively on LSTM, an overall accuracy and Fscore of 99.85% and 98.98% respectively for CNN. In CICIDS2018 the proposed method achieved an overall detection rate and Fscore of 95% and 94% respectively.

DOI： 10.15803/ijnc.12.2_467

CiNii Research

出版者・発行元：Proceedings - 2022 IEEE International Conference on Big Data, Big Data 2022  

Modern Internet of Things (IoT) systems are highly complex due to its mobile, ad-hoc and geographically distributed nature. Very often, an edge-cloud infrastructure is established to offer intelligent services in modern IoT systems. However, IoT edge devices are typically resource-constrained and can not perform sophisticated machine learning algorithm on board. Data sharing with a central server is a common approach of crowdsourcing, but also brings privacy and security concerns. The emerging federated learning offers a promising pathway to achieve an accurate model through distributed machine learning while ensuring data privacy. The existing federated learning process is not tailored to the mobile and adhoc nature of IoT systems where devices are of varying data and system qualities and may not be able to participate the entire training process. Therefore, in this paper, a new federated learning framework is proposed to support asynchronous model fusion with clustering-based participant selection. The proposed framework aims to accommodate the ad-hoc nature of IoT devices, and at the same time avoiding low quality or even malicious data from its participants to ensure model convergence and performance.

DOI： 10.1109/BigData55660.2022.10020575

Scopus

出版者・発行元：ACM International Conference Proceeding Series  

When trading cryptocurrencies, mining is the process of searching for a solution to a computationally difficult problem. Due to the nature of the search, the time required for mining is subject to fluctuations. This is undesirable from the standpoint of security. In order to reduce the variance of mining time, we implemented the multiple concatenation mining method proposed in existing research and evaluated its performance. Although the results differ from theoretical values, the effect of small variance was confirmed.

DOI： 10.1145/3559795.3559803

Web of Science

Scopus

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

This paper proposes a group signature scheme with a tracing mechanism that limits the tracing ability of tracers based on their attributes and decentralizes the tracing key generation method. Thus, no other party than the attributes satisfying tracer can identify the signer. The proposing scheme answers the single point of failure of the tracing mechanism in the existing group signature schemes. On the other hand, the multiple tracers setting of the proposing scheme reduces the tracing workload that the single tracer had, and provides selection flexibility for users to choose a tracer for their signatures based on tracers’ attributes. This paper discussed the related security definitions against outsiders and honest but curious authorities.

DOI： 10.1007/978-3-031-21280-2_31

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ispec/ispec2022.html#PereraNMYS22

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：ACM  

DOI： 10.1145/3488932

researchmap

出版者・発行元：Proceedings - 2022 10th International Symposium on Computing and Networking Workshops, CANDARW 2022  

Cryptocurrency involves the search for a solution to a computationally difficult problem when conducting transactions. This is called mining, and by its nature, the time required for mining can vary significantly. This is undesirable from a security perspective. Existing research has proposed mining using graph cliques and methods for linking multiple mines with the aim of reducing the variance in mining time. In this study, we evaluated and implemented the possibility of further reducing the variance of mining time by combining the existing studies. The results showed that the combination of the two methods was more effective than conventional mining and existing research to achieve small variance.

DOI： 10.1109/CANDARW57323.2022.00089

Web of Science

Scopus

記述言語：英語   掲載種別：論文集(書籍)内論文   出版者・発行元：Communications in Computer and Information Science  

Machine learning is one of the predominant methods used in computer science and has been widely and successfully applied in many areas such as computer vision, pattern recognition, natural language processing, cyber security etc. In cyber security, the application of machine learning algorithms for network intrusion detection system (NIDS) has seen promising results for anomaly detection mostly with the adoption of deep learning and is still growing. However, machine learning algorithms are vulnerable to adversarial attacks resulting in significant performance degradation. Adversarial attacks are security threats that aim to deceive the learning algorithm by manipulating its predictions, and Adversarial machine learning is a research area that studies both the generation and defense of such attacks. Researchers have extensively worked on the adversarial machine learning in computer vision but not many works in Intrusion detection system. However, failure in this critical Intrusion detection area could compromise the security of an entire system, and need much attention. This paper provides a review of the advancement in adversarial machine learning based intrusion detection and explores the various defense techniques applied against. Finally discuss their limitations for future research direction in this emerging area.

DOI： 10.1007/978-981-19-7769-5_15

Web of Science

Scopus

researchmap

出版者・発行元：Communications in Computer and Information Science  

Sharing microdata is a very important part of the present day world, but when they contain sensitive information, privacy to individuals needs to be guaranteed before release of data. One idea is to study the distributional properties of a data-set and generate synthetic data which has similar properties but unlike the original data comes with a privacy guarantee. In this review paper, we describe in detail, some advanced privacy guarantees that needs to be checked before release of such information. Also, we discuss some utility metrics to measure the remaining utility of released data. Very few mechanisms have been developed to ensure utility to synthetic data, provided a very strong privacy guarantee is maintained. We discuss some existing methodologies on privacy preserving synthetic data generation and discuss a privacy utility tradeoff problem.

DOI： 10.1007/978-981-19-7769-5_13

Web of Science

Scopus

掲載種別：研究論文（学術雑誌）   出版者・発行元：IEEE Access  

Polynomial multiplication is one of the heaviest operations for a lattice-based public key algorithm in Post-Quantum Cryptography (PQC). Many studies have been done to accelerate polynomial multiplication with newly developed hardware accelerators or special CPU instructions. However, another method utilizes previously implemented and commercial hardware accelerators for RSA/elliptic curve cryptography (ECC). Reusing an existing hardware accelerator is advantageous, not only for the cost benefit but also for the improvement in performance. In this case, the developer should adopt the most efficient implementation method for the functions provided by a given legacy hardware accelerator. It is difficult to find an optimized implementation for a given hardware accelerator because there are a variety of methods, and each method depends on the functions provided by the given accelerator. In order to solve the problem, we survey methods for polynomial multiplication using RSA/ECC coprocessors and their application for Learning With Error (LWE)-based KEM algorithms of National Institute of Standards and Technology (NIST) PQC round 3 candidates. We implement all known methods for polynomial multiplication with RSA/ECC coprocessors in a platform, commercial mobile system-on-chip (SoC), the Exynos2100 Smart Secure Platform (SSP). We present and analyze the simulation results for various legacy hardware accelerators and give guidance for optimized implementation.

DOI： 10.1109/ACCESS.2021.3138807

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them.

DOI： 10.1007/978-3-030-15032-7_106

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The application of a large number of Internet of Things (IoT) devices makes our life more convenient and industries more efficient. However, it also makes cyber-attacks much easier to occur because so many IoT devices are deployed and most of them do not have enough resources (i.e., computation and storage capacity) to carry out ordinary intrusion detection systems (IDSs). In this study, a lightweight machine learning-based IDS using a new feature selection algorithm is designed and implemented on Raspberry Pi, and its performance is verified using a public dataset collected from an IoT environment. To make the system lightweight, we propose a new algorithm for feature selection, called the correlated-set thresholding on gain-ratio (CST-GR) algorithm, to select really necessary features. Because the feature selection is conducted on three specific kinds of cyber-attacks, the number of selected features can be significantly reduced, which makes the classifiers very small and fast. Thus, our detection system is lightweight enough to be implemented and carried out in a Raspberry Pi system. More importantly, as the really necessary features corresponding to each kind of attack are exploited, good detection performance can be expected. The performance of our proposal is examined in detail with different machine learning algorithms, in order to learn which of them is the best option for our system. The experiment results indicate that the new feature selection algorithm can select only very few features for each kind of attack. Thus, the detection system is lightweight enough to be implemented in the Raspberry Pi environment with almost no sacrifice on detection performance.

DOI： 10.3390/electronics9010144

記述言語：英語  

In this study, we look for malicious domains in the logs of the primary DNS server of Kumamoto University using a malicious domain check tool (Virus Total), We then classify them according to their LIFETIME (LT) and investigate their main attack applications. The following results were obtained from the experiment: (1) Ransomware, phishing, and DDoS attacks were the 3 most frequent attacks. (2) We obtained two sets of LIFETIME by plotting the number of malicious domains according to their frequency (3) The frequency distribution obtained on ransomware, phishing, and DDoS attacks show that the LT distribution of ransomware and phishing is similar, however, the frequency of DDoS attacks is shorter. (4) From these results, we learn that the attack method can be determined by measuring the LT. The LT shows to be a good parameter to be used with machine learning to detect malicious domain names.

DOI： 10.1007/978-3-030-39746-3_35

記述言語：英語  

This exploratory investigation aims to discuss current network environment of digital supply chain system and security issues, especially from the Internet world, of digital supply chain management system with applying some advanced information technologies, such as Internet of Things and blockchain, for improving various system performance and properties. This paper introduces the general histories and backgrounds, in terms of information science, of the supply chain and relevant technologies which have been applied or are potential to be applied on supply chain with purpose of lowering cost, facilitating its security and convenience. It provides a comprehensive review of current relative research work and industrial cases from several famous companies. It also illustrates the IoT enablement and security issues of current digital supply chain system, and existing blockchain’s role in this kind of digital system. Finally, this paper concludes several potential or existing security issues and challenges which supply chain management is facing.

DOI： 10.1007/978-3-030-39746-3_57

記述言語：英語  

The domain of Artificial Intelligence (AI) has seen an outstanding growth during the last two decades. It has proven its efficiency in handling complex domains including speech recognition, image recognition and many more. One interesting and evolving branch that was put forward years ago but have seen a good growth only during the past few years is encryption using AI. After Google announced that it has succeeded teaching neural networks encryption in the presence of Eavesdroppers, research in this particular area has seen a rapid spread of interest among different researchers all over the world to develop new Neural Networks capable of operating different cryptographic tasks. In this paper, we take initial steps to achieve secure communication among more than two parties using neural network based encryption. We forward the idea of two party symmetric encryption scheme of Google to a multi party Encryption scheme. In this paper we will focus on a 3-Party case.

DOI： 10.1007/978-3-030-39746-3_27

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method.

DOI： 10.1007/978-3-030-15032-7_74

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy.

DOI： 10.1007/978-3-030-15032-7_39

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We propose a construction of the modulus of the RSA public keys for decentralized public-key trust generation like Web-of-Trust, where the modulus has inside structure. The first function of the structure is that it enables a peer to verify that the owner of the public key certainly generated the corresponding secret key. The second function is to tie up the public key with the owner's identity as well as her guarantors identities. Our construction is based on the modified version of the Lenstra's algorithm, by which a related second public key and the identity strings are embedded into the RSA modulus. The second public key is of the elliptic-curve cryptosystem (ECC) which has almost equivalent security level to the RSA cryptosystem. Our construction is applicable to a peer-to-peer network equipped with the blockchain of “consortium” and “trusted” type to yield a flat network that does not depends on PKI of the X.509 type.

DOI： 10.1016/j.jisa.2018.12.006

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We propose a construction of the modulus of the RSA public keys for decentralized public-key trust generation like Web-of-Trust, where the modulus has inside structure. The first function of the structure is that it enables a peer to verify that the owner of the public key certainly generated the corresponding secret key. The second function is to tie up the public key with the owner's identity as well as her guarantors identities. Our construction is based on the modified version of the Lenstra's algorithm, by which a related second public key and the identity strings are embedded into the RSA modulus. The second public key is of the elliptic-curve cryptosystem (ECC) which has almost equivalent security level to the RSA cryptosystem. Our construction is applicable to a peer-to-peer network equipped with the blockchain of “consortium” and “trusted” type to yield a flat network that does not depends on PKI of the X.509 type.

DOI： 10.1016/j.jisa.2018.12.006

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The output of convolutional neural networks (CNNs) has been shown to be discontinuous which can make the CNN image classifier vulnerable to small well-tuned artificial perturbation. That is, images modified by conducting such alteration (i.e., adversarial perturbation) that make little difference to the human eyes can completely change the CNN classification results. In this paper, we propose a practical attack using differential evolution (DE) for generating effective adversarial perturbations. We comprehensively evaluate the effectiveness of different types of DEs for conducting the attack on different network structures. The proposed method only modifies five pixels (i.e., few-pixel attack), and it is a black-box attack which only requires the miracle feedback of the target CNN systems. The results show that under strict constraints which simultaneously control the number of pixels changed and overall perturbation strength, attacking can achieve 72.29%, 72.30%, and 61.28% non-targeted attack success rates, with 88.68%, 83.63%, and 73.07% confidence on average, on three common types of CNNs. The attack only requires modifying five pixels with 20.44, 14.28, and 22.98 pixel value distortion. Thus, we show that current deep neural networks are also vulnerable to such simpler black-box attacks even under very limited attack conditions.

DOI： 10.1186/s41074-019-0053-3

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue.

DOI： 10.1007/978-3-030-14234-6_6

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

Recently, deep learning based natural language processing techniques are
being extensively used to deal with spam mail, censorship evaluation in social
networks, among others. However, there is only a couple of works evaluating the
vulnerabilities of such deep neural networks. Here, we go beyond attacks to
investigate, for the first time, universal rules, i.e., rules that are sample
agnostic and therefore could turn any text sample in an adversarial one. In
fact, the universal rules do not use any information from the method itself (no
information from the method, gradient information or training dataset
information is used), making them black-box universal attacks. In other words,
the universal rules are sample and method agnostic. By proposing a
coevolutionary optimization algorithm we show that it is possible to create
universal rules that can automatically craft imperceptible adversarial samples
(only less than five perturbations which are close to misspelling are inserted
in the text sample). A comparison with a random search algorithm further
justifies the strength of the method. Thus, universal rules for fooling
networks are here shown to exist. Hopefully, the results from this work will
impact the development of yet more sample and model agnostic attacks as well as
their defenses, culminating in perhaps a new age for artificial intelligence.

DOI： 10.1109/CEC.2019.8790213

記述言語：その他   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

DOI： 10.1109/CANDARW.2018.00111

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

DOI： 10.1109/CANDARW.2018.00104

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

DOI： 10.1109/CANDARW.2018.00102

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

DOI： 10.1109/SmartWorld.2018.00079

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

DOI： 10.1109/CANDARW.2018.00091

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

DOI： 10.1109/CANDARW.2018.00049

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

DOI： 10.1109/CANDARW.2018.00083

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

DOI： 10.1109/CANDARW.2018.00111

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

DOI： 10.1109/CANDARW.2018.00104

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

DOI： 10.1109/CANDARW.2018.00102

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

DOI： 10.1109/SmartWorld.2018.00079

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

DOI： 10.1109/CANDARW.2018.00091

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

DOI： 10.1109/CANDARW.2018.00049

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

DOI： 10.1109/CANDARW.2018.00083

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

DOI： 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00040

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

DOI： 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00040

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries.

DOI： 10.1109/AINA.2018.00112

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

DOI： 10.1109/COMPSAC.2018.10315

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

DOI： 10.1109/TPDS.2017.2782253

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

DOI： 10.1109/TPDS.2017.2782253

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

DOI： 10.1109/TPDS.2017.2782253

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

DOI： 10.1109/CANDAR.2017.26

記述言語：その他  

The output of Convolutional Neural Networks (CNN) has been shown to be
discontinuous which can make the CNN image classifier vulnerable to small
well-tuned artificial perturbations. That is, images modified by adding such
perturbations(i.e. adversarial perturbations) that make little difference to
human eyes, can completely alter the CNN classification results. In this paper,
we propose a practical attack using differential evolution(DE) for generating
effective adversarial perturbations. We comprehensively evaluate the
effectiveness of different types of DEs for conducting the attack on different
network structures. The proposed method is a black-box attack which only
requires the miracle feedback of the target CNN systems. The results show that
under strict constraints which simultaneously control the number of pixels
changed and overall perturbation strength, attacking can achieve 72.29&#37;, 78.24&#37;
and 61.28&#37; non-targeted attack success rates, with 88.68&#37;, 99.85&#37; and 73.07&#37;
confidence on average, on three common types of CNNs. The attack only requires
modifying 5 pixels with 20.44, 14.76 and 22.98 pixel values distortion. Thus,
the result shows that the current DNNs are also vulnerable to such simpler
black-box attacks even under very limited attack conditions.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

DOI： 10.1109/CANDAR.2017.93

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

DOI： 10.1109/CANDAR.2017.26

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

DOI： 10.1109/CANDAR.2017.93

記述言語：その他  

The Internet of Things (IoT) is an extension of the traditional Internet,
which allows a very large number of smart devices, such as home appliances,
network cameras, sensors and controllers to connect to one another to share
information and improve user experiences. Current IoT devices are typically
micro-computers for domain-specific computations rather than traditional
functionspecific embedded devices. Therefore, many existing attacks, targeted
at traditional computers connected to the Internet, may also be directed at IoT
devices. For example, DDoS attacks have become very common in IoT environments,
as these environments currently lack basic security monitoring and protection
mechanisms, as shown by the recent Mirai and Brickerbot IoT botnets. In this
paper, we propose a novel light-weight approach for detecting DDos malware in
IoT environments.We firstly extract one-channel gray-scale images converted
from binaries, and then utilize a lightweight convolutional neural network for
classifying IoT malware families. The experimental results show that the
proposed system can achieve 94.0&#37; accuracy for the classification of goodware
and DDoS malware, and 81.8&#37; accuracy for the classification of goodware and two
main malware families.

DOI： 10.1109/COMPSAC.2018.10315

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In this paper, we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on encrypted outsourced data. One limitation of CP-ABE is that the users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. We provide a theoretical analysis of the security of the proposed protocol and the experimental results measured from a real-world testbed.

DOI： 10.1002/cpe.4736

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：その他   掲載種別：研究論文（その他学術会議資料等）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Low cost, decentralized architecture and ad hoc nature are a few desirable properties of wireless sensor networks that make them well suited for gathering sensitive information in hazardous deployment grounds. Existing security protocols exploit various cryptographic tools to strengthen their security. Not many works focus on constraints faced by an adversary. One such constraint being practical difficulties to trace a particular frequency band from a large range of unknown frequencies, specially in unharmonious geographical locations. Our research capitalizes on this weakness encountered by an adversary and preassigns nodes with multiple frequency bands from a wide range of frequencies allocated to the network. Deployed nodes can discover these bands during set network setup phase by a simple trick. Nodes are to internally switch their frequency bands depending on parametric variation that are caused by an (external) impulse. Experiments conducted using magneto optic sensors confirm that any variation of their parameter affects frequencies of emergent waves. Similar behavior is expected from application specific sensors. Frequency regulation (FR) concept is applied to combinatorial key predistribution schemes (KPS) having (regular) degree r. Depending on r and each node's capability to switch internal frequencies, nodes are preallocated with n frequency bands. This naturally partitions the (distributed) network and results in improved resilience. Combining our FR concept to a KPS where the number of shared key between a pair of nodes is at most one (γ ≤ 1) may yield best case scenario of an ideally resilient key predistribution. Our analysis of systems that combines FR idea with KPS where γ > 1 leads to an optimized key-band distribution argument and drastic resilience improvements. Results of simulations conducted assuming real-life scenario ascertain our analysis and establishes superior performance of our protocols as compared to prominent ones.

DOI： 10.1002/cpe.4017

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Low cost, decentralized architecture and ad hoc nature are a few desirable properties of wireless sensor networks that make them well suited for gathering sensitive information in hazardous deployment grounds. Existing security protocols exploit various cryptographic tools to strengthen their security. Not many works focus on constraints faced by an adversary. One such constraint being practical difficulties to trace a particular frequency band from a large range of unknown frequencies, specially in unharmonious geographical locations. Our research capitalizes on this weakness encountered by an adversary and preassigns nodes with multiple frequency bands from a wide range of frequencies allocated to the network. Deployed nodes can discover these bands during set network setup phase by a simple trick. Nodes are to internally switch their frequency bands depending on parametric variation that are caused by an (external) impulse. Experiments conducted using magneto optic sensors confirm that any variation of their parameter affects frequencies of emergent waves. Similar behavior is expected from application specific sensors. Frequency regulation (FR) concept is applied to combinatorial key predistribution schemes (KPS) having (regular) degree r. Depending on r and each node's capability to switch internal frequencies, nodes are preallocated with n frequency bands. This naturally partitions the (distributed) network and results in improved resilience. Combining our FR concept to a KPS where the number of shared key between a pair of nodes is at most one ( 1) may yield best case scenario of an ideally resilient key predistribution. Our analysis of systems that combines FR idea with KPS where >1 leads to an optimized key-band distribution argument and drastic resilience improvements. Results of simulations conducted assuming real-life scenario ascertain our analysis and establishes superior performance of our protocols as compared to prominent ones.

DOI： 10.1002/cpe.4017

記述言語：英語   掲載種別：研究論文（学術雑誌）  

With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups—that is, different providers and regions. By combining an ℓ-out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from ℓ groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.

DOI： 10.1007/s11227-017-2009-7

記述言語：英語   掲載種別：研究論文（学術雑誌）  

With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups-that is, different providers and regions. By combining an -out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.

DOI： 10.1007/s11227-017-2009-7

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The increase of sensitive data in the current Internet of Things (IoT) raises demands of computation, communication and storage capabilities. Indeed, thanks to RFID tags and wireless sensor networks, anything can be part of IoT. As a result, a large amount of data is generated, which is hard for many IoT devices to handle, as many IoT devices are resource-constrained and cannot use the existing standard security protocols. Cloud computing might seem like a convenient solution, since it offers on-demand access to a shared pool of resources such as processors, storage, applications and services. However this comes as a cost, as unnecessary communications not only burden the core network, but also the data center in the cloud. Therefore, considering suitable approaches such as fog computing and security middleware solutions is crucial. In this paper, we propose a novel middleware architecture to solve the above issues, and discuss the generic concept of using fog computing along with cloud in order to achieve a higher security level. Our security middleware acts as a smart gateway as it is meant to pre-process data at the edge of the network. Depending on the received information, data might either be processed and stored locally on fog or sent to the cloud for further processing. Moreover, in our scheme, IoT constrained devices communicate through the proposed middleware, which provide access to more computing power and enhanced capability to perform secure communications. We discuss these concepts in detail, and explain how our proposal is effective to cope with some of the most relevant IoT security challenges.

DOI： 10.1145/3109761.3158413

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on the encrypted outsourced data. One limitation of CP-ABE is that users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. The security analysis demonstrates the robustness of the proposed scheme.

DOI： 10.1109/Trustcom/BigDataSE/ICESS.2017.238

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We address two problems: First, we study a variant of block withholding (BWH) attack in Bitcoins and second, we propose solutions to prevent all existing types of BWH attacks in Bitcoins. We analyze the strategies of a selfish Bitcoin miner who in connivance with one pool attacks another pool and receives reward from the former mining pool for attacking the latter. We name this attack as 'sponsored block withholding attack.' We present detailed quantitative analysis of the monetary incentive that a selfish miner can earn by adopting this strategy under different scenarios. We prove that under certain conditions, the attacker can maximize her revenue by adopting some strategies and by utilizing her computing power wisely. We also show that an attacker may use this strategy for attacking both the pools for earning higher amount of incentives. More importantly, we present a strategy that can effectively counter block withholding attack in any mining pool. First, we propose a generic scheme that uses cryptographic commitment schemes to counter BWH attack. Then, we suggest an alternative implementation of the same scheme using hash function. Our scheme protects a pool from rogue miners as well as rogue pool administrators. The scheme and its variant defend against BWH attack by making it impossible for the miners to distinguish between a partial proof of work and a complete proof of work. The scheme is so designed that the administrator cannot cheat on the entire pool. The scheme can be implemented by making minor changes to existing Bitcoin protocol. We also analyze the security of the scheme.

DOI： 10.1109/TIFS.2016.2623588

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We address two problems: First, we study a variant of block withholding (BWH) attack in Bitcoins and second, we propose solutions to prevent all existing types of BWH attacks in Bitcoins. We analyze the strategies of a selfish Bitcoin miner who in connivance with one pool attacks another pool and receives reward from the former mining pool for attacking the latter. We name this attack as 'sponsored block withholding attack.' We present detailed quantitative analysis of the monetary incentive that a selfish miner can earn by adopting this strategy under different scenarios. We prove that under certain conditions, the attacker can maximize her revenue by adopting some strategies and by utilizing her computing power wisely. We also show that an attacker may use this strategy for attacking both the pools for earning higher amount of incentives. More importantly, we present a strategy that can effectively counter block withholding attack in any mining pool. First, we propose a generic scheme that uses cryptographic commitment schemes to counter BWH attack. Then, we suggest an alternative implementation of the same scheme using hash function. Our scheme protects a pool from rogue miners as well as rogue pool administrators. The scheme and its variant defend against BWH attack by making it impossible for the miners to distinguish between a partial proof of work and a complete proof of work. The scheme is so designed that the administrator cannot cheat on the entire pool. The scheme can be implemented by making minor changes to existing Bitcoin protocol. We also analyze the security of the scheme.

DOI： 10.1109/TIFS.2016.2623588

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： DOI: 10.1109/ICOIN.2017.7899511

その他リンク： http://ieeexplore.ieee.org/document/7899511/authors

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.

DOI： 10.1109/ICOIN.2017.7899511

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Nowadays, various mobile devices are being an inseparable part of our normal life. Mobile users tend to be connected to the Internet seamlessly, which is provided by mobility management protocols. One of the latest mobility management protocol is Proxy Mobile IPv6 (PMIPv6), which is a network-based protocol. Authentication mechanism as a critical security procedure is not specified in PMIPv6, hence various authentication methods have been proposed. Lee and Bonin proposed a ticket-based authentication scheme for PMIPv6, which is called HOTA in 2013. Even though, HOTA offers some security protection mechanisms, but is vulnerable to DoS attack. Furthermore, we show other existing drawbacks to the scheme such as vulnerability against de-synchronization attack and Session Hijacking attack. In this paper, we propose an enhancement method to mitigate these security drawbacks. Finally, security and performance of the proposed method are analyzed and compared to HOTA method.

DOI： 10.1109/ICIN.2017.7899399

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Nowadays cloud servers become the primary choice to store and share data with multiple recipients. The storage of personal information on cloud servers may result in the exposure of confidential information to unauthorized individuals or organizations. Several solutions employing attribute-based encryption schemes have been proposed for secure sharing of data using cloud servers. However, most of the solutions fail to trace the traitors, who intentionally leaked their data access privileges for personal gain. This paper introduces a traceable ciphertext policy attribute-based signcryption (sign-then-encrypt) scheme to simultaneously realize the notion of traitor-tracing, fine-grained access control, sender anonymity, message integrity, authenticity and sensitivity by extending traceable attribute based encryption scheme using attribute-based signature. Single authority may compromise user's key. Hence to reduce the trust on authority, our proposed scheme employs different authorities for key generation and traitor-tracing. In addition, our proposed scheme preserves message sensitivity by allowing the data-owner to define message category label. We analyze the performance of our scheme with respect to secret key size, ciphertext size, computation cost involves in signcryption and designcryption and compare it with existing schemes to show its efficacy.

DOI： 10.1109/CIT.2016.52

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Distributed attacks have reportedly caused the most serious losses in recent years. Here, distributed attacks means those attacks conducted collaboratively by multiple hosts. How to detect distributed attacks has become one of the most important topics in the cyber security community. Many detection methods have been proposed, each of which, however, has its own weak points. For example, detection performance of information theory based methods strongly depends on the information theoretic measures and signature-based methods suffer from the fact that they can deal with neither new kinds of attacks nor new variants of existing attacks. Recently, behavior-based method has been attracting great attentions from many researchers and developers and it is thought as the most promising one. In behavior-based approaches, normal behavior modes are learned/extracted from past traffic data of the monitored network and are used to recognize anomalies in the future detection. In this paper, we explain how to implement an online behavior-based engine for detecting distributed cyber-attacks. Detection cases of our engine are also introduced and some actual attacks/incidents have been captured by our detection engine.

DOI： 10.1007/978-3-319-56549-1_7

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The benefits of cloud computing motivate enterprises to migrate their IT infrastructure on cloud servers. Enterprise needs to entrust untrusted cloud service provider, which gives rise to various security and privacy concerns. To address these concerns, numerous schemes in cloud computing employed attribute-based encryption schemes. However, existing schemes are neither flexible enough to provide users complete liberty on delegation of their access privileges nor grant shared access privileges among users of a group to jointly address a responsibility. This paper introduces hierarchical attribute-set-based access control scheme by employing ciphertext-policy attribute-set-based encryption with a hierarchical structure of users to achieve scalability. The proposed scheme simultaneously achieves the notion of fine-grained cum flexible access control, privacy preserving, efficient data utilization and imperatively provides users full-fledged liberty on delegation of their access privileges. Furthermore, we formally prove that proposed scheme is secure under decisional bilinear Diffie-Hellman assumption. (C) 2016 Elsevier Ltd. All rights reserved.

DOI： 10.1016/j.compeleceng.2016.11.028

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

SQL Injection attack is a kind of attack to a web application that accesses the database of the web application illegitimate. Along with the increasing use of web applications, the database where stores much sensitive information became more and more valuable and vulnerable. Eventually, SQL Injection attack has become rank one in top ten vulnerabilities as specified by Open Web Application Security Project (OWASP). In the other hand, although there was proposed a lot of methods to address the SQL injection attack, the current approaches almost have the limitation to detect full scope of the attack. What is more, the approaches have high precision in detecting pre-existing attacks though, but cannot detect unknown attacks. In this paper, we present an expectation-based solution to address SQL injection attack. Our proposal mainly has two phases. In the first phase, we calculate the occurrence probability of the SQL injection attack special characters in attack dataset and typical dataset respectively, and in the second phase we detect SQL injection attack base on expectation calculating take advantage of the computed occurrence probability.

DOI： 10.1109/CANDAR.2016.74

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The attack abusing web application vulnerabilities are currently classified into traditional attack threats. However, security breaches by web application attacks are still reported via mass media. Although the vulnerabilities in popular products such as Microsoft IIS or Apache are quickly discovered by security researchers around the world, it is hard to identify the vulnerabilities in customized web applications developed by each organization. On top of that, in the case of large corporations, it is hard to manage all web applications since their business domains are diversified, and each division has various web applications. In this paper, we propose web application deception proxy as a defense approach, and we show that it is very helpful to prevent and detect web application attacks.

DOI： 10.1145/3022227.3022300

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this work, we construct a dual version of statistically binding commitment scheme by Jain et al. (Asiacrypt 2012) with shorter commitment size under hardness of syndrome decoding. Then, we point out that perfectly binding variants of the above schemes follow directly from the Randomized McEliece and Niederreiter public key encryption schemes, assuming indistinguishability of permuted Goppa codes, as well as hardness of the exact learning parity with noise (xLPN) problem (for the McEliece scheme) and hardness of syndrome decoding (for the Niederreiter scheme). Our key observation here is that perfect binding (as opposed to statistical binding) requires exact knowledge of minimal distance of the underlying code. Finally, we provide security evaluation of our proposals, and compare their performance with that of existing schemes.

DOI： 10.1145/3022227.3022327

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The signature authentication on smartphones has been studied as a method to protect personal information. Its authentication accuracy is a challenge due to restrictions such as size of the terminal. In this paper, a signature authentication method that incorporates the calligraphy concept called Eight Principles of Yong is proposed for users of Chinese characters. The Eight Principles of Yong means that the character Yong has the eight techniques needed to describe any Chinese character. In the method, the certifier makes clusters from Yong in advance. Strokes of the template are allocated in clusters. At the time of authentication, strokes of the character are allocated in these clusters. If the cluster is the same as the stroke, the distance between the data decreases.

DOI： 10.1145/3022227.3022258

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In the domain of information security, code obfuscation is a feature often employed for malicious purposes. For example there have been quite a few papers reporting that obfuscated JavaScript frequently comes with malicious functionality such as redirecting to external malicious websites. In order to capture such obfuscation, a class of detectors based on statistical features of code, mostly n-grams have been proposed and been claimed to achieve high detection accuracy. In this paper, we formalize a common scenario between defenders who maintain the statistical obfuscation detectors and adversaries who want to evade the detection. Accordingly, we create two kinds of evasion attack methods and evaluate the robustness of statistical detectors under such attacks. Experimental results show that statistical obfuscation detectors can be easily fooled by a sophisticated adversary even in worst case scenarios.

DOI： 10.1007/978-3-319-64200-0_8

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

DDoS (Distributed Denial of Service) attack is one of the most used DoS (Denial of Service) attack. It is a distributed attack in which an attacker uses a multitude of compromised computers to attack a single target. Those compromised computers that actually execute the attack are called botnet. To hide their identity, the attacker usually uses a third-party server to control and send attack command to bots, this kind of server is called C&C (command & control) server. The detection of C&C sessions is a strong proof of botnet detection and early detection of DDoS attacks as C&C connections occur before a DDoS attack. Network traffic analysis is an effective method to detect C&C sessions as it is hard to avoid encrypting the payload or change command code. We consider a new feature vector with 55 features, and use a random forest algorithm to build the classifier. Random forest is an ensemble of classifiers that can deal with high-dimension problems. In fact, it can also calculate the importance of features that will help us find the key features responsible for the detection of C&C sessions. Experimental results show that our approach has better performance on C&C session detection.

DOI： 10.1145/3022227.3022260

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The benefits of cloud computing motivate enterprises to migrate their IT infrastructure on cloud servers. Enterprise needs to entrust untrusted cloud service provider, which gives rise to various security and privacy concerns. To address these concerns, numerous schemes in cloud computing employed attribute-based encryption schemes. However, existing schemes are neither flexible enough to provide users complete liberty on delegation of their access privileges nor grant shared access privileges among users of a group to jointly address a responsibility. This paper introduces hierarchical attribute-set-based access control scheme by employing ciphertext-policy attribute-set-based encryption with a hierarchical structure of users to achieve scalability. The proposed scheme simultaneously achieves the notion of fine-grained cum flexible access control, privacy preserving, efficient data utilization and imperatively provides users full-fledged liberty on delegation of their access privileges. Furthermore, we formally prove that proposed scheme is secure under decisional bilinear Diffie–Hellman assumption.

DOI： 10.1016/j.compeleceng.2016.11.028

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Once organizations have the security incident and breaches, they have to pay tremendous costs. Although visible cost, such as the incident response cost, customer follow-up care, and legal cost are predictable and calculable, it is tough to evaluate and estimate the invisible damage, such as losing customer loyalty, reputation impact, and the damage of branding. This paper proposes a new method, called "Event Study Methodology with Twitter Sentimental Analysis" to evaluate the invisible cost. This method helps to assess the impact of the security breach and the impact on corporate valuation.

DOI： 10.1145/3022227.3022240

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Distributed DoS (Denial-of-Service) attacks, or say DDoS attacks, have reportedly caused the most serious losses in recent years and such attacks are getting worse. How to efficiently detect DDoS attacks has naturally become one of the hottest topics in the cyber security community and many approaches have been proposed. The existing detection technologies, however, have their own weak points. For example, methods based on information theory must choose an information theoretic measures carefully which play an essential role on the detection performance and such methods are efficient only when there are a significantly large number of anomalies present in the data; signature-based methods can not deal with new kinds of attacks and new variants of existing attacks, and so on. The behavior-based ones have been thought to be promising. However, they often need some parameters to define the normal nodes and such parameters cannot be determined easily in advance in many actual situations. In our previous work, an algorithm without parameters was proposed for extracting normal nodes from the historic traffic data. In this paper, we will explain a practical off-line detection system for DDoS attacks that we developed based on that algorithm in a project called PRACTICE (Proactive Response Against Cyber-attacks Through International Collaborative Exchange). The general flow of our detection system and the main specific technologies are explained in details and its detection performance is also verified by several actual examples.

DOI： 10.1007/978-3-319-72389-1_37

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper, we consider the robustness of a special type of secret sharing scheme known as visual cryptographic scheme in which the secret reconstruction is done visually without any mathematical computation unlike other secret sharing schemes. Initially, secret sharing schemes were considered with the presumption that the corrupted participants involved in a protocol behave in a passive manner and submit correct shares during the reconstruction of secret. However, that may not be the case in practical situations. A minimal robust requirement, when a fraction of participants behave maliciously and submit incorrect shares, is that, the set of all shares, some possibly corrupted, can recover the correct secret. Though the concept of robustness is well studied for secret sharing schemes, it is not at all common in the field of visual cryptography. We, for the first time in the literature of visual cryptography, formally define the concept of robustness and put forward (2, n)-threshold visual cryptographic schemes that are robust against deterministic cheating. In the robust secret sharing schemes it is assumed that the number of cheaters is always less than the threshold value so that the original secret is not recovered by the coalition of cheaters only. In the current paper, We consider three different scenarios with respect to the number of cheaters controlled by a centralized adversary. We first consider the existence of only one cheater in a (2, n)-threshold VCS so that the secret image is not recovered by the cheater. Next we consider two different cases, with number of cheaters being greater than 2, with honest majority and without honest majority.

DOI： 10.1007/978-3-319-53465_719

記述言語：その他   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

DRDoS (Distributed Reflection Denial of Service) attack is a kind of DoS (Denial of Service) attack, in which third-party servers are tricked into sending large amounts of data to the victims. That is, attackers use source address IP spoofing to hide their identity and cause third-parties to send data to the victims as identified by the source address field of the IP packet. This is called reflection because the servers of benign services are tricked into "reflecting" attack traffic to the victims. The most typical existing detection methods of such attacks are designed based on known attacks by protocol and are difficult to detect the unknown ones. According to our investigations, one protocol-independent detection method has been existing, which is based on the assumption that a strong linear relationship exists among the abnormal flows from the reflector to the victim. Moreover, the method is assumed that the all packets from reflectors are attack packets when attacked, which is clearly not reasonable. In this study, we found five features are effective for detecting DRDoS attacks, and we proposed a method to detect DRDoS attacks using these features and machine learning algorithms. Its detection performance is experimentally examined and the experimental result indicates that our proposal is of clearly better detection performance.

DOI： 10.1109/AsiaJCIS.2016.24

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The advent of cloud computing motivates business organizations to migrate their complex data management systems from local servers to cloud servers for scalable and durable resources on pay per use basis. Considering enormous users and large amount of documents at cloud servers, there is a requirement of an access control scheme, which supports fine-grained cum flexible access control along with 'Query-Response' mechanism to enable users to efficiently retrieve desired data from cloud servers. In addition, the scheme should support considerable flexibility to revoke system privileges from user, such as to restrict user from sharing or retrieving data or both, i.e., flexible system privilege revocation and most imperatively to preserve the identity of data owner and consumer, while sharing and retrieving data. Most of the access control schemes in cloud computing till date focus on restricting user from accessing data only. In this paper, we propose an identity preserving access control scheme to simultaneously realize the notion of scalability, fine-grained cum flexible access control, efficient data utilization, identity preserving and flexible system privilege revocation. We extend Ciphertext-Policy Attribute-Set-Based Encryption (CPASBE) in a hierarchical structure of users to achieve scalability. In addition, a hybridization of proxy re-encryption and CP-ASBE is introduced to materialize the concept of flexible system privilege revocation. Furthermore, we formally prove the security of our proposed scheme based on decisional bilinear Diffie-Hellman assumption. Efficacy of our scheme is depicted by performing comprehensive experiments.

DOI： 10.1109/AsiaJCIS.2016.23

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Cyber-attack incidents have become more and more frequent and serious. As a countermeasure against cyber-attacks, the technology of (IP address etc.) trace-back to the attackers is essential. Although many methods have been proposed for this purpose, the existing techniques suffer from the following problems. Only the specific attacks can be traced back. The tracing back is too time-consuming and correct traffic-path reconfiguration cannot be guaranteed. In this study, we propose a new method to discover attackers quickly and correctly. By using simulation data, its performance is demonstrated.

DOI： 10.1109/IMIS.2016.89

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

DNS (Domain Name System) amplification attack has become a popular form of the attacks of the Distributed Denial of Service (DDoS) in recent years. In DNS amplification attacks, the attackers utilize spoofed source IP addresses and open recursive DNS servers to perform the bandwidth consumption attacks. A lot of responses are generated and they are sent to the targets after the attackers send only a little of DNS requests. Various methods have been proposed for detecting the DNS amplification attacks. However, almost of them have to determine parameters in advance, which is not easy for many cases. In this study, we utilized the detection pattern and combination of three features to distinguish normal and attack. It can solve the problem that limitation of detection in the case of high-frequency and low-amplification attack.

DOI： 10.1109/IMIS.2016.88

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Cyberbullying is a underlying problem in social networking service, threatening users' mental and physical health. Previous research on automated cyberbullying detection is mostly textual or social based methods. Cyberbullying content is identified through a set of textual features within the content in the former method and through social information surrounding the content in the latter method. Those methods can not cater difierent cyberbullying standard for individual SNS user since each content is evaluated using same features. Therefore, in this article we propose a automated cyberbullying detection method that utilises the parent-child relationship between comments to capture the reaction from a third party to detect cyberbullying comments. We were able to improve the effectiveness of cyberbullyingdetection using only publicly available data.

DOI： 10.1145/3011141.3011182

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Cyberbullying is a underlying problem in social networking service, threatening users' mental and physical health. Previous research on automated cyberbullying detection is mostly textual or social based methods. Cyberbullying content is identified through a set of textual features within the content in the former method and through social information surrounding the content in the latter method. Those methods can not cater difierent cyberbullying standard for individual SNS user since each content is evaluated using same features. Therefore, in this article we propose a automated cyberbullying detection method that utilises the parent-child relationship between comments to capture the reaction from a third party to detect cyberbullying comments. We were able to improve the effectiveness of cyberbullyingdetection using only publicly available data.

DOI： 10.1145/3011141.3011182

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Searchable encryption allows us to perform a keyword search over encrypted data. However, we cannot efficiently perform some complex search (e.g., a wildcard search) with traditional searchable encryption schemes because they can deal with only equality matches. Our symmetric searchable encryption can deal with partial matches. This allows us to efficiently perform a wildcard search, partial match search, and so on. We also examine the feasibility of our scheme by experiments on a smartphone and tablet, and confirm our scheme can be used in these environments. Availability on portable devices will offer high convenience.

DOI： 10.1002/sec.876

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Searchable encryption allows us to perform a keyword search over encrypted data. However, we cannot efficiently perform some complex search (e.g., a wildcard search) with traditional searchable encryption schemes because they can deal with only equality matches. Our symmetric searchable encryption can deal with partial matches. This allows us to efficiently perform a wildcard search, partial match search, and so on. We also examine the feasibility of our scheme by experiments on a smartphone and tablet, and confirm our scheme can be used in these environments. Availability on portable devices will offer high convenience. Copyright © 2013 John Wiley &amp
Sons, Ltd.

DOI： 10.1002/sec.876

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recently, biometric authentication protocols are developed. Security of these protocols originates in compromising no privacy information by wiretapping, malicious access and etc. in the authentication processes. With regard to this, the authors pointed out the risk of excessive collection of privacy information caused by remaining data related to biometric authentication data such as logs and intermediate processing data on the authentication servers. As a requirement against this risk, the authors introduced receipt-freeness of biometric authentication protocols. In this research, the authors develop the above research by investigating so-called coercion-resistance which means resistance against coercing user into executing biometric authentication. This paper describes definition of coercion-resistance against wiretapping coercer, relevance to receipt-freeness, and analysis of coercion-resistance in two IC card based protocols. The results show one of the protocols satisfies receipt-freeness and coercion-resistance, although another one does not satisfy.

DOI： 10.1109/AINA.2016.97

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/WAINA.2016.215

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Multivariate Public Key Cryptosystems (MPKC) are a candidate of post-quantum cryptography. The MPKC signature scheme Rainbow is endowed of efficient signature generation and verification, while no major attack has been reported so far. In this paper, we propose a MPKC encryption scheme based on Rainbow. The public key of Rainbow is a surjective polynomial map, whereas the encryption scheme requires an injective polynomial map. We explain how to change the public key of Rainbow to an injective map.

DOI： 10.1007/978-3-319-29814-6_19

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The steganography that we suggested uses the data that ties strongly to the characteristics of the original image as watermark information without changing the original image. Although similarity with zero-watermarking is pointed out, the major difference is that our method does not need pre-processing for a feature extraction at decoding. Since the decoding can do at high speed, besides using as the original steganography, it is possible to apply it to similar image retrieving, similar image order sorting or template matching. For example, when applying it to medical images, a doctor is possible to pick some similar images from a medical image database and refers the treatments through the images with concealing the information of the patient. This time, we have investigated the identification accuracy of our method with respect to the template matching of similar image searching.

DOI： 10.1109/CANDAR.2015.68

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Efficient implementation of pairing-based cryptography requires construction of a pairing-friendly curve and its corresponding twisted curve. In this paper, we give a formula which determines the twisted curve. The formula are obtained by using technique in the algebraic number theory such as the complex multiplication theory. Applying the formula, we present an easy method for constructing pairing-friendly curves for BN-family. In fact, our method does not require the process of elliptic curve construction and finite field construction, but only requires searching an integer satisfying some conditions. Using our construction method, we implemented an optimal ate pairing for BN-family which is usable at various security levels, and investigated the time efficiency of the pairing computation for various security levels.

DOI： 10.1109/CANDAR.2015.28

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Multivariate Public Key Cryptosystems (MPKC) are a candidate of post-quantum cryptography. The MPKC signature scheme Rainbow is endowed of efficient signature generation and verification, while no major attack has been reported so far. In this paper, we propose a MPKC encryption scheme based on Rainbow. The public key of Rainbow is a surjective polynomial map, whereas the encryption scheme requires an injective polynomial map. We explain how to change the public key of Rainbow to an injective map.

DOI： 10.1007/978-3-319-29814-6_19

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Mobile cloud computing (MCC) is the state-of-the-art mobile distributed computing model that incorporates multitude of heterogeneous cloud-based resources to augment computational capabilities of the plethora of resource-constraint mobile devices. In MCC, execution time and energy consumption are significantly improved by transferring execution of resource-intensive tasks such as image processing, 3D rendering, and voice recognition from the hosting mobile to the cloud-based resources. However, accessing and exploiting remote cloud-based resources is associated with numerous security and privacy implications, including user authentication and authorization. User authentication in MCC is a critical requirement in securing cloud-based computations and communications. Despite its critical role, there is a gap for a comprehensive study of the authentication approaches in MCC which can provide a deep insight into the state-of-the-art research. This paper presents a comprehensive study of authentication methods in MCC to describe MCC authentication and compare it with that of cloud computing. The taxonomy of the state-of-the-art authentication methods is devised and the most credible efforts are critically reviewed. Moreover, we present a comparison of the state-of-the-art MCC authentication methods considering five evaluation metrics. The results suggest the need for futuristic authentication methods that are designed based on capabilities and limitations of MCC environment. Finally, the design factors deemed could lead to effective authentication mechanisms are presented, and open challenges are highlighted based on the weaknesses and strengths of existing authentication methods.

DOI： 10.1016/j.jnca.2015.10.005

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： https://doi.org/10.1016/j.jnca.2015.10.005

その他リンク： http://www.sciencedirect.com/science/article/pii/S1084804515002258

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Bitcoin [24] is a fully decentralized electronic cash system. The generation of the proof-of-work in Bitcoin requires large amount of computing resources. However, this huge amount of energy is wasted as one cannot make something useful out of it. In this paper, we propose a scheme called Retricoin which replaces the heavy computational proof-of-work of Bitcoin by proofs of retrievability that have practical benefits. To guarantee the availability of an important but large file, we distribute the segments of the file among the users in the Bitcoin network. Every user who wants to mine Bitcoins must store a considerable portion of this file and prove her storage to other peers in the network using proofs of retrievability. The file can be constructed at any point of time from the users storing their respective segments untampered. Retricoin is more efficient than the existing Permacoin scheme [23] in terms of storage overhead and network bandwidth required to broadcast the proof to the Bitcoin network. The verification time in our scheme is comparable to that of Permacoin and reasonable for all practical purposes. We also design an algorithm to let the miners in a group (or pool) mine collectively.

DOI： 10.1145/2833312.2833317

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

With the spread of the Internet, many mobile devices are used in our daily lives, such as tablets and mobile phones. Then, personal data are often saved on data servers of the storage providers such as Amazon, Google, Yahoo, Baidu and others. In this context, the secret sharing can be used to store personal data onto several providers, simultaneously reducing the risk of data loss, the data leakage to unauthorized parties, and data falsification. Secret sharing is one of the solutions to combine security and availability in the distributed storage. However, few works considered servers' affiliations, and specifically, the problem that a malicious provider may recover secret data illegally through manipulation on servers that hold enough shares to recover the secret. In this paper, to resolve the problem, we propose a two-threshold secret sharing scheme in order to enforce a new type of cross-group policy. By combining t-out-of-m providers' secret sharing scheme and a k-out-of-n servers' secret sharing scheme via an one-way function or an one-time pad, we construct a scheme that forces k shares to be collected from m groups. Compared with previous work, our scheme can attain the functionalities of proactively updating shares and adding new shares with simple computation.

DOI： 10.1145/2857546.2857610

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Since the recent security breach requires the intensification of security management, the documents, describing the best practice of security management, are published by experts. However, the implementations of all best practice are tough because of the cost and the difficulty of cost-effective security investment. This paper discusses the security management theory with cyber risk insurance, especially the effectiveness of cyber risk insurance by Monte Carlo simulation approach.

DOI： 10.1145/2857546.2857615

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper we provide a short quantitative analysis of Bit- coin Block Withholding (BWH) Attack. In this study, we investigate the incentive earned by a miner who either independently or at the diktat of a separate mining pool launches Block Withholding attack on a target mining pool. The victim pool shares its earned revenue with the rogue attacker. We investigate the property revenue function of the attacker and find parameters that could maximize the gain of the attacker. We then propose a new concept that we call “special reward”. This spe- cial rewarding scheme is aimed at discouraging the attackers by grant- ing additional incentive to a miner who actually finds a block. A BWH attacker who never submits a valid block to the pool will be deprived from this special reward and her gain will be less than her expectation. Depending upon the actual monetary value of the special reward a pool can significantly reduce the revenue of a BWH attacker and thus can even ward off the threat of an attack.

DOI： 10.1007/978-3-319-45871-7_11

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Bitcoin [24] is a fully decentralized electronic cash system. The generation of the proof-of-work in Bitcoin requires large amount of computing resources. However, this huge amount of energy is wasted as one cannot make something useful out of it. In this paper, we propose a scheme called Retricoin which replaces the heavy computational proof-of-work of Bitcoin by proofs of retrievability that have practical benefits. To guarantee the availability of an important but large file, we distribute the segments of the file among the users in the Bitcoin network. Every user who wants to mine Bitcoins must store a considerable portion of this file and prove her storage to other peers in the network using proofs of retrievability. The file can be constructed at any point of time from the users storing their respective segments untampered. Retricoin is more efficient than the existing Permacoin scheme [23] in terms of storage overhead and network bandwidth required to broadcast the proof to the Bitcoin network. The verification time in our scheme is comparable to that of Permacoin and reasonable for all practical purposes. We also design an algorithm to let the miners in a group (or pool) mine collectively.

DOI： 10.1145/2833312.2833317

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this work we propose a scheme that could be used as an alternative to the existing proof of work(PoW) scheme for mining in Bitcoin P2P network. Our scheme ensures that the miner must do at least a non-trivial amount of computation for solving the computational problem put forth in the paper and thus solving a PoW puzzle. Here, we have proposed to use the problem of finding the largest clique in a big graph as a replacement for the existing Bitcoin PoW scheme. In this paper, we have dealt with a graph having O(2³⁰) vertices and O(2⁴⁸) edges which is constructed deterministically using the set of transactions executed within a certain time slot. We have discussed some algorithms that can be used by any Bitcoin miner to solve the PoW puzzle. Then we discuss an algorithm that could perform this task by doing O(2⁸⁰) hash calculations. We have also proposed an improvement to this algorithm by which the PoW puzzle can be solved by calculating O(2^70.5) hashes and using O(2⁴⁸) space. This scheme is better than the existing proof of work schemes that use Hashcash, where a lucky miner could manage to find a solution to the proof of work puzzle by doing smaller amount of computation though it happens with very low probability. Bitcoin incentivizes the computing power of miners and hence, it is desirable that miners with more computing power always wins. Also, the Bitcoin PoW scheme only incentivizes computing power of miners but our PoW scheme incentivizes both computing power and memory of a miner. In our proposed scheme only the miner cannot randomly find a largest clique without knowing the clique number of the graph.

DOI： 10.1007/978-3-319-38898-4_16

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Reputation boards are popular tools because of their useful information of products for consumers. In this paper, we propose a rating scheme for the reputation boards. The feature of our rating scheme is that it enables users to rate not only products but also their providers expressively by using digital signatures with predications on ratees. First, we define a syntax of such an expressive rating scheme. Then, we provide a generic conversion of a cryptographic primitive called an attributebased signature scheme (ABS) into an expressive rating scheme. Using a boolean formula on attributes of ratees, signatures with predications on ratees are generated, which we call expressive ratings. Public linkability of ABS is effectively used to prohibit double ratings. Also, employing an ABS scheme of the Fiat-Shamir type, we construct a concrete efficient expressive rating scheme.

DOI： 10.1007/978-3-319-46298-1_24

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

As for common RF tag, the circuitry operator part is formed with the semiconductor. Then, when radiation, such as a gamma ray, is irradiated, a recoverable soft error and unrecoverable hard error will occur. Therefore, it cannot be used depending on the exposure dose of radiation. However, a radiation-proof ability can be raised by incorporating a shielding and an error correction. Then, RF tag which covered was irradiated with the gamma ray originating in Cesium 137 or Cobalt 60 grade, and the durability was evaluated. The application which uses this radiation-proof RF tag under radiation environment is proposed. They are management of the radioactive component generated from radioactive waste or a decommissioning process to improve the traceability, etc. Moreover, the evaluation result of RF tag used for management of the medical relationship instrument which performs gamma sterilization is described.

DOI： 10.1109/RFID-TA.2015.7379809

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper, we consider two very important issues namely detection and identification of k-out-of-n secret sharing schemes against rushing cheaters who are allowed to submit (possibly forged) shares after observing shares of the honest users in the reconstruction phase. Towards this, we present four different schemes. Among these, first we present two k-out-of-n secret sharing schemes, the first one being capable of detecting (k − 1)/3 cheaters such that |V_i| = |S|/∊³ and the second one being capable of detecting n − 1 cheaters such that |V_i| = |S|/∊^k+1, where S denotes the set of all possible secrets, ∊ denotes the successful cheating probability of cheaters and V_i denotes set all possible shares. Next we present two k-out-of-n secret sharing schemes, the first one being capable of identifying (k−1)/3 rushing cheaters with share size |V_i| that satisfies |V_i| = |S|/∊^k. This is the first scheme, whose size of shares does not grow linearly with n but only with k, where n is the number of participants. For the second one, in the setting of public cheater identification, we present an efficient optimal cheater resilient k-out-of-n secret sharing scheme against rushing cheaters having the share size |V_i| = (n−t)^n+2t|S|/∊^n+2t. The proposed scheme achieves flexibility in the sense that the security level (i.e., the cheater(s) success probability) is independent of the secret size. Each of the four proposed schemes has the smallest share size among the existing schemes having the mentioned properties in the respective models.

DOI： 10.1007/978-3-319-49175-2_1

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

With the spread of the Internet, many mobile devices are used in our daily lives, such as tablets and mobile phones. Then, personal data are often saved on data servers of the storage providers such as Amazon, Google, Yahoo, Baidu and others. In this context, the secret sharing can be used to store personal data onto several providers, simultaneously reducing the risk of data loss, the data leakage to unauthorized parties, and data falsification. Secret sharing is one of the solutions to combine security and availability in the distributed storage. However, few works considered servers' affiliations, and specifically, the problem that a malicious provider may recover secret data illegally through manipulation on servers that hold enough shares to recover the secret. In this paper, to resolve the problem, we propose a two-threshold secret sharing scheme in order to enforce a new type of cross-group policy. By combining t-out-of-m providers' secret sharing scheme and a k-out-of-n servers' secret sharing scheme via an one-way function or an one-time pad, we construct a scheme that forces k shares to be collected from m groups. Compared with previous work, our scheme can attain the functionalities of proactively updating shares and adding new shares with simple computation.

DOI： 10.1145/2857546.2857610

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We provide a symbolic model for multi-party computation based on linear secret-sharing scheme, and prove that this model is computationally sound: if there is an attack in the computational world, then there is an attack in the symbolic (abstract) model. Our original contribution is that we deal with the uniformity properties, which cannot be described using a single execution trace, while considering an unbounded number of sessions of the protocols in the presence of active and adaptive adversaries.

DOI： 10.1007/978-3-319-31550-8_7

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

To simultaneously achieve CCA security and homomorphic property for encryption, Emura et al. introduced a new cryptographic primitive named keyed-homomorphic encryption, in which homomorphic ciphertext manipulations can only be performed by someone holding a devoted evaluation key which, by itself, does not enable decryption. A keyed-homomorphic encryption scheme should provide CCA2 security when the evaluation key is unavailable to the adversary and remain CCA1-secure when the evaluation key is exposed. While existing keyedhomomorphic encryption schemes only allow simple computations on encrypted data, our goal is to construct CCA-secure keyed-fully homomorphic encryption (keyed-FHE) capable of evaluating any functions on encrypted data with an evaluation key. In this paper, we first introduce a new primitive called convertible identity-based fully homomorphic encryption (IBFHE), which is an IBFHE with an additional transformation functionality, and define its security notions. Then, we present a generic construction of CCA-secure keyed-FHE from IND-sID-CPA-secure convertible IBFHE and strongly EUF-CMA-secure signature. Finally, we propose a concrete construction of IND-sID-CPA-secure convertible IBFHE, resulting in the first CCAsecure keyed-FHE scheme in the standard model.

DOI： 10.1007/978-3-662-49384-7_4

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Attribute-based signature scheme (ABS) is a functional variant of digital signature scheme proposed in 2008 by Maji et al. The two basic requirements of ABS (and a hard task to achieve) is collusion resistance and attribute privacy. In this paper, we employ the two-tier signature (TTS) technique to achieve the collusion resistance. Here TTS was proposed in 2007 by Bellare et al., where a signer receives two tier secret keys sequentially. The secondary secret key is served as a onetime key at the timing of signing. First, we propose a definition of an attribute-based two-tier signature scheme (ABTTS). Then we provide ABTTS concretely that enjoys existential unforgeability against chosenmessage attacks, collusion resistance and attribute privacy, in the standard model. For the construction, enhancing the Camenisch-Lysyanskaya signature, we construct signature bundle schemes that are secure under the Strong RSA assumption and the Strong Diffie-Hellman assumption, respectively. These signature bundle schemes enable ABTTS to achieve attribute privacy. Then, using the signature bundle as a witness in the Σ-protocol of the boolean proof, we obtain attribute-based identification schemes (ABIDs). Finally, by applying the TTS technique to ABIDs, we achieve ABTTSs. A feature of our construction is that ABTTS in the RSA setting is pairing-free.

DOI： 10.1007/978-3-319-30840-1_3

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Partial decryption enables a ciphertext to be decrypted partially according to provided secret keys. In this paper, we propose a public key encryption scheme with the functionality of partial decryption. Our strategy is to use the NTRU cryptosystem. Under a design principle of the mathematical structure “group ring”, we extend the original NTRU into group ring NTRU (GR-NTRU). First, we propose a generic framework of our GR-NTRU. Our GR-NTRU allows partial decryption with a single encryption process using a single public key. Besides, when we execute partial decryption under a secret key of GR-NTRU, we need no information to identify each part in a whole ciphertext. Consequently, management of a public key and a corresponding set of secret keys is rather easier than the naive method. Next, we propose a concrete instantiation of our generic GR-NTRU. A multivariate polynomial ring NTRU scheme is obtained by employing a product of different cyclic groups as the basis of the group ring structure.We will show examples of those new variants of NTRU schemes with concrete parameter values, and explain how we can employ them to use the functionality of partial decryption.

DOI： 10.1007/978-3-319-31550-8_13

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The information technology (IT) has been applied widely in Indonesia Higher Education Institution for various services. Many organizations responsible for managing the IT infrastructure, however, rarely have a framework for assessing the security maturity level of their information management. The implementation of a framework is one of solutions, but has not been yet maximized. Therefore we suggest to combine several frameworks in hope that they can be complementary. The combination of different frameworks will be more effective to monitoring the security maturity level by using an assessment security maturity management. This assessment security maturity management is a combination of framework control objective from IT Governance COBIT® 4.1 (Control Objectives for Information and related Technology) with Management Service in ITIL v3 (Information Technology Infrastructure Library) and ISO/IEC 27001. Since assessment of security maturity management is measured using COBIT® 4.1 assessment framework, and before it was adjusted with the ISO 27001 framework applied maximal. This paper present the results of assessment maturity security management, mapping of combination framework providing an indicator of security maturity level at one of university in Jakarta. A case study conducted shows that combination of some frameworks to support assessment of security maturity management level becomes more effective and efficient.

DOI： 10.1007/978-981-10-0557-2_69

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Since the recent security breach requires the intensification of security management, the documents, describing the best practice of security management, are published by experts. However, the implementations of all best practice are tough because of the cost and the difficulty of cost-effective security investment. This paper discusses the security management theory with cyber risk insurance, especially the effectiveness of cyber risk insurance by Monte Carlo simulation approach.

DOI： 10.1145/2857546.2857615

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： DOI: http://dx.doi.org/10.1145/2857546.2857610

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1371/journal.pone.0145975

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

DOI： 10.1371/journal.pone.0142716

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

DOI： 10.1371/journal.pone.0142716

記述言語：英語   掲載種別：研究論文（学術雑誌）  

A public key trace and revoke scheme combines the functionality of broadcast encryption with the capability of traitor tracing. In Asiacrypt 2003, Kim, Hwang and Lee proposed a public key trace and revoke scheme (referred to as KHL scheme), and gave the security proof to support that their scheme is z-resilient against adaptive chosen-ciphertext attacks, in which the adversary is allowed to adaptively issue decryption queries as well as adaptively corrupt up to z users. In the passed ten years, KHL scheme has been believed as one of the most efficient public key trace and revoke schemes with z-resilience against adaptive chosen-ciphertext attacks under the well-studied DDH assumption. However, in this paper, by giving a concrete attack, we indicate that KHL scheme is actually not secure against adaptive chosen-ciphertexts, even without corruption of any user. We then identify the flaws in the security proof for KHL-scheme, and discuss the consequences of the attack.

DOI： 10.1016/j.tcs.2015.07.051

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Multivariate polynomials over finite fields have found applications in Public Key Cryptography (PKC) where the hardness to find solutions provides the "one-way function" indispensable to such cryptosystems. Several schemes for both encryption and signature have been proposed, many of which are using quadratic (degree 2) polynomials. Finding a solution to such systems in general is called MQ problem, which easiest "generic" instances are NP-hard. An important feature of this Multivariate Pubic Key Cryptography (MPKC) is the resistance to quantum computers: no faster quantum algorithm than classical ones to solve MQ problem is known. Besides being thereby a candidate for Post-Quantum Cryptography, signatures are much shorter than to other candidates. We have established an open public "MQ Challenge" (https://www.mqchallenge.org) to stimulate progress in the design of efficient algorithms to solve MQ problem, and thus test limit parameters guaranteeing security of MPKC.

DOI： 10.1145/2850449.2850462

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In the now-popular two-dimensional code, bits are expressed using white and two black colors in the cell, which forms the element. However, such codes do not have confidentiality. Since confidentiality may be needed according to the use, a large-capacity and high-density two-dimensional code with compatibility and confidentiality can be realized by adding a secrecy part in addition to the existing part. To enlarge capacity, it is necessary to form a cell using many bits, which requires a multicolor method. The read verification of the compatible area and the additional area was carried out using a smartphone, and the code was verified to confirm its practicality.

DOI： 10.1109/NTMS.2015.7266514

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Multivariate polynomials over finite fields have found applications in Public Key Cryptography (PKC) where the hardness to find solutions provides the "one-way function" indispensable to such cryptosystems. Several schemes for both encryption and signature have been proposed, many of which are using quadratic (degree 2) polynomials. Finding a solution to such systems in general is called MQ problem, which easiest "generic" instances are NP-hard. An important feature of this Multivariate Pubic Key Cryptography (MPKC) is the resistance to quantum computers: no faster quantum algorithm than classical ones to solve MQ problem is known. Besides being thereby a candidate for Post-Quantum Cryptography, signatures are much shorter than to other candidates. We have established an open public "MQ Challenge" (https://www.mqchallenge.org) to stimulate progress in the design of efficient algorithms to solve MQ problem, and thus test limit parameters guaranteeing security of MPKC.

DOI： 10.1145/2850449.2850462

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In the now-popular two-dimensional code, bits are expressed using white and two black colors in the cell, which forms the element. However, such codes do not have confidentiality. Since confidentiality may be needed according to the use, a large-capacity and high-density two-dimensional code with compatibility and confidentiality can be realized by adding a secrecy part in addition to the existing part. To enlarge capacity, it is necessary to form a cell using many bits, which requires a multicolor method. The read verification of the compatible area and the additional area was carried out using a smartphone, and the code was verified to confirm its practicality.

DOI： 10.1109/NTMS.2015.7266514

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Online games have become one of the most popular games in recent years. However, fraud such as real money trading and the use of game bot, has also increased accordingly. In order to maintain a balance in the virtual world, the operators of online games have taken a stern response to the players who conduct fraud. In this study, we have sorted out players' behaviors based on players' game playing time in order to support and find potentially illegal players in the MMORPG. In this paper, we added a topic model to the experiment and used k-means as a major tool to classify the players in the World of War craft Avatar History Dataset and find potentially illegal players.

DOI： 10.1109/AINA.2015.214

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In recent years, the smart phone application market has expanded rapidly. One of reasons is the popularity of free applications. A developer acquires his revenues by including advertising libraries in his own application. However, some problems about these advertising libraries become clear from recent researches. Especially in the leakage of privacy information is known as a typical problem which advertising libraries cause. In order to solve this problem, the technology which detects advertisement libraries is important. In this paper, we propose a method for detection of Android ad library. We focus on the acquisition and redraw of advertising image operation which are the basic operations of mobile advertisement. Firstly, we tried running some applications with advertisements. Then, It turned out that mobile advertisements acquire advertising images from server and set that image on the screen at a fixed interval. By modifying AndroidOS, logging HTTP connections and View object redraw behaviors, we confirmed the ad image acquisition behavior. Moreover, to take advantage of the periodicity of this behavior, we carried out Fourier-transform the invocation time data of HTTP connections and redraw of View objects. Then, we extracted the periodicity by calculating correlation coefficient for these two data. From the value of correlation coefficient, it is possible to judge whether advertisement library is incorporated into an application or not. As a result, our proposal method results in a output of about 76 % detection rate.

DOI： 10.1109/ICOIN.2015.7057865

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Proposed by Berbain, Gilbert, and Patarin in Euro crypt 2006, QUAD is a provably secure stream cipher. The speed of QUAD depends on the computational cost of evaluating quadratic polynomials over finite fields. For QUAD with m quadratic polynomials in n unknowns over GF (q), this requires O (mn2) GF (q) additions and multiplications. Petzoldt is able to reduce the evaluation cost to O (mn) GF (q) additions and multiplications by using linear recurring sequences to generate the coefficients. In this work, we parallelize and optimize his algorithm for running on Graphics Processing Unit (GPU). The result shows that our GPU implementation of the parallelized algorithm has achieved the best performance in the literature.

DOI： 10.1109/CANDAR.2014.85

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Proposed by Berbain, Gilbert, and Patarin in Euro crypt 2006, QUAD is a provably secure stream cipher. The speed of QUAD depends on the computational cost of evaluating quadratic polynomials over finite fields. For QUAD with m quadratic polynomials in n unknowns over GF (q), this requires O (mn2) GF (q) additions and multiplications. Petzoldt is able to reduce the evaluation cost to O (mn) GF (q) additions and multiplications by using linear recurring sequences to generate the coefficients. In this work, we parallelize and optimize his algorithm for running on Graphics Processing Unit (GPU). The result shows that our GPU implementation of the parallelized algorithm has achieved the best performance in the literature.

DOI： 10.1109/CANDAR.2014.85

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Security of Wireless Sensor Network (WSN) is a key issue in information security. Most existing security protocols exploit various Mathematical tools to strengthen their security. Some protocols use the details of the geographical location of the nodes. However, to the best authors’ knowledge, none of the existing works exploit the constraints faced by the adversary, specifically, tracing a particular frequency from a large range of unknown frequency channels. The current work uses positional details of the individual nodes. Then the aim is to exploit this weakness of tracing frequencies by assigning a wide range of frequency channels to each node. Experiments using Magneto Optic Sensors reveal that any change of the parametric Faraday’s rotational angle affects the frequency of the Optical waves. This idea can perhaps be generalized for practically deployable sensors (having respective parameters) along with a suitable key management scheme.

DOI： 10.1007/978-3-319-23802-9_15

記述言語：英語   掲載種別：研究論文（学術雑誌）  

This paper presents an anonymous authentication scheme for roaming service in global mobility networks, in which the foreign agent cannot obtain the identity information of the mobile user who is sending the roaming request. In addition, the home agent does not have to maintain any verification table for authenticating the mobile user. We give formal analyses to show that our proposed scheme satisfies the security requirements of user anonymity, mutual authentication, session-key security, and perfect forward secrecy. Besides, some possible attacks on the proposed scheme are discussed, such as the replay attack, the man-in-middle attack, the impersonation attack, and the insider attack.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Cloud services are useful but privacy concerns are the most important problems of them. In this paper, we focus cloud-based input method editors and introduce a privacy-aware framework of them. Input method editor (IME) is a kind of software to help us to input Japanese, Chinese, Korean, etc. It receives input words consists of alphabets and returns transformed words consists of Kanji in Japanese, etc. We assume to deploy this IME on a cloud server. In this case, input words received IME may include people's sensitive information e.g. credit card number. We employ a seachable encryption scheme and introduce a framework that people send encrypted inputs and IME computes transformed words without decrypting them.

DOI： 10.1109/ICCChina.2014.7008273

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/TrustCom.2014.141

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

A public key infrastructure (PKI) is for facilitating the authentication and distribution of public keys. Currently, the most commonly employed approach to PKI is to rely on certificate authorities (CAs), but recently there has been arising more need for decentralized peer-to-peer certification like Webs of Trust. In this paper, we propose an identity-embedding method suitable for decentralized PKI. By embed- ding not only ID of the candidate public-key owner itself but also IDs of his guarantors into PK, we can construct Web of guarantors on public keys. Here guarantors can be chosen arbitrarily by the candidate public- key owner. Our embedding method uses a combination of two public-key cryptosystems; the first cryptosystem is for PKI directly. Here we employ a technique to embed a string into a public key of the first cryptosystem. As such a string, we choose a concatenation of ID of a candidate public-key owner, IDs of his guarantors, and a public key of the second cryptosystem. This embedded public key of the second cryptosystem is used by the candidate public-key owner that he certainly knows the secret key that corresponds to the public key of the first cryptosystem. Then, with an aid of a broadcast mechanism of an updated public-key list on a peer-to-peer network, we can attain the decentralized PKI. Such an embedding method is concretely realized by the RSA encryption with the Lenstra’s algorithm, which can be used as the first cryptosystem. As the second cryptosystem, we employ an elliptic curve encryption whose security is equivalent to the security of the RSA encryption, where the former achieves shorter key size than the latter. We write down concrete values of parameters for a realization of the embedding.

DOI： 10.1007/978-3-319-27998-5_1

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Internet services make sharing digital contents faster and easier but raise an issue of illegal copying and distribution of those digital contents at the same time. A lot of public key encryption schemes solve this issue. However, the secret key is not completely protected i.e. these kinds of encryption methods do not prevent illegal copying and distribution of secret keys. In this paper, we propose a hybrid encryption scheme that employ terminal fingerprints. This scheme is a template to avoid such misuse of secret keys, and can be applied to, for example, attribute-based encryption schemes. There terminal fingerprint information is used to create a second encryption key and secret key. Since the terminal fingerprint is assumed to be unchangeable and unknowable, we ensure that our secret keys are valid in the terminal where such secret keys were created.

DOI： 10.1007/978-3-319-24315-3_26

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The security of multivariate public-key cryptography is largely determined by the complexity of solving multivariate quadratic equations over finite fields, a.k.a. the MQ problem. XL (eXtended Linearization) is an efficient algorithm for solving the MQ problem, so its running time is an important indicator for the complexity of solving the MQ problem. In this work, we implement XL on graphics processing unit (GPU) and evaluate its solving time for theMQ problem over several small finite fields, namely, GF(2), GF(3), GF(5), and GF(7). Our implementations can solve MQ instances of 74 equations in 37 unknowns over GF(2) in 36,972 s, 48 equations in 24 unknowns over GF(3) in 933 s, 42 equations in 21 unknowns over GF(5) in 347 s, as well as 42 equations in 21 unknowns over GF(7) in 387 s. Moreover, we can also solve the MQ instance of 48 equations in 24 unknowns over GF(7) in 34,882 s, whose complexity is about O(2⁶⁷) with exhaustive search.

DOI： 10.1007/978-81-322-2452-5_24

記述言語：英語   掲載種別：研究論文（学術雑誌）  

A public key trace and revoke scheme combines the functionality of broadcast encryption with the capability of traitor tracing. In Asiacrypt 2003, Kim, Hwang and Lee proposed a public key trace and revoke scheme (referred to as KHL scheme), and gave the security proof to support that their scheme is z-resilient against adaptive chosen-ciphertext attacks, in which the adversary is allowed to adaptively issue decryption queries as well as adaptively corrupt up to z users. In the passed ten years, KHL scheme has been believed as one of the most efficient public key trace and revoke schemes with z-resilience against adaptive chosen-ciphertext attacks under the well-studied DDH assumption. However, in this paper, by giving a concrete attack, we indicate that KHL scheme is actually not secure against adaptive chosen-ciphertexts, even without corruption of any user. We then identify the flaws in the security proof for KHL-scheme, and discuss the consequences of the attack.

DOI： 10.1016/j.tcs.2015.07.051

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Distributed attacks have reportedly caused the most serious losses in the modern cyber environment. Thus, how to avoid and detect distributed attacks has become one of the most important topics in the cyber security community. Of many approaches for avoiding and detecting cyber-attacks, behavior based method has been attracting great attentions from many researchers and developers. It is well known that, for behavior based cyber-attack detections, the algorithm for extracting normal modes from historic traffic is critically important. In this paper, after the newest algorithms for extracting normal behavior mode from historic traffics are discussed, a novel algorithm is proposed. Its efficiency is examined by experiments using darknet traffic data.

DOI： 10.1109/AsiaJCIS.2015.22

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Importance of digital forensics is expected to increase in the future. Many of researches on digital forensics are targeted to persistent memory. These researches concerns about the extraction of evidence directly or via filesystem. On the other hand, there is a movement to employ the Web browser supports HTML5 as software platform. In this situation, it is considered that the forensics techniques for extracting evidences from HTML5 browser is important. In this paper, we experimented to retrieve the artifacts left by Web- Storage feature for the Web browser for personal computer from the file system. In addition, we implemented a tool that constructs and visualizes the evidence from the artifacts.

DOI： 10.1007/978-3-319-15087-1_7

記述言語：英語   掲載種別：研究論文（学術雑誌）  

This paper introduces a new public-key primitive called designated plaintext checkable encryption (DPCE) in which given a ciphertext, a delegated checker can determine whether the ciphertext decrypts under the same public key to a plaintext chosen by himself. Motivated by various applications, two types of DPCE (of Type-I and II) are defined, depending upon whether the user delegates the plaintext checking right at his will to a delegated checker (Type-I) or the user is required to provide this plaintext checking right to a designated checker (Type-II). We propose several generic random-oracle and standard model constructions for DPCE of both the types based on arbitrary probabilistic or deterministic encryption schemes.

DOI： 10.3934/amc.2015.9.37

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this study, the RF (Radio Frequency) tag with radiation shield is developed and its gamma ray durability is evaluated. RFID (RF Identification) is a radio-wave-based identification technology that can be used for various items. RF tags find use in many applications, including item tracing, access control, etc. RF tags can be classified as active RF tags, which have inbuilt voltaic cells, and passive RF tags without these cells. Passive RF tags, known for their low price and durability, are used in various fields. For instance, they are used for equipment maintenance in factories and thermal power plants. Several frequencies are used for RF tags. Further, RF tagging on the UHF (Ultra High Frequency) frequencies allows a communication range of approximately 10 m, and thus, remote reading is possible. When used in radiation environments such as in nuclear power plants, remote reading can contribute to the reduction of radiation exposure. However, because semiconductors are the primary elements used in the manufacture of RF tags, they can be damaged by radiation, and operational errors can occur. Therefore, this technology has not been used in environments affected by relatively high radiation levels. Therefore, in nuclear power plants, the use of RF tags is limited in areas of low radiation levels. In our study, we develop and manufacture a new RF tag with a radiation shield cover that provides error correction functionality. It is expected that radiation shielded RF tags will improve the radiation-proof feature, and its application range will be expanded. Using the radiation-proof RF tag, we have conducted radiation durability tests. These tests are of two types: one using low energy gamma ray, and the other using high-energy gamma ray. Experimental results are then analyzed. The number of applications for radiation shielded RF tags is considerably increasing, because it can be used in various radiation environments other than nuclear power plants as well, such as spent nuclear fuel storage facilities, decommissioning sites of nuclear power plants, and for decontamination operations management around Fukushima area.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We evaluated the resistance of image compression for the zero-watermarking-type steganography which proposed by us in 2005. As a result, even if we compressed to 1/100 of an original image, it still can extract its watermark information with an accuracy of 99% or more. We also proposed a new type of sparse filtering for low-frequency spatial extraction, and confirmed its performance by computational experiments. Finally, we mentioned a study on the relevance of the proposed filter and biological visual systems.

DOI： 10.1007/978-3-319-19321-2_47

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Data is connected to the internet with a sensor for understanding the property of the thing for which a two-dimensional code was used. Two-dimensional codes can play the role of connecting cyberspace to physical space, and can play a significant role in the so-called Internet of Things. Moreover, the advancement of machine vision is progressing with machine-to-machine communication. On the other hand, there is also private information, such as personal information, that should not be known by others. Current two-dimensional codes have become ubiquitous and express the cell using two colors: white and black. The cell expresses white or black in one bit, and there is no confidentiality available. In response to this, we propose an addition to the existing part that can be read with conventional equipment. We propose a 'secrecy part' that cannot be read without a decryption key. Further, we propose a method for rendering these two-dimensional codes compatible with black-and-white codes. In order to generate the secrecy part, it is necessary to transform a cell into several bits. A multicolor method and a multiple-region method are used to transform the code into several bits. An evaluation of the multi-valued cells in the two-dimensional codes here proposed, with a read verification and compatibility along with the added secrecy part, was carried out using a smartphone with successful results.

DOI： 10.1109/SOCA.2014.17

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recently, cancelable biometrics, zero-bio, PKI with biometrics, and some related methods have been proposed as remote biometrics. These proposals are discussed in the viewpoint of not forensics but privacy protection. When forensic techniques are abused on the remote biometric authentication systems by third person, he/she can collect information of authentication process, such as stored templates, intermediate calculated data and etc. This situation causes novel privacy issues about excessive collection of information. Therefore, we define "receipt-freeness" of biometric authentication protocol, from the viewpoint of anti-forensics. As a first step for considering requirements for "receipt-freeness" remote biometric protocols, some related works are analyzed about characteristic of "receipt-freeness." As a result, we show the all protocols do not satisfy "receipt-freeness" except a few situations since the servers of these protocols remain some evidence such as transformed biometric data.

DOI： 10.1109/EST.2014.22

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Data is connected to the internet with a sensor for understanding the property of the thing for which a two-dimensional code was used. Two-dimensional codes can play the role of connecting cyberspace to physical space, and can play a significant role in the so-called Internet of Things. Moreover, the advancement of machine vision is progressing with machine-to-machine communication. On the other hand, there is also private information, such as personal information, that should not be known by others. Current two-dimensional codes have become ubiquitous and express the cell using two colors: white and black. The cell expresses white or black in one bit, and there is no confidentiality available. In response to this, we propose an addition to the existing part that can be read with conventional equipment. We propose a 'secrecy part' that cannot be read without a decryption key. Further, we propose a method for rendering these two-dimensional codes compatible with black-and-white codes. In order to generate the secrecy part, it is necessary to transform a cell into several bits. A multicolor method and a multiple-region method are used to transform the code into several bits. An evaluation of the multi-valued cells in the two-dimensional codes here proposed, with a read verification and compatibility along with the added secrecy part, was carried out using a smartphone with successful results.

DOI： 10.1109/SOCA.2014.17

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We propose a new steganographic method which is similar to zero-watermarking. In general, digital steganography and digital watermarking, which both embed secret information in host data, have different intended uses. Digital steganography carries embedded secret information through public networks, and the host data serves only as camouflage. Digital watermarking is used to protect host data by embedding secret information. However, the concept of zero-watermarking was proposed in 2001. It does not embed secret information in host data and a result obtained by the interaction of secret information and host data is registered into a certificate authority for protecting the of host data. Our method is also intended to be included in the concept of zero-watermarking broadly. In this paper, we will clarify the difference of zerowatermarking and our method, evaluate the noise immunity of our method, and discuss with various application possibilities.

DOI： 10.1109/IIH-MSP.2014.121

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Oblivious RAM (ORAM) schemes, the concept introduced by Goldreich and Ostrovsky, are very useful technique for protecting users' privacy when storing data in remote untrusted servers and running software on untrusted systems. However they are usually considered impractical due to their huge overhead. In order to reduce overhead, many improvements have been presented. Thanks to these improvements, ORAM schemes can be considered practical on cloud environment where users can expect huge storage and high computational power. Especially for private information retrieval (PIR), some literatures demonstrated they are usable. Also dedicated PIRs have been proposed and shown that they are usable in practice. Yet, they are still impractical for protecting software running on untrusted systems. We first survey recent researches on ORAM and PIR. Then, we present a practical software-based memory protection scheme applicable to several environments. The main feature of our scheme is that it records the history of accesses and uses the history to hide the access pattern. We also address implementing issues of ORAM and propose practical solutions for these issues.

DOI： 10.1587/transinf.2013THP0007

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Oblivious RAM (ORAM) schemes, the concept introduced by Goldreich and Ostrovsky, are very useful technique for protecting users' privacy when storing data in remote untrusted servers and running software on untrusted systems. However they are usually considered impractical due to their huge overhead. In order to reduce overhead, many improvements have been presented. Thanks to these improvements, ORAM schemes can be considered practical on cloud environment where users can expect huge storage and high computational power. Especially for private information retrieval (PIR), some literatures demonstrated they are usable. Also dedicated PIRs have been proposed and shown that they are usable in practice. Yet, they are still impractical for protecting software running on untrusted systems. We first survey recent researches on ORAM and PIR. Then, we present a practical software-based memory protection scheme applicable to several environments. The main feature of our scheme is that it records the history of accesses and uses the history to hide the access pattern. We also address implementing issues of ORAM and propose practical solutions for these issues.

DOI： 10.1587/transinf.2013THP0007

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Multivariate Public Key Cryptosystems (MPKC) is one of candidates for post-quantum cryptography. Rainbow is an MPKC digital signature scheme, with relatively efficient encryption and decryption processes. However, the size of the secret key of Rainbow is substantially larger than that of an RSA cryptosystem for the same security level. By using sparse secret keys, the size of the secret key of Rainbow can be reduced. In addition, a method using sparse secret keys can accelerate the signature generation of Rainbow. Matrix-based Rainbow and NT-Rainbow, which we previously proposed, are variants of Rainbow using sparse secret keys. These two variants of Rainbow reduce the size of the secret key of Rainbow, and improve the efficiency of the signature generation of Rainbow. In this paper, we combine these two variants of Rainbow. As a consequence, the combined scheme realizes even smaller size of the secret key and even more efficient signature generation than those of the two variants of Rainbow. In particular, in comparison with the original Rainbow, the secret key is reduced in size by about 76% and the signature generation is sped up by about 55% at the security level of 100 bits.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Document clustering is a practical and powerful data mining technique to analyze large amount of documents and large sets of text or hypertext documents. However, it also brings the problem of sensitive information leaking in disregard of privacy, especially when it is executed in distributed environment. In this paper, we propose a cryptography-based framework to realize privacy-preserving document clustering among the users under the distributed environment; there are two parties, each having his private document database, want to collaboratively execute agglomerative document clustering without disclosing their private contents. We provide two implementations of such a framework, one is with more precision and stronger security but requires more computational resources. The other is a simplified version with less computational complexity and achieves higher processing speed. Additionally, we provide the security proofs and experimental analysis of precision and scalability of our proposal. Copyright (c) 2013 John Wiley & Sons, Ltd.

DOI： 10.1002/sec.811

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The frequency and the extent of damages caused by network attacks have been actually increasing greatly in recent years, although many approaches to avoiding and detecting attacks have been proposed in the community of network security. Thus, how to fast detect actual or potential attacks has become an urgent issue. Among the detection strategies, behavior-based ones, which use normal access patterns learned from reference data (e.g., History traffic) to detect new attacks, have attracted attention from many researchers. In each of all such strategies, a learning algorithm is necessary and plays a key role. Obviously, whether the learning algorithm can extract the normal behavior modes properly or not directly influence the detection result. However, some parameters have to determine in advance in the existing learning algorithms, which is not easy, even not feasible, in many actual applications. For example, even in the newest learning algorithm, which called FHST learning algorithm in this study, two parameters are used and they are difficult to be determined in advance. In this study, we propose a parameter less learning algorithm for the first time, in which no parameters are used. The efficiency of our proposal is verified by experiment. Although the proposed learning algorithm in this study is designed for detecting port scans, it is obviously able to be used to other behavior-based detections.

DOI： 10.1109/AsiaJCIS.2014.29

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. Rainbow is a digital signature scheme in MPKC, whose signature generation and verification are relatively efficient. However, the security of MPKC depends on the difficulty in solving a system of multivariate polynomials, and the key length of MPKC becomes substantially large compared with that of RSA cryptosystems for the same level of security. The size of the secret and public keys in MPKC has been reduced in previous research. The NC-Rainbow is a signature scheme in MPKC, which was proposed in order to reduce the size of secret key of Rainbow. So far, several attacks against NC-Rainbow have been proposed. In this paper, we summarize attacks against NC-Rainbow, containing attacks against the original Rainbow, and analyze the total security of NC-Rainbow. Based on the cryptanalysis, we estimate the security parameter of NC-Rainbow at the several security level.

DOI： 10.1587/transfun.E97.A.245

記述言語：英語   掲載種別：研究論文（学術雑誌）  

KCipher-2 is a word-oriented stream cipher and an ISOJEC 18033 standard. It is listed as a CRYPTREC cryptographic algorithm for Japanese governmental use. It consists of two feedback shift registers and a non-linear function. The size of each register in KCipher-2 is 32 bits and the non-linear function mainly applies 32-bit operations. Therefore, it can be efficiently implemented as software. SNOW-family stream ciphers are also word-oriented stream ciphers, and their high performance has already been demonstrated. We propose optimised implementations of KCipher-2 and compare their performance to that of the SNOW-family and other eSTREAM portfolios. The fastest algorithm is SNOW 2.0 and KCipher-2 is the second fastest despite the complicated irregular clocking mechanism. However, KCipher-2 is the fastest of the feasible algorithms, as SNOW 2.0 has been shown to have a security flaw. We also optimise the hardware implementation for the Virtex-5 field-programmable gate array (FPGA) and show two implementations. The first implementation is a rather straightforward optimisation and achieves 16,153 Mbps with 732 slices. In the second implementation, we duplicate the non-linear function using the structural advantage of KCipher-2 and we achieve 17,354 Mbps with 813 slices. Our implementation of KCipher-2 is around three times faster than those of the SNOW-family and efficiency, which is evaluated by "Throughput/Area (Mbps/slice)", is 3.6-times better than that of SNOW 2.0 and 8.5-times better than that of SNOW 3G. These syntheses are performed using Xilinx ISE version 12.4.

DOI： 10.1587/transinf.E97.D.43

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Identification schemes are a common one-way authentication technique for a user to prove himself securely to a verifier. However, it is known that identification schemes based on the sigma-protocol are basically insecure against reset attacks. On the other-hand, attribute-based cryptography is a technique which allows for the secure implementation of access policies within a cryptosystem. In this paper, we report on the developments in the area of reset attacks for identification schemes as well as for attribute-based identification schemes. Then we put together a new idea to construct attribute-based identification schemes secure against reset attacks.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. Rainbow is a digital signature scheme in MPKC, whose signature generation and verification are relatively efficient. However, the security of MPKC depends on the difficulty in solving a system of multivariate polynomials, and the key length of MPKC becomes substantially large compared with that of RSA cryptosystems for the same level of security. The size of the secret and public keys in MPKC has been reduced in previous research. The NC-Rainbow is a signature scheme in MPKC, which was proposed in order to reduce the size of secret key of Rainbow. So far, several attacks against NC-Rainbow have been proposed. In this paper, we summarize attacks against NC-Rainbow, containing attacks against the original Rainbow, and analyze the total security of NC-Rainbow. Based on the cryptanalysis, we estimate the security parameter of NC-Rainbow at the several security level. Copyright c

DOI： 10.1587/transfun.E97.A.245

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

HMQV is one of the most efficient (provably secure) authenticated key-exchange protocols based on public-key cryptography, and is widely standardized. In spite of its seemingly conceptual simplicity, the HMQV protocol was actually very delicately designed. The provable security of HMQV is conducted in the Canetti-Krawczyk framework (CK-framework, in short), which is quite complicated and lengthy with many subtleties actually buried there. However, lacking a full recognition of the precise yet subtle interplay between HMQV protocol structure and provable security can cause misunderstanding of the HMQV design, and can cause potential flawed design and analysis of HMQV protocol variants. In this work, we explicitly make clear the interplay between HMQV protocol structure and provable security, showing the delicate design of HMQV. We then re-examine the security model and analysis of a recently proposed HMQV protocol variant, specifically, the FHMQV protocol proposed by Sarr et al. in [25]. We clarify the relationship between the traditional CK-framework and the CK-FHMQV security model proposed for FHMQV, and show that CK-HMQV and CK-FHMQV are incomparable. Finally, we make a careful investigation of the CDH-based analysis of FHMQV in the CK-FHMQV model, which was considered to be one of the salient advantages of FHMQV. We identify that the CDH-based security analysis of FHMQV is actually flawed. The flaws identified in the security proof of FHMQV just stem from lacking a full realization of the precise yet subtle interplay, as clarified in this work, between HMQV protocol structure and provable security.

DOI： 10.1007/978-3-319-12087-4_16

記述言語：英語   掲載種別：研究論文（学術雑誌）  

KCipher-2 is a word-oriented stream cipher and an ISO/IEC 18033 standard. It is listed as a CRYPTREC cryptographic algorithm for Japanese governmental use. It consists of two feedback shift registers and a non-linear function. The size of each register in KCipher-2 is 32 bits and the non-linear function mainly applies 32-bit operations. Therefore, it can be efficiently implemented as software. SNOW-family stream ciphers are also word-oriented stream ciphers, and their high performance has already been demonstrated. We propose optimised implementations of KCipher-2 and compare their performance to that of the SNOW-family and other eSTREAM portfolios. The fastest algorithm is SNOW 2.0 and KCipher-2 is the second fastest despite the complicated irregular clocking mechanism. However, KCipher-2 is the fastest of the feasible algorithms, as SNOW 2.0 has been shown to have a security flaw. We also optimise the hardware implementation for the Virtex-5 field-programmable gate array (FPGA) and show two implementations. The first implementation is a rather straightforward optimisation and achieves 16,153 Mbps with 732 slices. In the second implementation, we duplicate the non-linear function using the structural advantage of KCipher-2 and we achieve 17,354 Mbps with 813 slices. Our implementation of KCipher-2 is around three times faster than those of the SNOW-family and efficiency, which is evaluated by "Throughput/Area (Mbps/slice)", is 3.6-times better than that of SNOW2.0 and 8.5-times better than that of SNOW3G. These syntheses are performed using Xilinx ISE version 12.4.

DOI： 10.1587/transinf.E97.D.43

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Multivariate Public Key Cryptosystems (MPKC) is one of candidates for post-quantum cryptography. Rainbow is an MPKC digital signature scheme, with relatively efficient encryption and decryption processes. However, the size of MPKC key is substantially larger than that of an RSA cryptosystem for the same security level. In this paper, we propose a variant of Rainbow that has a smaller secret key. The smaller secret key is to the result of a different description of the quadratic polynomials appearing in the secret key from that of the original Rainbow. In addition, our scheme improves the efficiency of the Rainbow's signature generation. In particular, the secret key is reduced in size by about 40% and the signature generation is sped up by about 30% at the security level of 100 bits.

DOI： 10.1007/978-3-642-55032-4_55

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We propose the first practical attribute-based signature (ABS) scheme with attribute privacy without pairings in the random oracle model. Our strategy is in the Fiat-Shamir paradigm; we first provide a generic construction of a boolean proof system of Σ-protocol type. Our boolean proof system is a generalization of the well-known OR-proof system; that is, it can treat any boolean formula instead of a single OR-gate. Then, by combining our boolean proof system with a credential bundle scheme of the Fiat-Shamir signature, we obtain a generic attribute-based identification (ABID) scheme of proof of knowledge. Finally, we apply the Fiat-Shamir transform to our ABID scheme to obtain a generic ABS scheme which possesses attribute privacy and can be proved to be secure in the random oracle model. Our ABS scheme can be constructed without pairings.

DOI： 10.1145/2600694.2600696

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Recently, several ownership protection schemes which combine encryption and secret sharing technology have been proposed. To reveal the original message, however, they exploited XOR operation which is similar to a one-time pad. It is fairly losing the reconstruction simplicity due to the human visual system (HVS). It should be noted that it is completely different from the original concept of visual cryptography proposed by Naor and Shamir. To decrypt the secret message, Naor and Shamir's concept stacked k transparencies together. The operation solely does a visual OR of the shares rather than XOR, the way HVS does. In this paper, we, consequently, adopt Naor and Shamir's concept to apply correct theory of visual cryptography. Furthermore, audio copyright protection schemes which exploit chaotic modulation or watermark integration into frequency components have been widely proposed. Nevertheless, security issue against intentional distortions has not been addressed yet. In this paper, we aim to construct a resilient audio ownership protection scheme to enhance the security by integrating the discrete wavelet transform and discrete cosine transform, visual cryptography, and digital timestamps. In the proposed scheme, the watermark does not require to be embedded within the original audio but is used to generate a secret image and a public image. The watermark is then acquired by performing OR between the secret and public image. We can alleviate the trade-off expenses between the capacity of data payload and two other important properties such as imperceptibility and robustness without modifying the original audio signals. The experiments against a variety of audio signals processing provided by StirMark confirm superior robustness of the proposed scheme. We also demonstrate the intentional distortion by modifying the original content via experiments, it reveals comparable reliability. The proposed scheme can be widely applied to the area of audio ownership protection.

DOI： 10.1186/1687-417X-2014-2

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Web browser is a growing platform for the execution of various applications. There are large fractions of smartphone platforms that support the execution of web technology based application, especially one such as HTML 5. However there are also some emerging smartphone platforms that only support web technology based applications. Taking into the considerations of these situations may lead to a higher importance of forensic investigations on artifacts within the web browser bringing about the usefulness of the HTML5 specific attributes as evidences in mobile forensics. Through this paper, we explore the results of experiments that acquire the main memory image within terminal and extract the webStorage data as an evidence of the browsing activity. The memory forensics of web browsing activity is highly concerned. The evidences gathered from the HTML5 web Storage contents acquired from the main memory image are examined and the results of the observations indicate the ability to retrieve web Storage from the memory image is certain. Therefore, we proclaimed formats of evidences that are retrievable from the main memory. The formats were different depending on the type of web browser accessed. Three most utilized web browsers are experimented in this paper namely, Google Chrome, Mozilla Firefox and Microsoft Internet Explorer. The results showed that the acquisition of web Storage content on the browsers were possible and elucidated its formats. Values of web Storage is contained in the residuals that left by all of three web browsers. Therefore, if the investigator has the knowledge of values, he will be able to find the location of the evidence to hint values. If the investigator does not have the knowledge about the value, then he can explore the evidence based on the knowledge of the origin or key. Because the format of the evidence depends on Web browser, investigator must use different search techniques according to the Web browser.

DOI： 10.1109/AsiaJCIS.2014.30

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In the digital world, so many copyrighted works are made in an illegal way because it is easy to keep and copy. Digital Rights Management has proposed to prevent this theft. Contents providers often bring in one server who has charge of managing the normal user, but there are some problems that it flocks to the server. Against this problem, P2P based DRM system has considered. All users can transfer the encrypted content to other users, so the content server does not have to load so much traffic from users. As a problem with this method, it is hard to figure out usage situation of contents because P2P based system is divided into many pieces of users. In this paper, we propose a new P2P based DRM system using Bitcoin protocol, which is one of the electric commerce. Bitcoin protocol, timestamp server saves all transactions to prevent double spending. We can bring out all usage situations to apply this system.

DOI： 10.1145/2557977.2558034

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Evaluating non-linear multivariate polynomial systems over finite fields is an important subroutine, e.g., for encryption and signature verification in multivariate public-key cryptography. The security of multivariate cryptography definitely becomes lower if a larger field is used instead of GF(2) given the same number of bits in the key. However, we still would like to use larger fields because multivariate cryptography tends to run faster at the same level of security if a larger field is used. In this paper, we compare the efficiency of several techniques for evaluating multivariate polynomial systems over GF(2³²) via their implementations on graphics processing units.

DOI： 10.1007/978-3-642-55032-4_62

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Conditional proxy re-encryption (CPRE) enables delegation of decryption rights, and is useful in many applications. In this paper, we present a ciphertext-policy attribute based CPRE scheme, together with a formalization of the primitive and its security proof. We further propose applying the scheme for fine-grained encryption of cloud data. This application well implements the idea of cloud-enabled user revocation, offering an alternative yet more feasible solution to the user revocation issue when using attribute based encryption over cloud data. Features of the application include little cost in case of user revocation, and high user-side efficiency when users access cloud data.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We consider the problems of access control and encrypted keyword search for cryptographic cloud storage in such a way that they can be implemented for a multiple users setting. Our fine-grained access control aware multi-user secure keyword search approach interdependently harmonizes these two security notions, access control and encrypted keyword search. Owing to the shrinkage of the cloud server's search space to the user's decryptable subset, the proposed scheme both decreases information leakage and is shown to be efficient by the results of our contrastive performance simulation.

DOI： 10.1587/transinf.E97.D.1790

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Document clustering is a practical and powerful data mining technique to analyze large amount of documents and large sets of text or hypertext documents. However, it also brings the problem of sensitive information leaking in disregard of privacy, especially when it is executed in distributed environment. In this paper, we propose a cryptography-based framework to realize privacy-preserving document clustering among the users under the distributed environment; there are two parties, each having his private document database, want to collaboratively execute agglomerative document clustering without disclosing their private contents. We provide two implementations of such a framework, one is with more precision and stronger security but requires more computational resources. The other is a simplified version with less computational complexity and achieves higher processing speed. Additionally, we provide the security proofs and experimental analysis of precision and scalability of our proposal.

DOI： 10.1002/sec.811

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper, we consider the problem of (t, δ) robust secret sharing secure against rushing adversary. We design a simple t-out-ofn secret sharing scheme, which can reconstruct the secret in presence of t cheating participants except with probability at most δ, provided t < n/2. The later condition on cheater resilience is optimal for the case of public reconstruction of the secret, on which we focus in this work. Our construction improves the share size of Cevallos et al. (EUROCRYPT-2012) robust secret sharing scheme by applying the “authentication tag compression” technique devised by Carpentieri in 1995. Our improvement is by a constant factor that does not contradict the asymptotic near-optimality of the former scheme. To the best of our knowledge, the proposed scheme has the smallest share size, among other efficient rushing (t, δ) robust secret sharing schemes with optimal cheater resilience.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The reduction of size of ensemble classifiers is important for various security applications. The majority of known pruning algorithms belong to the following three categories: ranking based, clustering based, and optimization based methods. The present paper introduces and investigates a new pruning technique. It is called a Three-Level Pruning Technique, TLPT, because it simultaneously combines all three approaches in three levels of the process. This paper investigates the TLPT method combining the state-of-the-art ranking of the Ensemble Pruning via Individual Contribution ordering, EPIC, the clustering of the K-Means Pruning, KMP, and the optimisation method of Directed Hill Climbing Ensemble Pruning, DHCEP, for a phishing dataset. Our new experiments presented in this paper show that the TLPT is competitive in comparison to EPIC, KMP and DHCEP, and can achieve better outcomes. These experimental results demonstrate the effectiveness of the TLPT technique in this example of information security application.

DOI： 10.1007/978-3-662-45670-5

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Current mainstream encryption based on computational security is sufficiently safe. However, if the computing power of an adversary increases, current encryption methods may no longer be safe. In this study, we focus on PSMT (Perfectly Secure Message Transmission) which is based on information theoretic security which could establish a security level stronger than computational security. We evaluated the performance of information theoretic secure Multi-channel Transmission on wireless sensor networks.

DOI： 10.1109/BWCCA.2013.99

記述言語：英語  

記述言語：英語  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. MPKC has an advantage in that its encryption and decryption are relatively efficient. In this paper, we propose a multivariate signature scheme using quadratic forms. For a finite dimensional vector space V, it is known that there are exactly two equivalence classes of non-degenerate quadratic forms over V. We utilize the method to transform any non-degenerate quadratic form into the normal form of either of the two equivalence classes in order to construct a new signature scheme in MPKC. The signature generation of our scheme is between eight and nine times more efficient more than the multivariate signature scheme Rainbow at the level of 88-bit security. We show that the public keys of our scheme can not be represented by the public keys of other MPKC signature schemes and this means our scheme is immune to many attacks that depend on the form of the central map used by these schemes.

DOI： 10.1007/978-3-642-38616-9_17

記述言語：英語  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We examine the problem of reliable workflow scheduling with less resource redundancy. As scheduling workflow applications in heterogeneous systems, either for optimizing the reliability or for minimizing the makespan, are NP-Complete problems, we alternatively find schedules for meeting specific reliability and deadline requirements. First, we analyze the reliability of a given schedule using two important definitions: Accumulated Processor Reliability (APR) and Accumulated Communication Reliability (ACR). Second, inspired by the reliability analysis, we present three scheduling algorithms: RR algorithm schedules least Resources to meet the Reliability requirement; DRR algorithm extends RR by further considering the Deadline requirement; and dynamic algorithm schedules tasks dynamically: It avoids the "Chain effect" caused by uncertainties on the task execution time estimates, and relieves the impact from the inaccuracy on failure estimation. Finally, the empirical evaluation shows that our algorithms can save a significant amount of computation and communication resources when performing a similar reliability compared to Fault-Tolerant-Scheduling-Algorithm (FTSA) algorithm.

DOI： 10.1016/j.parco.2013.06.003

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Multivariate public key cryptosystems are being focused on as candidates for post-quantum cryptography. Rainbow is one of the most efficient signature schemes in multivariate public key cryptosystems. The main drawback of Rainbow is that their key size is much larger than that of RSA and ECC. In this paper, we propose an efficient variant of Rainbow that has a shorter secret key (and thus generates signatures faster) than the corresponding original Rainbow. In our scheme, we divide each layer of Rainbow into smaller blocks by using diagonal matrix representations. The size of the smaller blocks can be flexibly selected, and this enables us to carefully choose secure parameters so that our proposed scheme is secure against known attacks such as rank attacks, direct attacks, and UOV attack. We estimate that the secret key size of our proposed scheme with 100-bit security is smaller by about 40% than that of the original Rainbow. In addition, an implementation of our scheme in the C language is seen to generate signature faster by 40%.

DOI： 10.1145/2484389.2484401

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Lenstra proposed a method by which information can be efficiently in a public key N in RSA encryption. Since then, many methods such as the additional key escrow function and a visible public key have been proposed. Lenstra made an assertion that the size of embeddable information is up to half the length of a public key, but he did not mention the strict upper bound of the size. In this paper, we analytially examine the Lenstra algorithm both in theory and implementation, and calcuate the upper bound of the size of information that can be efficiently embedded in an RSA public key.

DOI： 10.1145/2484389.2484396

記述言語：英語   掲載種別：研究論文（学術雑誌）  

QUAD stream cipher uses multivariate polynomial systems. It has provable security based on the computational hardness assumption. More specifically, the security of QUAD depends on hardness of solving non-linear multivariate systems over a finite field, and it is known as an NP-complete problem. However, QUAD is slower than other stream ciphers, and an efficient implementation, which has a reduced computational cost, is required. In this paper, we propose an efficient implementation of computing multivariate polynomial systems for multivariate cryptography on GPU and evaluate efficiency of the proposal. GPU is considered to be a commodity parallel arithmetic unit. Moreover, we give an evaluation of our proposal. Our proposal parallelizes an algorithm of multivariate cryptography, and makes it efficient by optimizing the algorithm with GPU.

DOI： 10.2298/CSIS121102040T

記述言語：英語   掲載種別：研究論文（学術雑誌）  

QUAD stream cipher uses multivariate polynomial systems. It has provable security based on the computational hardness assumption. More specifically, the security of QUAD depends on hardness of solving non-linear multivariate systems over a finite field, and it is known as an NP-complete problem. However, QUAD is slower than other stream ciphers, and an efficient implementation, which has a reduced computational cost, is required. In this paper, we propose an efficient implementation of computing multivariate polynomial systems for multivariate cryptography on GPU and evaluate efficiency of the proposal. GPU is considered to be a commodity parallel arithmetic unit. Moreover, we give an evaluation of our proposal. Our proposal parallelizes an algorithm of multivariate cryptography, and makes it efficient by optimizing the algorithm with GPU.

DOI： 10.2298/CSIS121102040T

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

記述言語：英語  

記述言語：英語  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Many serious threats for PCs are spreading to the mobile environment. A mobile botnet, which is a collection of hijacked smartphones under the control of hackers, is one of them. With the quick development of the computing and communication abilities of smartphones, many command and control (C&amp
C) techniques in PC botnets can be easily reused in mobile botnets. However, some particular functions and characteristics of smartphones may provide botmasters with additional means to control their mobile botnets. This paper presents two special C&amp
C mechanisms that leverage Short Message Service and human mobility, respectively. The first one designs a SMS-based flooding algorithm to propagate commands. We theoretically prove that the uniform random graph is the optimal topology for this botnet, and demonstrate its high efficiency and stealth with various simulations. The second one utilizes Bluetooth to transmit botnet commands when hijacked smartphones encounter each other while in motion. We study its performance in a 100 m × 100 m square area with NS-2 simulations, and show that human-mobility characteristics facilitate the command propagation. Even if the infection rate is low, the command can still be effectively propagated provided that the mobility of devices is high. In the end, we propose effective defense strategies against these two special C&amp
C mechanisms. © 2012 Elsevier B.V. All rights reserved.

DOI： 10.1016/j.comnet.2012.06.007

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Many serious threats for PCs are spreading to the mobile environment. A mobile botnet, which is a collection of hijacked smartphones under the control of hackers, is one of them. With the quick development of the computing and communication abilities of smartphones, many command and control (C&C) techniques in PC botnets can be easily reused in mobile botnets. However, some particular functions and characteristics of smartphones may provide botmasters with additional means to control their mobile botnets. This paper presents two special C&C mechanisms that leverage Short Message Service and human mobility, respectively. The first one designs a SMS-based flooding algorithm to propagate commands. We theoretically prove that the uniform random graph is the optimal topology for this botnet, and demonstrate its high efficiency and stealth with various simulations. The second one utilizes Bluetooth to transmit botnet commands when hijacked smartphones encounter each other while in motion. We study its performance in a 100 m × 100 m square area with NS-2 simulations, and show that human-mobility characteristics facilitate the command propagation. Even if the infection rate is low, the command can still be effectively propagated provided that the mobility of devices is high. In the end, we propose effective defense strategies against these two special C&C mechanisms.

DOI： 10.1016/j.comnet.2012.06.007

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The increased application of sensor network introduces new security challenges. In this paper, we analyze the detection methods of compromised nodes and its countermeasure in the sensor network. We first review common attacks in the sensor network application which can compromise a valid, resource-constrained node (or called device). Then, we introduce several standard detection approaches to show their characteristics in different applications of the sensor network. Finally, we summarize and discuss existing countermeasures to the compromised nodes.

DOI： 10.1007/978-94-007-5860-5_7

記述言語：英語  

記述言語：英語  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Reputation systems are very useful in large online communities in which users may frequently have the opportunity to interact with users with whom they have no prior experience. Recently, how to enhance the cooperative behaviors in the reputation system has become to one of the key open issues. Emerging schemes focused on developing efficient reward and punishment mechanisms or capturing the social or economic properties of participants. However, whether this kind of method can work widely or not has been hard to prove until now. Research in evolutionary game theory shows that group selection (or multilevel selection) can favor the cooperative behavior in the finite population. Furthermore, some recent works give fundamental conditions for the evolution of cooperation by group selection. In the paper, we extend the original group selection theory and propose a group-based scheme to enhance cooperation for online reputation systems. Related concepts are defined to capture the social structure and ties among participants in reputation system, e.g., group, assortativity, etc. Also, we use a Fermi distribution function to reflect the bounded rationality of participants and the existence of stochastic factors in evolutionary process. Extended simulations show that our scheme can enhance cooperation and improve the average performance of participants (e.g. payoff) in reputation system. © 2010 Springer Science+Business Media, LLC.

DOI： 10.1007/s11227-010-0498-8

記述言語：英語   掲載種別：研究論文（学術雑誌）  

At the moment, image forgery in the mainstream media has become common. The degree of manipulation is facilitated by image editing software. Hence, there are many outstanding images which have no provenance information or certainty of authenticity. Therefore, constructing a scientific and automatic way for evaluating image authenticity is an important task. In spite of having outstanding performance, all the image forensics schemes developed so far have not provided verifiable information about source of tampering. This paper aims to propose a different kind of scheme, by exploiting a group of similar images, to verify the source of tampering. We begin with slightly modifying Robert's detector to enhance the detection results. The usage of membership function used to classify the suspicious region from the authentic one is introduced as well. Inspired by the image registration concept, we exploit the correlation-based alignment method to automatically identify the spliced region in any fragment of the reference images. Although the scheme is applicable under particular conditions, the efficacy of the proposed scheme on revealing the source of spliced regions is considerable. We anticipate this scheme to be the first concrete technique toward appropriate tools which are necessary for exposing digital image forgeries.

DOI： 10.1016/j.diin.2013.06.014

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Reputation systems are very useful in large online communities in which users may frequently have the opportunity to interact with users with whom they have no prior experience. Recently, how to enhance the cooperative behaviors in the reputation system has become to one of the key open issues. Emerging schemes focused on developing efficient reward and punishment mechanisms or capturing the social or economic properties of participants. However, whether this kind of method can work widely or not has been hard to prove until now. Research in evolutionary game theory shows that group selection (or multilevel selection) can favor the cooperative behavior in the finite population. Furthermore, some recent works give fundamental conditions for the evolution of cooperation by group selection. In the paper, we extend the original group selection theory and propose a group-based scheme to enhance cooperation for online reputation systems. Related concepts are defined to capture the social structure and ties among participants in reputation system, e.g., group, assortativity, etc. Also, we use a Fermi distribution function to reflect the bounded rationality of participants and the existence of stochastic factors in evolutionary process. Extended simulations show that our scheme can enhance cooperation and improve the average performance of participants (e.g. payoff) in reputation system.

DOI： 10.1007/s11227-010-0498-8

記述言語：英語  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The technologies used by attackers in the Internet environment are becoming more and more sophisticated. Of the many kinds of attacks, distributed scan attacks have become one of the most serious problems. In this study, we propose a novel method based on normal behavior modes of traffic to detect distributed scan attacks in darknet environments. In our proposed method, all the possible destination TCP and UDP ports are monitored, and when a port is attacked by a distributed scan, an alert is given. Moreover, the alert can have several levels reflecting the relative scale of the attack. To accelerate learning and updating the normal behavior modes and to realize rapid detection, an index is introduced, which is proved to be very efficient. The efficiency of our proposal is verified using real darknet traffic data. Although our proposal focuses on darknets, the idea can also be applied to ordinary networks.

DOI： 10.2197/ipsjjip.21.527

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

RF tags based on RFID (Radio-frequency Identification) technology have been widely used in various fields including power plant construction and maintenance for the purpose of improving the identification and traceability of the many components in the facility. To date, various types of tags have been developed, including tags that are resistant to chemicals or high-temperature environments, which are used in specialized fields. When considering widespread use of RF tags in nuclear power plants, there is a concern about the effects of radiation on the RF tags, because the data stored in the tag may receive radiation damage, resulting in corruption of data. Here, we describe a newly designed RF tag that achieves resistance to radiation damage by attaching a radiation shield layer and incorporating automatic data-correction software. This radiation-resistant RF tag has been tested under real radiation exposure fields to verify the intended radiation-resistant functions. It is expected that the use of these radiation-resistant RF tags with a data reader and database system will increase the capabilities of RF tags applied to nuclear power plants and it is also expected to lead to reductions in worker radiation exposure doses.

DOI： 10.1115/ICONE21-16605

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the "provenance" of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.

DOI： 10.1007/978-3-642-36818-9_40

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We propose a key management scheme for two-tire hierarchical mobile network using triple key distribution. Sensor nodes are divided into clusters managed by cluster heads which collect and aggregate data and send to base stations. The use of both symmetric and public key techniques makes the network highly resilient to node compromise. The nodes are resource constrained and thus communicate securely using symmetric triple key distribution technique. The cluster heads are powerful and use asymmetric key distribution techniques. The anonymity of cluster heads while forwarding messages is also preserved in our protocol. To the best of our knowledge, this is the first key management scheme which uses both symmetric and asymmetric triple key distribution mechanism. The analysis shows that our scheme is highly secure, preserves privacy of cluster heads and can support efficient addition and deletion of nodes.

DOI： 10.1109/GLOCOM.2013.6831104

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We examine the problem of managing a server farm in a cost-efficient way that reduces the cost caused by server failures, according to an Infrastructure-as-a-Service model in cloud. Specifically, failures in cloud systems are so frequent that severely affect the normal operation of job requests and incurring high penalty cost. It is possible to increase the net revenue through reducing the energy cost and penalty by leveraging failure predictiors. First, we incorporate the malfunction and recovery states into the server management process, and improve the cost-efficiency of each server using failure predictor-based proactive recovery. Second, we present a revenue-driven cloud scheduling algorithm, which further increases net revenue in collaboration with server management algorithm. The formal and experimental analysis manifests our expected net revenue improvement.

DOI： 10.1007/978-3-319-04519-1_2

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Due to the easy manipulation and alteration of digital images using widely available software tools, forgery detection is emerged as a primary goal in image forensics. A common form of manipulation is to combine parts of the image fragment into another different image to remove objects from the image. Inspired by the image registration concept, we exploit the correlation-based alignment method to automatically identify the spliced region in any fragment of the reference images. We show the efficacy of the proposed scheme on revealing the source of spliced regions. We anticipate this scheme to be the first concrete technique towards appropriate tools which are necessary for exposing digital forgeries.

DOI： 10.1007/978-3-642-40099-5_17

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The multivariate public key cryptosystem (MPKC), which is based on the problem of solving a set of multivariate systems of quadratic equations over a finite field, is expected to be secure against quantum attacks. Although there are several existing schemes in MPKC that survived known attacks and are much faster than RSA and ECC, there have been few discussions on security against physical attacks, aside from the work of Okeya et al. (2005) on side-channel attacks against Sflash. In this study, we describe general fault attacks on MPKCs including Big Field type (e.g. Matsumoto-Imai, HFE and Sflash) and Stepwise Triangular System (STS) type (e.g. UOV, Rainbow and TTM/TTS). For both types, recovering (parts of) the secret keys S, T with our fault attacks becomes more efficient than doing without them. Especially, on the Big Field type, only single fault is sufficient to recover the secret keys.

DOI： 10.1587/transfun.E96.A.196

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Evaluating non-linear multivariate polynomial systems over finite fields is an important subroutine, e.g., for encryption and signature verification in multivariate cryptography. The security of multivariate cryptography definitely becomes lower if a larger field is used instead of GF(2) given the same number of bits in the key. However, we still would like to use larger fields because multivariate cryptography tends to run faster at the same level of security if a larger field is used. In this paper, we compare the efficiency of several techniques for evaluating multivariate polynomial systems over GF(2 ¹⁶) vi their implementations on graphics processing units.

DOI： 10.1109/IMIS.2013.151

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Android based smartphones have become popular. Accordingly, many malwares are developed. The malwares target information leaked from Android. However, it is difficult for users to judge the availability of application by understanding the potential threats in the application. In this paper, we focus on acquisition of information by using a remote procedure call when we invoke the API to acquire phone ID. We design a methodology to record invocation that are concerned the API by inserting Log.v methods. We examined our method, and confirm empirically the record of the call behavior of the API to acquire phone ID.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

With the spread of computer, the increase of malware is a serious problem. In some malware, damage caused by botnet is a serious problem. Botnets perform the attack by remote control. The purpose of the present work is to suppress the botnet activity by detecting the C&C traffic through well-suited observations. There already exists many detection techniques, most of which focus on IRC-based botnet, and very little focus on HTTP-based botnet, even less, which include comparisons between both detection techniques. In this work, we focus on the HTTP-based botnet, and in order to classify normal HTTP session and C&C session, we make use of Support Vector Machine.

DOI： 10.1109/ASIAJCIS.2013.17

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/DASC.2013.7

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.

DOI： 10.1145/2448556.2448610

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Insider threats are one of the serious hard problems of organizational security because it is often unclear whether or not an actor is an insider, or what we actually mean by "insider". In addition, it is frequently almost impossible to verify if an authorized insider action (authorized at the level of an operational policy) would constitute an insider attack contravening the organizational security policy of an enterprise. Hence, research on how to fight against insider attacks is one of the recent major topics in information security.

記述言語：英語  

This chapter describes a study on workflow scheduling with fault tolerance. It starts with an understanding on workflow scheduling and fault tolerance technologies independently. Next, the chapter surveys the related works on the combination field of workflow scheduling and fault tolerance technologies. Generally, these works are classified into six categories corresponding to the six fault tolerance technologies: workflow scheduling with primary/backup, primary/backup with multiple backups, checkpoint, rescheduling, active replication, and active replication with dynamic replicas. An in-depth study on these six topics illustrates the challenge issues explored so far, e.g. overloading conditions, tradeoffs among scheduling criteria, et cetera, and some future research directions are also identified. As applications are increasingly complex, and failures become a severe problem in the large scale systems, the authors expect to provide a comprehensive review on the problem of workflow scheduling with fault tolerance through this work.

DOI： 10.4018/978-1-4666-1888-6.ch005

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

This paper proposes a broadcast encryption scheme with traitor tracing based on the ternary tree structure. The subset difference method with ternary tree reduces the communication cost and tracing cost of the original method with the binary tree. However, straightforward expansion of the method ends in failure due to the vulnerability to coalition attacks. Thus, we design a new cover-finding algorithm and label assignment algorithm in order to achieve a coalition-resistant revocation and tracing schemes. Our analysis on efficiency and security shows that our scheme is an improvement of the existing broadcast encryption schemes: complete subtree and subset difference methods.

DOI： 10.1007/978-3-642-35755-8_17

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

An improvement of arithmetic coding based on Markov model () has been proposed in the paper (Duan L.L., Liao X. F., Xiang T., Communications in Nonlinear Science and Numerical Simulation, 2011, 16(6):2554-2562). Though, a methodology to construct the is proposed in the above mentioned paper, it really lacks the formal definition of the. In the current paper, we not only investigate the security analysis of the, but also put forward formal definitions of the as well as its different security notions. Based on those definitions, a chosen-plaintext attack is proposed to reveal the used pseudorandom bit sequence for the encryption under the condition that the same pseudorandom bit sequence is used to encrypt the different messages. We also show that the does not have indistinguishable encryptions under the ciphertext-only attack (i.e., does not have indistinguishable encryptions in the presence of an eavesdropper) even if the different pseudorandom bit sequences are used to encrypt the different messages. Moreover, when the is combined with the randomized arithmetic code () (Grangetto M., Magli E., Olmo G., IEEE Trans. Multimedia, 2006 8(5):905-917), we also explore the insecurity of this combined encryption scheme. The analysis demonstrates that the + is also insecure. Finally, the simulated experimental results show the correctness of all the proposed attacks.

DOI： 10.1007/978-3-642-34704-7-24

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In multihop wireless networks (MWNs), the selective forwarding attack is a special case of denial of service attack. In this attack, the malicious wireless nodes only forward a subset of the received packets, but drop the others. This attack becomes more severe if multiple attackers exist and collude together to disrupt the normal functioning of the secure protocols. By colluding, each attacker can even only drop a little packets, but the overall loss of the path will be high. However, most prior researches on selective forwarding attacks assume the attackers do not collude with each other. Furthermore, the previous works also lack of comprehensive security analysis. In this paper, by utilizing the game theoretic approach, we analyze the collusion in selective forwarding attacks. We first put forward a sub-route oriented punish and reward scheme, and propose an multi-attacker repeated colluding game. Then by static and dynamic analysis of this colluding attack game, we find the sub-game equilibriums which indicate the attackers' optimal attack strategies. Based on the analysis result, we establish a security policies for multihop wireless networks, to threaten and detect the malicious insider nodes which collude with each other to launch the selective forwarding attacks.

DOI： 10.1016/j.comcom.2012.07.006

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In multihop wireless networks (MWNs), the selective forwarding attack is a special case of denial of service attack. In this attack, the malicious wireless nodes only forward a subset of the received packets, but drop the others. This attack becomes more severe if multiple attackers exist and collude together to disrupt the normal functioning of the secure protocols. By colluding, each attacker can even only drop a little packets, but the overall loss of the path will be high. However, most prior researches on selective forwarding attacks assume the attackers do not collude with each other. Furthermore, the previous works also lack of comprehensive security analysis. In this paper, by utilizing the game theoretic approach, we analyze the collusion in selective forwarding attacks. We first put forward a sub-route oriented punish and reward scheme, and propose an multi-attacker repeated colluding game. Then by static and dynamic analysis of this colluding attack game, we find the sub-game equilibriums which indicate the attackers' optimal attack strategies. Based on the analysis result, we establish a security policies for multihop wireless networks, to threaten and detect the malicious insider nodes which collude with each other to launch the selective forwarding attacks. (c) 2012 Elsevier B.V. All rights reserved.

DOI： 10.1016/j.comcom.2012.07.006

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In homeland security, the transportation system built on vehicular ad hoc networks (VANETs) is one sector among key resource sectors for national infrastructure protection plan identified by the department of homeland security (DHS) of the United States. Thus, it is an essential aspect to develop a suit of elaborately designed VANET security mechanisms for a successful homeland security infrastructure. However, all prior privacy-preserving authentication protocols for secure vehicular communications have not satisfied the fulfillment of location assurance to develop secure location-aware service applications in VANETs. In this paper, we make up for the limitations and propose an efficient privacy-preserving authentication protocol with location assurance for secure location-aware services over VANETs. In particular, we introduce the notion of location-aware credential so as to guarantee the trustworthiness of geographic location in location-aware services while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides efficient procedures that alleviate a burden of computation for location-aware signature generation and verification on vehicles in VANETs. In order to achieve these goals, we consider online/offline signature scheme based on "hash-sign-switch" paradigm and identity-based aggregate signature scheme as our building blocks. Comprehensive simulations are conducted to confirm the efficiency and effectiveness of the proposed protocol.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Wireless sensor networks are vulnerable to a large number of security threats and malicious attacks. The traditional security approaches from encryption and authentication are insufficient to defend the insider attacks which are launched inside of the WSNs and bypass the crypto-based defence. Trust management has been recently suggested as one of the effective security mechanisms for distributed systems, and is a promising new approach to solve the security challenges in wireless sensor networks. However, to the best of our knowledge, it is still a challenge to establish an integrated trust management mechanism with comprehensive security analysis. In this paper, we consider the clustered wireless sensor network in which the cluster head is in charge of the trust management of other sensor nodes. We propose a novel, integrated trust management mechanism for the cluster wireless sensor networks, and analyze the optimal decision making policy by using game theory. First, the upstream/downstream joint monitoring scheme is implemented to securely and efficiently observe the behavior of the insider nodes. Then based on the monitoring results, the local trustworthiness and global trust worthiness are derived based on the trust exchange and the trust computation. Finally, by game theoretic analysis of the security interaction between the attacker and the network, the optimal trust policy can be made based on min-max rule, and the optimal utility of the WSNs can be guaranteed.

DOI： 10.1007/978-3-642-32298-3_16

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

As failures are becoming frequent due to the increasing scale of data centers, Service Level Agreement (SLA) violation often occurs at a cloud provider, thereby affecting the normal operation of job requests and incurring high penalty cost. To this end, we examine the problem of managing a server farm in a way that reduces the penalty caused by server failures according to an Infrastructure-as-a-Service model. We incorporate the malfunction and recovery states into the server management process, and improve the cost efficiency of server management by leveraging the failure predictors. We also design a utility model describing the expected net revenue obtained from providing service. The basic idea is that, a job could be rejected or migrate to another server if a negative utility is anticipated. The formal and experimental analysis manifests our expected net revenue improvement.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

An image scrambling encryption scheme for pixel bits was presented by Ye [Ye GD. Image scrambling encryption algorithm of pixel bit based on chaos map. Pattern Recognit Lett 2010;31:347-54], which can be seen as one kind of typical binary image scrambling encryption considering from the bit-plain of size M x (8N). However, recently, some defects existing in the original image encryption scheme, i.e., Ye's scheme, have been observed by Li and Lo [Li CQ, Lo KT. Optimal quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks. Signal Process 2011;91:949-54]. In the attack proposed by Li and Lo at least 3 + inverted right perpendicularlog(2)(MN)inverted left perpendicular plain images of size M x N are used to reveal the permutation matrix W = [w(i,k)] (i is an element of {1, 2, ... , M}; k is an element of {1, 2, ... , 8N}) which can be applied to recover the exact plain image. In the current paper, at first, one type of special plain image/cipher image is used to analyze the security weakness of the original image scrambling scheme under study. The final encryption vectors TM and TN or the decryption vectors TM' and TN' are revealed completely according to our attack. To demonstrate the performance of our attack, a quantified comparison is drawn between our attack and the attack proposed by Li and Lo. Compared with Li and Lo's attack, our attack is more efficient in the general conditions. In particular, when the sizes of images satisfy the condition M = N or M <= 8N, the number of the used plain images/cipher images is at most 9, which is sharply less than 3 + inverted right perpendicularlog(2)(MN)inverted left perpendicular when M and N are of large size. To overcome the weaknesses of the original scheme, in this paper, an improved image scrambling encryption scheme is proposed. In the improved scheme, the idea of the "self-correlation" method is used to resist the chosen-plaintext attack/known-plaintext attack. The corresponding simulations and analyses illustrate that the improved encryption method has good cryptographic properties, and can overcome the weakness of the original image encryption scheme. Finally, farther improvement is briefly presented for the future work. (C) 2011 Elsevier B.V. All rights reserved.

DOI： 10.1016/j.cnsns.2011.12.015

記述言語：英語   掲載種別：研究論文（学術雑誌）  

An image scrambling encryption scheme for pixel bits was presented by Ye [Ye GD. Image scrambling encryption algorithm of pixel bit based on chaos map. Pattern Recognit Lett 2010;31:347-54], which can be seen as one kind of typical binary image scrambling encryption considering from the bit-plain of size M×(8N). However, recently, some defects existing in the original image encryption scheme, i.e., Ye's scheme, have been observed by Li and Lo [Li CQ, Lo KT. Optimal quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks. Signal Process 2011;91:949-54]. In the attack proposed by Li and Lo at least 3+⌈log ₂(MN)⌉ plain images of size M×N are used to reveal the permutation matrix W=[w(i,k)] (i∈{1, 2,...,M};k∈{1,2,...,8N}) which can be applied to recover the exact plain image. In the current paper, at first, one type of special plain image/cipher image is used to analyze the security weakness of the original image scrambling scheme under study. The final encryption vectors TM and TN or the decryption vectors TM' and TN' are revealed completely according to our attack. To demonstrate the performance of our attack, a quantified comparison is drawn between our attack and the attack proposed by Li and Lo. Compared with Li and Lo's attack, our attack is more efficient in the general conditions. In particular, when the sizes of images satisfy the condition M=N or M≤8N, the number of the used plain images/cipher images is at most 9, which is sharply less than 3+⌈log ₂(MN)⌉ when M and N are of large size. To overcome the weaknesses of the original scheme, in this paper, an improved image scrambling encryption scheme is proposed. In the improved scheme, the idea of the "self-correlation" method is used to resist the chosen-plaintext attack/known-plaintext attack. The corresponding simulations and analyses illustrate that the improved encryption method has good cryptographic properties, and can overcome the weakness of the original image encryption scheme. Finally, farther improvement is briefly presented for the future work.

DOI： 10.1016/j.cnsns.2011.12.015

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Recently, there is much concern about the provenance of distributed processes, that is about the documentation of the origin and the processes to produce an object in a distributed system. The provenance has many applications in the forms of medical records, documentation of processes in the computer systems, recording the origin of data in the cloud, and also documentation of human-executed processes. The provenance of distributed processes can be modeled by a directed acyclic graph (DAG) where each node represents an entity, and an edge represents the origin and causal relationship between entities. Without sufficient security mechanisms, the provenance graph suffers from integrity and confidentiality problems, for example changes or deletions of the correct nodes, additions of fake nodes and edges, and unauthorized accesses to the sensitive nodes and edges. In this paper, we propose an integrity mechanism for provenance graph using the digital signature involving three parties: the process executors who are responsible in the nodes' creation, a provenance owner that records the nodes to the provenance store, and a trusted party that we call the Trusted Counter Server (TCS) that records the number of nodes stored by the provenance owner. We show that the mechanism can detect the integrity problem in the provenance graph, namely unauthorized and malicious "authorized" updates even if all the parties, except the TCS, collude to update the provenance. In this scheme, the TCS only needs a very minimal storage (linear with the number of the provenance owners). To protect the confidentiality and for an efficient access control administration, we propose a method to encrypt the provenance graph that allows access by paths and compartments in the provenance graph. We argue that encryption is important as a mechanism to protect the provenance data stored in an untrusted environment. We analyze the security of the integrity mechanism, and perform experiments to measure the performance of both mechanisms.

DOI： 10.1587/transinf.E95.D.1894

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The availab ility of network system with network coding can suffer from malicious nodes intentionally corrupt the encoded packets. T he sit uat ion will get even worse when t here are self ish nodes that are unwilling to take the measure of securit y mechanism. In such situation, selfish nodes should be motivated to follow the protocol, and malicious nodes need to be detected. We integrate an efficient Homomorphic MAC with a lightweight non-repudiation transmission protocol which can not only detect the corrupted packets but also locate the malicious nodes. In order to deal with the selfish behavior, we propose an incentive scheme which can encourage the nodes to follow the protocol faithfully and detect the pollution attacks. In addition, we analyze the relationship between security and parameters of the protocol, which can help to choose the better parameters the system requires. From the evaluated results, we can see that our design can effectively defense against pollution attacks in the system with network coding with high security and good performance.

DOI： 10.1145/2184751.2184815

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Along with the development of the service-oriented architecture (SOA) and cloud computing, a large number of service providers have created an intense competitive world of business. Consequently, it is becoming increasingly complex to select a service provider for a user as a result of their various economic and social attributes. In this paper, we state the problem of how to find the appropriate services with satisfying the users multiple QoS requirements. We consider the service's response time, trust degree and monetary cost. And inspired from the mode of Web search engine, such as Yahoo, Google, we propose an innovative service selection algorithm for SOA systems. The algorithm can recommend a number of suitable services based on the user's QoS requirements. Compared with the existing scheduling algorithms, our solution is much more flexible in supporting the multiple objectives and user personalization. We study the scalability of the algorithm with different numbers of jobs, service providers and QoS criteria. And we find that it can capture user's preferences value in less than six times of job submissions.

DOI： 10.1016/j.jnca.2011.03.013

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper, a non-interactive string-commitment protocol in the common reference string model is presented and analyzed. We show that the proposed (length-flexible) commitment protocol realizes the universally composable security in the presence of adaptive adversaries in the standard computational model assuming that the underlying Paillier's public-key encryption (or Damgård and Jurik's public-key encryption scheme when a lengthflexible property is claimed) is semantically secure and the Damgård-Fazio- Nicolosi's non-interactive protocol is zero-knowledge in the registered public-key model.

DOI： 10.1007/978-3-642-25206-8_15

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Designing non-committing encryptions tolerating adaptive adversaries is a challenging task. In this paper, a simple implementation of non-committing encryptions is presented and analyzed in the strongest security model. We show that the proposed non-committing encryption scheme is provably secure against adaptive adversaries in the universally composable framework assuming that the decisional Diffie-Hellman problem is hard.

DOI： 10.1007/978-3-642-25206-8_18

記述言語：英語   掲載種別：研究論文（学術雑誌）  

When we build electronic cash systems, the main focus of the design is usually on preventing customers' malicious actions. However, since authorities such as banks and certificate authorities may have important secret data of customers, the insiders in the potentially untrusted authorities can become threats to electronic cash systems. Miyazaki and Sakurai [2] first systematically analyzed security of offline anonymous electronic cash systems by considering the insider threats from untrusted authorities. They investigated the security of the existing electronic cash systems and categorized the systems into four types. In this paper, we reconsider the security of offline anonymous electronic cash systems including more recent systems based on the classification of Miyazaki and Sakurai and investigate the possible effective countermeasures against malicious insiders.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. Rainbow is a digital signature scheme in MPKC, whose encryption and decryption are relatively efficient. However, the security of MPKC depends on the difficulty in solving a system of multivariate polynomials, and the key length of MPKC becomes substantially large compared with that of RSA cryptosystems for the same level of security. The size of the public key in MPKC has been reduced in previous research, but to the best of our knowledge, there are no algorithms to reduce the size of a private key . In this paper, we propose NC-Rainbow, a variation of Rainbow using non-commutative rings and we describe the ability of the proposed scheme to reduce the size of a private key in comparison with the ordinary Rainbow while maintaining the same level of security. In particular, using the proposed NC-Rainbow, the size of a private key is reduced by about 75% at the 80 bit security level. Moreover, the speed of signature generation is accelerated by about 34% at the 80 bit security level.

DOI： 10.1007/978-3-642-27954-6_5

記述言語：英語   掲載種別：研究論文（学術雑誌）  

We give an abstraction of verifiable multi-secret sharing schemes that is accessible to a fully mechanized analysis. This abstraction is formalized within the applied pi-calculus by using an equational theory which characterizes the cryptographic semantics of secret share. We also present an encoding from the equational theory into a convergent rewriting system, which is suitable for the automated protocol verifier ProVerif. Based on that, we verify the threshold certificate protocol in ProVerif.

DOI： 10.1080/18756891.2012.670517

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Low-rate attacks can conceal their traffic because their packets are at very low rates, which make it easy to bury themselves into the normal traffic. Thus, although a number of volume-based detection techniques are able to identify anomalies that trigger significant changes in traffic volume, they are not applicable to detecting low-rate attacks. Because of this, the problem of low-rate attacks has been attracting many researchers in the community of network security. In this study, for the first time we propose a method based on the normal behavior mode of traffic to detect outbreaks of low-rate attacks. The experimental result indicates that our proposal is efficient.

DOI： 10.1109/SAINT.2012.50

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

There are encryption schemes called searchable encryption schemes. We can prove the security of these schemes based on a security model. However, we face the risk of the frequency analysis in some constructions because these schemes encrypt the keywords per word in the file as well as itself. In this attack, we assume an adversary knows the frequency distribution of plaintexts (i.e., keywords), and an adversary measures the frequency of the ciphertext and guesses the plaintext by comparing the frequency of the plaintext with it. In this work, we apply this attack to the existing works and evaluate the resistance of the searchable encryption to this attack by considering the difference between the deterministic encryption and the probabilistic encryption, and the supported types of searches.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

There are encryption schemes called searchable encryption which enable keyword searches. Traditional symmetric ones support only full keyword matches. Therefore, both a data owner and data searcher have to enumerate all possible keywords to realize a variety of searches. It causes increases of data size and run time.We propose searchable symmetric encryption which can check characters in the specified position as we perform search on plaintexts. Our scheme realizes a variety of searches such as fuzzy keyword search, wildcard search, and so on.

DOI： 10.1007/978-3-642-33272-2_15

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.

DOI： 10.1109/IMIS.2012.129

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Mobile phone users are being increasingly directed to WEB sites through the identification of the WEB address from a two-dimensional code on the phone. However, incidents where mobile phones direct users to malicious WEB sites are also increasing. The direct lead mechanism, in which mobile phones directly send users to an uninspected WEB address, is the most common mechanism by which users are misdirected to fraudulent WEB sites. To address this issue, a registration server for inspecting WEB addresses and storing the corresponding registration IDs in the two-dimensional code format was established. Subsequently, the reliability of directing users to WEB sites only after verifying the registration ID of the target WEB address was examined. However, this approach was susceptible to phishing and camouflage when malicious software was used to rewrite the registration ID and the relationship of the WEB address on the registration server. Therefore, an approach that uses two-dimensional codes with a secret encrypted component was proposed.

DOI： 10.1109/IMIS.2012.57

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We consider the problem of searchable encryption scheme for the cryptographic cloud storage in such a way that it can be efficiently and privately executed under the multi-user setting. Searchable encryption schemes allow users to perform keyword searches on encrypted files to retrieve their interested data without decryption. All existing such schemes only consider the straightforward search approach where for searching one encrypted keyword, the cloud server must look round all encrypted files on the storage to compare that encrypted keyword to each keyword index. Since the file number can be very huge and the user may be unable to decrypt all files, that approach is not efficient and secure enough. In this paper, we first propose a keyword search scheme for the cryptographic cloud storage based on attribute-based cryptosystems. Our scheme presents a new keyword search notion: fine-grained access control aware keyword search. By narrowing the search scope to the user's decryptable files' group before executing the keyword search, our approach can both decrease information leakage from the query process and be more efficient than other existing schemes.

DOI： 10.1007/978-3-642-31912-9_27

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/TrustCom.2012.311

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Optical information media printed on paper use printing materials to absorb visible light. There is a two-dimensional code, which may be encrypted but also can possibly be copied. Hence, we envisage an information medium that cannot possibly be copied and thereby offers high security. At the surface, the normal two-dimensional code is printed. The inner layers consist of two-dimensional codes printed using a variety of materials, which absorb certain distinct wavelengths, to form a multilayered two-dimensional code. Information can be distributed among the two-dimensional codes forming the inner layers of the multiplex.

DOI： 10.1109/ISPA.2012.113

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper, we present a method for hiding information in a conventional two-dimensional (2D) code that maintains backward compatibility with conventional 2D code readers. This is achieved by segmenting each cell into subcells that store confidential information.

DOI： 10.1109/GCCE.2012.6379943

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

QUAD is a provably secure stream cipher, whose security is based on the hardness assumption of solving multivariate quadratic polynomial systems over a finite field, which is known to be NP-complete. However, such provable security comes at a price, and QUAD is slower than most other stream ciphers that do not have security proofs. In this paper, we discuss two efficient parallelization techniques for evaluating multivariate quadratic polynomial systems on GPU, which can effectively accelerate the QUAD stream cipher. The first approach focuses on formula of summations in quadratics, while the second approach uses parallel reduction to summations. Our approaches can be easily generalized and applied to other multivariate cryptosystems.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

QUAD stream cipher uses multivariate polynomial systems. It has provable security based on the computational hardness assumption. More specifically, the security of QUAD depends on hardness of solving non-linear multivariate system us over a finite field, and it is known as an NP-Hard problem. However, QUAD is slower than other stream ciphers, and an efficient implementation, which has a reduced computational cost is required. In this paper, we propose an efficient implementation of computing multivariate polynomial systems for multivariate cryptography on GPU and evaluate efficiency of the proposal. GPU is considered to be a commodity parallel arithmetic unit. Moreover, we give an evaluation of our proposal. Our proposal parallelizes an algorithm of multivariate cryptography, and makes it efficient by optimizing the algorithm with GPU.

DOI： 10.1109/IMIS.2012.139

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

LBlock is a 64-bit lightweight block cipher which can be implemented in both hardware environments and software platforms. It was designed by Wu and Zhang, and published at ACNS2011. In this paper, we explore the strength of LBlock against the differential fault analysis (DFA). As far as we know, this is the first time the DFA attack is used to analyze LBlock. Our DFA attack adopts the random bit fault model. When the fault is injected at the end of the round from the 25 ^th round to the 31 ^st round, the DFA attack is used to reveal the last three round subkeys (i.e., K ₃₂, K ₃₁ and K ₃₀) by analyzing the active S-box of which the input and output differences can be obtained from the right and faulty ciphertexts (C, C̃). Then, the master key can be recovered based on the analysis of the key scheduling. Specially, for the condition that the fault is injected at the end of the 25 ^th and 26 ^th round, we show that the active S-box can be distinguished from the false active S-box by analyzing the nonzero differences from the pair of ciphertexts (C, C̃). The false active S-box which we define implies that the nonzero input difference does not correspond to the right output difference. Moreover, as the LBlock can achieve the best diffusion in eight rounds, there can exist the countermeasures that protect the first and last eight rounds. This countermeasure raises a question whether provoking a fault at the former round of LBlock can reveal the round subkey. Our current work also gives an answer to the question that the DFA attack can be used to reveal the round subkey when the fault is injected into the 24 ^th round. If the fault model used in this analysis is a semi-random bit model, the round subkey can be revealed directly. Specially, the semi-random bit model corresponds to an adversary who could know the corrupted 4 bits at the chosen round but not know the exact bit in these 4 bits. Finally, the data complexity analysis and simulations show the number of necessary faults for revealing the master key.

DOI： 10.1007/978-3-642-29912-4_11

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In recent years, there are anonymous routing protocols for mobile ad-hoc networks. These protocols provide anonymous communication between an arbitrary pair of nodes. However, there are also some multipoint-to-point sensor networks. In those environments, we have to consider all routes not between an arbitrary pair of sensor nodes but between an arbitrary one sender node and a specific destination node. These existing protocols consider to only security, so nodes may not be able to work efficiency in those environments. In this paper, we propose a new anonymous routing protocol for such multipoint-to-point sensor networks based on efficient routing protocols and existing anonymous routing mechanisms. Moreover, we evidence superiority of our proposal by comparing the amount of information for anonymous routing and a time for route establishment with that of existing protocols. We show that our protocol can establish the anonymous route faster than existing ones and reduce the information for routing from existing ones.

DOI： 10.1109/WAINA.2012.175

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recently, we have a problem about an attack generated by a botnet which consists of a group of compromised computers called bots. An attacker called botmaster controls it and a botnet invokes an attack such as scanning and DDoS attack. In this paper, we use the 3D-visualization to investigate the change of attack according to the darknet traffic. As a result, we discover the attack in which several source IP addresses transmit packets to a single destination within a short period of time. In addition, we find that the packet size and the destination port number are identical on its attack. Furthermore, we propose the method to detect this attack called behavior of collaborative attack. In our proposal, we focus on the number of source IP addresses which transmit packets to the single destination. We detected this packet and the rate of packet with the same packet size and destination port number occupied about 90% of the set unit of extracted packet.

DOI： 10.1007/978-3-642-35362-8_17

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In the present operating systems such as Linux, all the kernel modules, including unknown extensions, run in the same address space. They are granted the highest privilege and can access arbitrary memory without any limitation. This is at the root of kernel rootkits, which are malware seriously threatening the kernel integrity. In this paper, we present Barrier, a lightweight hypervisor designed for enhancing the kernel integrity of personal computers by isolating the kernel modules. Since this hypervisor is designed for the OS protection on PCs, it does not implement unnecessary virtualization features that are commonly found on the general-purpose hypervisors to support running multiple OS instances concurrently on the same server. As a result, it is much smaller and also much easier to use, especially for unprofessional users. Barrier leverages the hardware-supported memory virtualization to isolate the kernel modules into different address spaces. All the interactions across address spaces have to go through a strict mediation based on some predefined MAC rules. This greatly increases the attacker's hardness to compromise the kernel integrity. We have implemented a prototype of Barrier. The evaluation results show that Barrier can well protect the kernel integrity without bringing unaffordable performance overheads.

DOI： 10.1145/2245276.2232011

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Edwards curves have efficient scalar multiplication algorithms, and their application to pairing-based cryptography has been studied. In particular, if a pairing-friendly curve used in a pairing-based protocol is isomorphic to an Edwards curve, all the scalar multiplication appearing in the protocol can be computed efficiently. In this paper, we extend this idea to pairing-friendly curves not isomorphic but isogenous to Edwards curves, and add to pairing-friendly curves to which Edwards curves can be applied. Above all, pairing-friendly curves with smaller ρ-values provide more efficient pairing computation. Therefore, we investigate whether pairing-friendly curves with the minimal ρ-values are isogenous to Edwards curves for embedding degree up to 50. Based on the investigation, we present parameters of pairing-friendly curves with 160-bit and 256-bit security level at embedding degree 16 and 24, respectively. These curves have the minimal ρ-values and are not isomorphic but isogenous to Edwards curves, and thus our proposed method is effective for these curves.

DOI： 10.1007/978-3-642-34117-5-2

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Wireless sensor networks (WSNs) have been widely used in various applications. Since their sensor nodes are resource-constrained and their security primitives need to store a set of security credentials to share a secure channel, key management is one of the most challenging issues in the design of WSN. Currently, various efficient lightweight key management schemes (KMs) have been proposed to enable encryption and authentication in WSN for different application scenarios. According to different requirements, it is important to select the trustworthy key management schemes in a WSN for setting up a fully trusted WSN mechanism. In this context, adaptive methods are required to evaluate those schemes. In this paper, we exploit Analytic Hierarchy Process (AHP) to help with the complex decision. Specifically, we consider the following performance criteria: scalability, key connectivity, resilience, storage overhead, processing overhead and communication overhead. Two case studies are added for verifying our proposal. Via the two case studies, it is verified that our method is able to help selecting a suitable scheme for given requirements.

DOI： 10.4304/jnw.7.1.88-100

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Nowadays, data collection and processing becomes ubiquitous in social and business areas, especially in Internet of Things. However, sensitive information leakage is a critical issue. To solve problem, privacy-preserving techniques are strongly needed. Jiang {\em et al.} proposed a protocol of finding frequent item in accountable computing (AC) framework which enables two parties to conduct collaborative computation on their transactional databases to find out the common frequent items without disclosing their private data to the other party. Their scheme was proposed in a secure two-party computation model against malicious adversaries. In this paper, we analyze the implementation details of AC-framework and identify some security weaknesses in their scheme. Furthermore, we clarify the security requirements for the AC-framework and present an augmented solution to enhance security.

DOI： 10.1109/TrustCom.2012.87

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

With the advent of low-cost and high-resolution digital cameras and sophisticated editing software, it is becoming increasingly easier to tamper with the digital image. A common form of manipulation is to combine parts of the image fragment into another different image to remove objects from the image. Inspired by the digital image correlation concept, we exploit the peak of cross-correlation function to automatically detect the splicing artifacts in any fragment of an image. We show the efficacy of the proposed scheme on revealing the source of spliced regions. We make the first concrete technique towards appropriate tools which are necessary for rendering digital forgeries.

DOI： 10.1007/978-3-642-34778-8_36

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In public key encryption, we need to be able to verify the certificate from a certificate authority to prevent impersonation. In this paper, we propose an encryption system in which we can verify a public key without the certificate. We can realize our encryption system without a impersonation nor a key escrow problem.

DOI： 10.1109/IMIS.2012.123

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In cognitive radio networks, primary user emulation (PUE) attack is a denial-of-service (DoS) attack on secondary users. It means that a malicious attacker sends primary-user-like signals to jam certain spectrum channels during the spectrum sensing period. Sensing the attacker's signal, the legitimate secondary user will regard these channels are used by the primary users, and give up using these attacked channels. In this paper, the interaction between the PUE attacker and the secondary user is modeled as a constant sum differential game which is called PUE attak game. The secondary user's objective is to find the optimal sensing strategy so as to maximize its overall channel usability, while the attacker's objective is to minimize the secondary user's overall channel usability. The Nash equilibrium solution of this PUE attack game is deprived, and the optimal anti-PUE attack strategy is obtained. Numerical results demonstrate the trajectories of the secondary user's optimal channel sensing strategies over time, and also shows that: by following the differential game solution, the secondary user can always optimize its channel usability when confronting PUE attacks.

DOI： 10.1109/AINA.2012.84

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In 1984, Ong, Schnorr and Shamir proposed an efficient signature scheme (OSS signature scheme) using a bivariate quadratic equation. Its security was believed to be based on the difficulty of integer factorization. However, an efficient attack without integer factorization was subsequently found. In 2008, Hashimoto and Sakurai proposed an extended scheme (HS scheme), based on OSS signature scheme that used multivariate and non-commutative ring. HS scheme uses a composite number as a modulus in the same manner as OSS signature scheme. In this paper, we redefine HS scheme in such a way that it deals with not only integers modulo a composite number, but also elements of a finite field. In the case of a finite field, it becomes a scheme in the multivariate public key cryptosystem. In fact, its public key is constructed by a version of Rainbow in which all the components in the parameter are equal. (We call such a Rainbow a uniformly-layered Rainbow.) In particular, our scheme is a candidate for post-quantum cryptography. If a non-commutative ring used in the proposed scheme is chosen by the group ring associated to dihedral group, the speed of the signature generation can be accelerated by about 50% in comparison with the corresponding Rainbow. We analyze the security of the extended HS scheme against some attacks and conclude that if its base field is GF(256), then the dimension of a non-commutative ring must be more than 10 in order to be secure.

DOI： 10.1007/978-3-642-25405-5_18

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We discuss countermeasure against insider threats in network security aspect. In the context of countermeasure against insider threats, there is no perimeter for access control in a network and a traditional process by using a firewall on a perimeter are not suitable. We show a mechanism of countermeasure against insider threats in network security for countermeasure technically and legally.

DOI： 10.1109/INCoS.2011.156

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In the design of electronic cash systems, we usually focus on preventing customers' malicious behaviors. However, since authorities such as banks and certificate authorities may have important secret data of customers, the insider attacks by the untrusted authorities also need to be handled carefully. Miyazaki and Sakurai [1] first evaluated security of offline anonymous electronic cash systems against the insider attacks by untrusted authorities. They analyzed the security of the existing electronic cash systems and categorized the systems into four types. In this paper, we reconsider the security of offline anonymous electronic cash systems including more recent systems based on the classification of Miyazaki and Sakurai.

DOI： 10.1109/INCoS.2011.146

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Proxy re-encryption is a useful concept and many proxy re-encryption schemes have been proposed in the asymmetric encryption setting. In the asymmetric encryption setting, proxy re-encryption can be beautifully implemented because many operations are available to directly transform a cipher to another cipher without the proxy needs to access the plaintexts. However, in many situations, for a better performance, the data is encrypted using symmetric ciphers. Most symmetric ciphers do not support proxy cryptography because of malleability (that is needed to implement the proxy re-encryption) is not a desired property in a secure encryption scheme. In this paper, we suggest an idea to implement a pure proxy re-encryption for the symmetric ciphers by first transforming the plaintext into a random sequence of blocks using an All or nothing transform (AONT). We show an example of the proxy re-encryption scheme using a weak encryption (i.e. simple permutation) that has a simple conversion function to convert a permutation to another. The encryption scheme exploits three characteristics of an AONT transformation: (1) the output of an AONT is a pseudorandom, (2) the output of an AONT cannot be transformed back if any parts is missing, and (3) the output of an AONT cannot be transformed back without having all blocks with correct position. We show security argument of the proposed scheme and its performance evaluation.

DOI： 10.1007/978-3-642-25327-0_23

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The objective of creating malicious software (i.e., malware), intruding computers and conducting malicious activities is shifted from showing off attacker's computer skills to earning money. Thus, recent attackers take more sophisticated and effective malware infection ways such as malware infection via malicious Web sites as well as the traditional exploitations like worm propagation. The malicious Web sites attempt to compromise machines by drive-by-download attack which redirects users to exploiting sites and install malware compulsorily in their machines by exploiting vulnerabilities of their Web browser or plugins. As a countermeasure for these malicious Web sites, blacklisting URLs or domains of them is significant. However, attackers tend to change the URLs or domains in a short period to avoid the blacklist. Thus, a blacklisting scheme which can filter even unknown malicious Web sites is critical. In this paper, we first analyze characteristics of malicious Web sites by their domain information such as AS (Autonomous System), IP address block, IP address, domain, and registrar. Second, we evaluate reputations of IP address blocks and registrars used by attackers. Then, we propose a blacklisting scheme constructed of the combination of IP address block and registrars with low reputation, that is, intensively used by attackers. From our experimental results, the Web sites with the same combination with low reputation appeared over long period, which indicates that our proposed blacklist has a certain capability of filtering unknown malicious Web sites.

DOI： 10.1109/TrustCom.2011.46

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The multivariate public key cryptosystem (MPKC), which is based on the problem of solving a set of multivariate systems of quadratic equations over a finite field, is expected to be secure against quantum attacks. Although there are several existing schemes in MPKC that survived known attacks and are much faster than RSA and ECC, there have been few discussions on security against physical attacks, aside from the work of Okeya et al. (2005) on side-channel attacks against Sflash. In this study, we describe general fault attacks on MPKCs including Big Field type (e.g. Matsumoto-Imai, HFE and Sflash) and Stepwise Triangular System (STS) type (e.g. UOV, Rainbow and TTM/TTS). For both types, recovering (parts of) the secret keys S,T with our fault attacks becomes more efficient than doing without them. Especially, on the Big Field type, only single fault is sufficient to recover the secret keys.

DOI： 10.1007/978-3-642-25405-5_1

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

One of the most challenging issues in Mobile Ad-Hoc Network (MANET) is that the insiders are untrustworthy in packet forwarding stage. All the nodes which loss data-packets over a preset threshold can be generalized as Suspicious Insiders. To intimidate these suspicious insiders and reduce packet dropping, surveillance is the most direct and easiest method. In this paper, we propose a novel surveillance mechanism to monitor the packet dropping of suspicious insiders. On one hand, our work provides the monitor with optimal strategies which will maximize its long term utility; On the other hand, our work presents an on-demand monitoring scheme which will balance the tradeoff between security and resource consumption. First, we utilize a reputation scheme to distinguish suspicious insiders from legitimate members, and quantify the threat level of the suspicious insiders. Then taking into consideration security and resource consumption, we utilize game theory to analyze the interaction between monitor and suspicious insider. Finally, optimal mixed-strategy is computed to identify the best way for the monitor to respond to the suspicious insider.

DOI： 10.1007/978-3-642-25283-9_16

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

To design a method of document access control with flexibility, generality and fine-granularity, we establish a document access control model, which is an abstract description for general scene of document access. Security policies are presented to describe security constraints, so as to meet security requirements of this model. In order to demonstrate the theories and strategies more intuitively, we design a prototype system of document access control based on XACML-RBAC framework to verify the validity of model and algorithms and the feasibility of mechanism. It realizes the authorization protection of the standard OFFICE documents.

DOI： 10.1007/978-3-642-25283-9_2

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In order to protect Mobile Internet Protocol Version 6 (MIPv6), considerable researches have been made, consequently followed by various security protocols, which are based on public key cryptography. Especially, depending on a proper address based public key method, these protocols use each node's address as a public key certificate to authenticate its public key because no global public key infrastructure is available in MIPv6 environments. In addition, they execute an appropriate address test to check if a node exists at its claimed address. With such security features, the protocols prevent critical attacks including redirect, man-in-the middle, and denial of service ones. On the other hand, it is clearly of paramount importance to formally evaluate the MIPv6 security protocols to design them without flaws. Unfortunately, there is lack of the formal verification method to precisely reason about their correctness while considering their unique security properties to our best knowledge. In this paper, we propose an extended SVO logic for the thorough verification of the MIPv6 security protocols. Then, we show its effectiveness by applying the proposed logic to four security protocols.

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Game theory has been receiving immense concern to deal with attacks in wireless ad hoc networks, which are widely employed in a large range of applications but vulnerable to various attacks. Previous works provided readers with comprehensive understanding of game theoretic solutions on cyber security problems. However, they neglect the relationship between attack characteristics and the corresponding game features. In this paper, we study the application of game theory on attacks in wireless ad hoc networks. Specifically, we present a classification which associates attack characteristics with types of game players and then examine the relationship between attack scenarios and types of corresponding game models. By illustrating the different players and game types in a variety of game theoretic approaches, we provide a comprehensive view on game based solutions to attacks in wireless ad hoc networks.

DOI： 10.4156/ijact.vol3.issue8.35

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster or upper C&C servers. Furthermore, we propose a framework for botmaster trace back. In this framework, owners of servers which become to C&C server will collaborate and share the communication patterns for trace back. To do this, we propose the information sharing using communication pattern monitoring tools with the servers.

DOI： 10.1109/IMIS.2011.152

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Digital content distribution services require that 1) only valid user devices that has a valid key can decrypt the broadcasting content, 2) the keys can no longer be used to decrypt the content, if keys in a device are revealed, and 3) invalid users who illegally use keys in a device can be identified. This paper proposes a broadcast encryption scheme with traitor tracing based on the ternary tree structure. We design a new cover-finding algorithm and label assignment algorithm in order to achieve a coalition-resistant revocation and tracing schemes. In our scheme, the number of labels stored in a client device can be reduced by about 20.4 percent and the average header length by up to 15.0 percent in the case where the total number of devices is 65,536. The efficiency of the traitor tracing is the same as the complete subtree method, and its computational cost imposed on a client device stays within O(logn). Our scheme is an improvement of the complete subtree and difference subset methods.

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In this paper, we propose a novel privacy-preserving location assurance protocol for secure location-aware services over vehicular ad hoc networks (VANETs). In particular, we introduce the notion of location-aware credentials based on "hash-sign-switch" paradigm so as to guarantee the trustworthiness of location in location-aware services while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides efficient procedures that alleviate a burden of computation for location-aware signature generation and verification on vehicles in VANETs. In order to achieve these goals, we consider online/offline signature scheme and identity-based aggregate signature scheme as our building blocks. Finally, we demonstrate experimental results to confirm the efficiency and effectiveness of the proposed protocol.

DOI： 10.1007/978-3-642-23300-5_21

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

As a lot of sophisticated duties are being migrated to mobile phones, they are gradually becoming hot targets of hackers. Actually, during the past few years, It has appeared many malware targeting mobile phones and the situation is getting worse. Under this circumstance, we may ask a serious question: whether can those infected phones be organized to a botnet? In this paper, we present a design of such a botnet using Short Message Service (SMS) as its Command and Control (C&C) medium. We cover all the aspects of the botnet design including the stealthiness protection, the topology selecting and the botnet maintaining. Our simulations show that in our proposed SMS-based botnet a newly issued C&C message can be covertly propagated to over 90% of the total 20000 bots within 20 minutes based on a simple flooding algorithm. Moreover, in this process each bot sends no more than four SMS messages and the botnet is robust to both random and selective node failures. Thereby, we demonstrate that the proposed mobile botnet is indeed a serious threat on the security of the mobile computing environment. For this reason, we further explore several effective defense strategies against such a botnet. In doing so, we hope to be one step ahead of the hackers to discover and prevent this upcoming threat.

DOI： 10.1007/978-3-642-21040-2_19

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

The distributed system made the large-scale scientific computing possible in a cost effective way. And the hardware resources in such systems are also getting much cheaper than years before. However, the problem of executing the job using minimum resources is still reasonable and important, especially for the cloud environment, who has to save energy and control cost. Unfortunately, only a few existing scheduling algorithms have taken into account the resource usage issue. In this study, with considering the realistic network topology and communication model, we firstly propose the Deadline, Reliability, Resources-aware (DRR) scheduling algorithm. The theory analysis fully demonstrate that, the output schedule of our algorithm can satisfy the user's requirement on reliability and deadline. Through the experiments, with setting the deadline less than the makespan of the MaxRe algorithm's output schedule, we find that our algorithm can complete the job under this deadline. Besides, our algorithm can save almost 50% computation resources and 70% communication resources than FTSA(bl) and FTSA(tl+bl) [3] algorithms.

DOI： 10.1109/AINA.2011.87

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In recent years, it has been found that middle modifications and attacks widely exist when web pages are transferred from a web server to a user via HTTP. And the reason is that HTTP does not guarantee the integrity of network traffic. This paper presents a protocol which enforces integrity protection in web page against the so called In-flight page change by using a novel fragile watermarking chain scheme. The protocol not only can have a better performance than HTTPS by supporting the web cache technology, but also save the communication bandwidth and storage space of the web server. Furthermore, it can locate the unauthorized modification of HTML code more precisely than existing solutions.

DOI： 10.1145/1968613.1968715

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We consider the problem of constructing a secure cloud storage service to which users outsource sensitive data for sharing with others where, in particular, the service provider is not completely trusted by the customer. Cloud storage service denotes an architectural shift toward thin clients and conveniently centralized provision of both computing and storage resources. When utilizing cloud storage for secure data sharing, one of the main motivating problems of this architecture is providing thin clients with both strong data confidentiality and flexible fine-grained access control without imposing additional cost on them (clients). To achieve this goal, we propose a novel data sharing protocol by combining and exploiting two of the latest attribute based cryptographic techniques, attribute-based encryption (ABE) and attribute-based signature (ABS). Furthermore, we also give a detailed comparison of our scheme with several latest existing schemes.

DOI： 10.1007/978-3-642-21031-0_7

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP. © 2011 Inderscience Enterprises Ltd.

DOI： 10.1504/IJAHUC.2011.038997

記述言語：英語   掲載種別：研究論文（学術雑誌）  

In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP.

DOI： 10.1504/IJAHUC.2011.038997

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（学術雑誌）  

The Mobile Broadband Association has developed the MIS and MISAUTH protocols as link-layer fast authentication protocols. A combination of MIS and MISAUTH protocols, called as MISP, provides secure and fast connection for a wireless access network, but it has been reported that MISP creates a weak session key and suffers from a denial-of-service attack. In addition, a transaction with an authentication server that is required for every authentication is considered as a delay factor during handovers. In this paper, we present an improvement of MISP that utilizes the fast handover approach of Fast Mobile IPv6 and minimizes an involvement of the authentication server while eliminating identified security drawbacks of MISP. The formal security analysis is performed to verify the correctness of the proposed scheme. Moreover, the handover performance of the proposed scheme is compared with an existing scheme.

DOI： 10.3233/MIS-2011-0121

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Those host-based intrusion detection models like VPStatic first construct a model of acceptable behaviors for each monitored program via static analysis, and then perform intrusion detection by comparing them with programs' runtime behaviors. These models usually share the highly desirable feature that they do not produce false alarms but face the conflicts between accuracy and efficiency. For instance, the high accuracy of the VP- Static model is at the cost of high space complexity. In this paper, we use a statically-constructed state transition table (SiT), which records expected transitions among system calls as well as their stack states (return address lists), as a behavior model to perform context-sensitive intrusion detection. According to our analysis, our STE model improves the space efficiency of the VPStatic model without decreasing its high precision and time effi ciency. Experiments show that for three test programs, memory uses of our STE models are all much less than half of the VPStatic models'. Thereby, we alleviate the conflicts between the accuracy and the efficiency.

DOI： 10.1587/transfun.E94.A.255

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

We propose a distributed key generation protocol for the threshold Paillier cryptosystem. Often in the multiparty computation based on the threshold Paillier cryptosystem, the existence of a trusted dealer is assumed to distribute secret key shares, but it can be a single point of attack, so it is not preferable. Building on the threshold Paillier cryptosystem with a trusted dealer, we show how to eliminate the trusted dealer by robust distributed key generation without using safe primes.

DOI： 10.1007/978-3-642-17955-6_4

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Recently, an image scrambling encryption algorithm which makes use of one-dimensional chaos system for shuffling the pixel bits was proposed in [G.-D. Ye, Pattern Recognition Lett. 31(2010) 347-354]. Through the scrambling algorithm, the pixel locations and values can be encrypted at the same time. This scheme can be thought of as a typical binary image scrambling encryption considering the bit-plain of size (formula presented). In [Li C.Q., Lo K. T., http://arxiv.org/PS_cache/arxiv/pdf/0912/0912.1918v2.pdf], Li et al. proposed an attack using more than ⌈log ₂(formula presented)⌉ many known-plaintext images to recover the original plain image with the noise of size M ×N. The same principle is also suitable for the chosen-plaintext attack which can obtain the exact plain image. In the current paper, a simple attack on the original scheme is presented by applying chosen-plaintext images. Using our attack, the encryption vectors (formula presented) and (formula presented) and the decryption vectors TM′ and TN′ can be recovered completely. The experimental simulations on two standard images of size 128 ×128 and 256 ×256 justify our analysis. It is shown that the recovered images are identical with the corresponding original images. For both the original images, the number of chosen-plaintext images required in our scheme is 9, where as to do the same using the scheme proposed in Li et al.’ attack, at least 17 and 19 chosen-plaintext images there will be required respectively. Moreover, the some method can be also used for chosen-ciphertext attack which reveals the decryption vectors TM′ and TN′ directly. Note that our attacks are also successful under iteration system which is remarked in the conclusions.

DOI： 10.1007/978-3-642-18405-5_5

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Watermarking is one of the most effective techniques for copyright protection and information hiding. It can be applied in many fields of our society. Nowadays, some image scrambling schemes are used as one part of the watermarking algorithm to enhance the security. Therefore, how to select an image scrambling scheme and what kind of the image scrambling scheme may be used for watermarking are the key problems. Evaluation method of the image scrambling schemes can be seen as a useful test tool for showing the property or flaw of the image scrambling method. In this paper, a new scrambling evaluation system based on spatial distribution entropy and centroid difference of bit-plane is presented to obtain the scrambling degree of image scrambling schemes. Our scheme is illustrated and justified through computer simulations. The experimental results show (in Figs. 6 and 7) that for the general gray-scale image, the evaluation degree of the corresponding cipher image for the first 4 significant bit-planes selection is nearly the same as that for the 8 bit-planes selection. That is why, instead of taking 8 bit-planes of a gray-scale image, it is sufficient to take only the first 4 significant bit-planes for the experiment to find the scrambling degree. This 50% reduction in the computational cost makes our scheme efficient.

DOI： 10.1007/978-3-642-18405-5_4

記述言語：英語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Wireless sensor networks (WSN) have been widely used in various applications. Since their sensor nodes are resource-constrained, key management is one of the most challenging issues in design of WSN. Currently, various efficient lightweight key management schemes have been proposed to enable encryption and authentication in WSN for different application scenarios. According to different requirements, it is important to select the trustworthy key management schemes in a WSN for setting up a fully trusted WSN mechanism. In this context, adaptive methods are required to evaluate those schemes. In this paper, we exploit Analytic Hierarchy Process (AHP) to help with the complex decision. Specifically, we consider the following performance criteria: scalability, key connectivity, resilience, storage overhead, processing overhead and communication overhead. Our method is able help choosing a suitable scheme for given requirements.

DOI： 10.1145/1968613.1968680

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/INCoS.2011.171

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

To achieve security in wireless sensor networks (WSNs), key management is one of the most challenging issues in design of WSN due to resource-constrained sensor nodes. Various key management schemes (KMs) have been proposed to enable encryption and authentication in WSN for different application scenarios. According to different equirements, it is important to select the trustworthy KMs in a WSN for setting up a fully appropriate WSN mechanism. An Analytic Hierarchy Process (AHP)-aided method helping with the complex decision has been presented in our previous work. Our purpose in this paper is to do performance analysis of KMs in WSN using our previous AHP-aided method. We analyze the characters of abundance KMs intuitively. The following five performance criteria are considered: scalability, key connectivity, resilience, storage overhead and communication overhead. As all permutations of five performance criteria include 120 types' situations, experimental analyses on 43 KMs for the optimum selection are presented.

DOI： 10.1109/TrustCom.2011.243

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

Wire-tap channel coding allows information-theoretically secure communication between legitimate sender and receiver in presence of an eavesdropper Eve, whose channel is subject to noise. A secrecy capacity for their communication is equal to capacity of the channel connecting them, minus capacity of Eve's channel, when the channels are assumed independent and affected by additive white Gaussian noise. In order to increase the secrecy capacity, we propose to employ a coding scheme using matched filter. The legitimate parties are assumed to share a pre-shared key of the matched filter, secretly from Eve. Hereby, the legitimate parties can use it to increase the capacity of their channel, while Eve cannot. We propose to apply this scheme to indoor wireless communication over IEEE 802.11 wireless LAN, analyze advantages of our construction and discuss an appropriate selection of coding scheme fitting the IEEE 802.11 protocol specification.

DOI： 10.1109/MSN.2011.40

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1002/sec.195

記述言語：英語   掲載種別：研究論文（学術雑誌）  

Trust research is a key issue in peer-to-peer (P2P) networks. Reputation-based trust models as one of the good solutions to resolve the trust problems in P2P network are received more and more attention in recent years. One of the fundamental challenges is to capture the evolving nature of a trust relationship between peers and reflect the varied bias or preference of peers in a distributed and open environment. In this paper, we present a fine-grained trust computation model for P2P networks. Our model defines the service as a fined-grained quality-of-service (QoS) (N-dimensional vector), and in order to accurate the recommendation trust computing, several concepts are introduced to reflect the recommenders' current status, history behavior, and the gap between these two behaviors. Also, we firstly introduce the Gauss-bar function to measure the preference similarity between peers. All these will result in a flexible model which represents trust in a manner more close to human intuitions and satisfies the diverse QoS requirements of peers in P2P networks. The extensive simulations have confirmed the efficiency of our model.

DOI： 10.1002/sec.165

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/TrustCom.2011.268