Showing total 123 results

101. Measuring the Histogram Feature Vector for Anomaly Network Traffic.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, and Wei Yan

Abstract

Recent works have shown that Internet traffics are self- similar over several time scales from microseconds to minutes. On the other hand, the dramatic expansion of Internet applications give rise to a fundamental challenge to the network security. This paper presents a statistical analysis of the Internet traffic Histogram Feature Vector, which can be applied to detect the traffic anomalies. Besides, the Variant Packet Sending-interval Link Padding based on heavy-tail distribution is proposed to defend the traffic analysis attacks in the low or medium speed anonymity system. [ABSTRACT FROM AUTHOR]

Published

2005

102. A Statistical Model for Detecting Abnormality in Static-Priority Scheduling Networks with Differentiated Services.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Ming Li, and Wei Zhao

Abstract

This paper presents a new statistical model for detecting signs of abnormality in static-priority scheduling networks with differentiated services at connection levels on a class-by-class basis. The formulas in terms of detection probability, miss probability, probabilities of classifications, and detection threshold are proposed. Keywords: Anomaly detection, real-time systems, traffic constraint, static-priority scheduling networks, differentiated services, time series. [ABSTRACT FROM AUTHOR]

Published

2005

103. SoIDPS: Sensor Objects-Based Intrusion Detection and Prevention System and Its Implementation.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, SeongJe Cho, Hye-Young Chang, HongGeun Kim, and WoongChul Choi

Abstract

In this paper, we propose an intrusion detection and prevention system using sensor objects that are a kind of trap and are accessible only by the programs that are allowed by the system. Any access to the sensor object by disallowed programs or any transmission of the sensor object to outside of the system is regarded as an intrusion. In such case, the proposed system logs the related information on the process as well as the network connections, and terminates the suspicious process to prevent any possible intrusion. By implementing the proposed method as Loadable Kernel Module (LKM) in the Linux, it is impossible for any process to access the sensor objects without permission. In addition, the security policy will be dynamically applied at run time. Experimental results show that the security policy is enforced with negligible overhead, compared to the performance of the unmodified original system. [ABSTRACT FROM AUTHOR]

Published

2005

104. A New Network Anomaly Detection Technique Based on Per-Flow and Per-Service Statistics.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Waizumi, Yuji, Kudo, Daisuke, Kato, Nei, and Nemoto, Yoshiaki

Abstract

In the present network security management, improvements in the performances of Intrusion Detection Systems(IDSs) are strongly desired. In this paper, we propose a network anomaly detection technique which can learn a state of network traffic based on per-flow and per-service statistics. These statistics consist of service request frequency, characteristics of a flow and code histogram of payloads. In this technique, we achieve an effective definition of the network state by observing the network traffic according to service. Moreover, we conduct a set of experiments to evaluate the performance of the proposed scheme and compare with those of other techniques. [ABSTRACT FROM AUTHOR]

Published

2005

105. Sampling Distance Analysis of Gigantic Data Mining for Intrusion Detection Systems.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Yong-Chang Jiao, Yong Zeng, and Jianfeng Ma

Abstract

Real-Time intrusion detection system (IDS) based on traffic analysis is one of the highlighted topics of network security researches. Restricted by computer resources, real-time IDS is computationally infeasible to deal with gigantic operations of data storage and analyzing in real world. As a result, the sampling measurement technique in a high-speed network becomes an important issue in this topic. Sampling distance analysis of gigantic data mining for IDS is shown in this paper. Based on differential equation theory, a quantitative analysis of the effect of IDS on the network traffic is given firstly. Secondly, a minimum delay time of IDS needed to detect some kinds of intrusions is analyzed. Finally, an upper bound of the sampling distance is discussed. Proofs are given to show the efficiency of our approach. [ABSTRACT FROM AUTHOR]

Published

2005

106. An Immune System Inspired Approach of Collaborative Intrusion Detection System Using Mobile Agents in Wireless Ad Hoc Networks.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Ki-Won Yeom, and Ji-Hyung Park

Abstract

Many single points of failure exist in an intrusion detection system (IDS) based on a hierarchical architecture that does not have redundant communication lines and the capability to dynamically reconfigure relationships in the case of failure of key components. To solve this problem, we propose an IDS inspired by the human immune system based upon several mobile agents. The mobile agents act similarly to white blood cells of the immune system and travel from host to host in the network to detect any intrusions. As in the immune system, intrusions are detected by distinguishing between "self" and "non-self", or normal and abnormal process behavior respectively. In this paper we present our model, and show how mobile agent and artificial immune paradigms can be used to design efficient intrusion detection systems. We also discuss the validation of our model followed by a set of experiments we have carried out to evaluate the performance of our model using realistic case studies. [ABSTRACT FROM AUTHOR]

Published

2005

107. Insider Impersonation-MIM Attack to Tripartite Key Agreement Scheme and an Efficient Protocol for Multiple Keys.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Lihua Wang, Okamoto, Takeshi, Takagi, Tsuyoshi, and Okamoto, Eiji

Abstract

In this paper, we introduce the definition of insiderimpersonation -MIM attack for tripartite key agreement schemes and show that almost all of the proposed schemes are not secure under this attack. We present a new protocol which is much more efficient than the existential secure protocol [13] in terms of computational efficiency and transmitted data size. Moreover, our protocol is the first scheme for multiple keys which means that not only a large number of keys but also various kinds of keys can be generated by applying our scheme. [ABSTRACT FROM AUTHOR]

Published

2005

108. Efficient Compilers for Authenticated Group Key Exchange.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Qiang Tang, and Mitchell, Chris J.

Abstract

In this paper we propose two compilers which are designed to transform a group key exchange protocol secure against any passive adversary into an authenticated group key exchange protocol with key confirmation which is secure against any passive adversary, active adversary, or malicious insider. We show that the first proposed compiler gives protocols that are more efficient than those produced by the compiler of Katz and Yung. [ABSTRACT FROM AUTHOR]

Published

2005

109. A Token-Based Single Sign-On Protocol.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Li Hui, and Shen Ting

Abstract

A token based single sign-on protocol for distribution systems is proposed in this paper. When a user C logs on a system, a centralized authentication server A will authenticate C and issue C a token which is signed by A and includes a session key generated by A as well as a time stamp. C can use the token to access any application server S.S will send the C's request to the A. Then A will verify the validity of the token. There are two advantages of this protocol: 1) Time synchronization between severs S and the user C is not necessary. 2) All authentication state information such as session key is stored in the token rather than in the memory of A, thus the performance of A can be promoted effectively.We have used SVO logic to do formal analysis of this protocol. [ABSTRACT FROM AUTHOR]

Published

2005

110. An Identity-Based Threshold Signcryption Scheme with Semantic Security.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Changgen Peng, and Xiang Li

Abstract

This paper designs a secure identity-based threshold signcryption scheme from the bilinear pairings. The construction is based on the recently proposed signcryption scheme of Libert and Quisquater [6]. Our scheme not only has the properties of identity-based and threshold, but also can achieve semantic security under the Decisional Bilinear Diffie-Hellman assumption. It can be proved secure against forgery under chosen message attack in the random oracle model. In the private key distribution protocol, we adopt such method that the private key associated with an identity rather than the master key is shared. In the threshold signcryption phase, we provide a new method to check the malicious members. This is the first identity-based threshold signcryption scheme that can simultaneously achieve both semantic security and others security, such as unforgeability, robustness, and non-repudiation. [ABSTRACT FROM AUTHOR]

Published

2005

111. Efficient ID-Based Proxy Signature and Proxy Signcryption Form Bilinear Pairings.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Qin Wang, and Zhenfu Cao

Abstract

In this paper, based on bilinear pairings, we would like to construct an identity based proxy signature scheme and an identity based proxy signcryption scheme without secure channel. We also analyze the two proposed schemes from efficiency point of view and show that they are more efficient than the existed ones. What's more, our proposed schemes satisfy all of the security requirements to proxy signature and proxy signcryption schemes assuming the CDH problem and BDH problem are hard to solve. [ABSTRACT FROM AUTHOR]

Published

2005

112. On the Security of Some Password-Based Key Agreement Schemes.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Qiang Tang, and Mitchell, Chris J.

Abstract

In this paper we show that three potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon's scheme, namely the first password-based key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from some of these security vulnerabilities. We further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770-4 and IEEE P1363.2, also suffer from these security vulnerabilities. Finally, we propose means to remove these security vulnerabilities. [ABSTRACT FROM AUTHOR]

Published

2005

113. The Running-Mode Analysis of Two-Party Optimistic Fair Exchange Protocols.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Yuqing Zhang, Zhiling Wang, and Bo Yang

Abstract

In this paper, we present a method of running-mode to analyze the fairness of two-party optimistic fair exchange protocols. After discussing the premises and assumptions of analysis introduced in this technique, we deduce all the possible running modes that may cause attack on the protocols. Then we illustrate our technique on the Micali's Electronic Contract Signing Protocol (ECS1), and the checking results show that there are three new attacks on the protocol. [ABSTRACT FROM AUTHOR]

Published

2005

114. An Efficient Certificateless Signature Scheme.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Gorantla, M. Choudary, and Saxena, Ashutosh

Abstract

Traditional certificate based cryptosystem requires high maintenance cost for certificate management. Although, identity based cryptosystem reduces the overhead of certificate management, it suffers from the drawback of key escrow. Certificateless cryptosystem combines the advantages of both certificate based and identity based cryptosystems as it avoids the usage of certificates and does not suffer from key escrow. In this paper, we propose a pairing based certificateless signature scheme that is efficient than the existing scheme. [ABSTRACT FROM AUTHOR]

Published

2005

115. ID-Based Restrictive Partially Blind Signatures.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Xiaofeng Chen, Fangguo Zhang, and Shengli Liu

Abstract

Restrictive blind signatures allow a recipient to receive a blind signature on a message not know to the signer but the choice of message is restricted and must conform to certain rules. Partially blind signatures allow a signer to explicitly include necessary information (expiration date, collateral conditions, or whatever) in the resulting signatures under some agreement with receiver. Restrictive partially blind signatures incorporate the advantages of these two blind signatures. The existing restrictive partially blind signature scheme was constructed under certificate-based (CA-based) public key systems. In this paper we follow Brand's construction to propose the first identity-based (ID-based) restrictive blind signature scheme from bilinear pairings. Furthermore, we first propose an ID-based restrictive partially blind signature scheme, which is provably secure in the random oracle model. [ABSTRACT FROM AUTHOR]

Published

2005

116. Error Oracle Attacks on Several Modes of Operation.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Fengtong Wen, Wenling Wu, and Qiaoyan Wen

Abstract

In [7] Vaudenay demonstrated side-channel attacks on CBC-mode encryption, exploiting a "valid padding" oracle. His work showed that several uses of CBC-mode encryption in well-known products and standards were vulnerable to attack when an adversary was able to distinguish between valid and invalid ciphertexts. In [2][5] [6], Black, Paterson,Taekeon et al.generalized these attacks to various padding schemes of CBC-mode encryption and multiple modes of operation. In this paper, we study side-channel attacks on the CFB, CBC CBC, CFBCFB, CBCCBCCBC, CFBCFBCFB modes under the error oracle models, which enable an adversary to determine the correct message with knowledge of ciphertext. It is shown that an attacker can exploit an oracle to efficiently extract the corresponding position plaintext bits of any block if the target plaintext contains some fixed bits in a known position of one block. [ABSTRACT FROM AUTHOR]

Published

2005

117. Cryptanalysis of a Cellular Automata Cryptosystem.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Jingmei Liu, Xiangguo Cheng, and Xinmei Wang

Abstract

In this paper we show that the new Cellular Automata Cryptosystem (CAC) is insecure and can be broken by chosen-plaintexts attack with little computation. We also restore the omitted parts clearly by deriving the rotating number δ of plaintext bytes and the procedure of Major CA. The clock circle Δ of Major CA and the key SN are also attacked. [ABSTRACT FROM AUTHOR]

Published

2005

118. Special Distribution of the Shortest Linear Recurring Sequences in Z /(p) Field.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Qian Yin, Yunlun Luo, and Ping Guo

Abstract

In this paper, the distribution of the shortest linear recurring sequences in Z /(p) is studied. It is found that the shortest linear recurrent length is always equal to n / 2 when n is even and is always equal to n / 2+1 when n is odd for any sequence whose length is n. In other words, the shortest linear recurring length is always equal to the half of the length of the given sequence. The probability of finding the distribution of the shortest linear recurring length of two sequences in Z / (p) field is also given. [ABSTRACT FROM AUTHOR]

Published

2005

119. On the Security of Condorcet Electronic Voting Scheme.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Yoon Cheol Lee, and Doi, Hiroshi

Abstract

In this paper, we focus on the Condorcet voting scheme in which each voter votes with the full order of the candidates according to preference, and the result of the election is determined by one-on-one comparisons between each candidate. We propose the Condorcet electronic voting scheme that is secure, universally verifiable and satisfying one-on-one comparison privacy. Furthermore the result of the election can be determined without revealing the order of the candidates which each voter specified. We use a matrix to represent the order of all the candidates according to preference, and satisfy one-on-one comparison privacy using homomorphic property. [ABSTRACT FROM AUTHOR]

Published

2005

120. Design of a New Kind of Encryption Kernel Based on RSA Algorithm.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Ping Dong, Xiangdong Shi, and Jiehui Yang

Abstract

Fast realization of RSA algorithm by hardware is a significant and challenging task. In this paper an ameliorative Montgomery algorithm that makes for hardware realization to actualize the RSA algorithm is proposed. This ameliorative algorithm avoids multiplication operation, which is easier for hardware realization. In the decryption and digital signature process, a combination of this ameliorative Montgomery algorithm and the Chinese remainder theorem is applied, which could quadruple the speed of the decryption and digital signature compared to the encryption. Furthermore, a new hardware model of the encryption kernel based on the ameliorative Montgomery is founded whose correctness and feasibility is validated by Verilog HDL in practice. [ABSTRACT FROM AUTHOR]

Published

2005

121. FMS Attack-Resistant WEP Implementation Is Still Broken.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Ohigashi, Toshihiro, Shiraishi, Yoshiaki, and Morii, Masakatu

Abstract

In this paper, we present an attack to break WEP that avoids weak IVs used in the FMS attack. Our attack is a known IV attack that doesn't need the specific pattern of the IVs. This attack transforms most IVs of WEP into weak IVs. If we attempt to avoid all weak IVs used in our attack, the rate at which IVs are avoided is too large to use practical. When using a 128-bit session key, the efficiency of our attack is 272.1 in the most effective case. This implies that our attack can recover a 128-bit session key within realistically possible computational times. [ABSTRACT FROM AUTHOR]

Published

2005

122. An ID-Based Optimistic Fair Signature Exchange Protocol from Pairings.

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Chunxiang Gu, Yuefei Zhu, and Yajuan Zhang

Abstract

ID-based public key cryptosystem can be a good alternative for certificate-based public key setting. The protocol for fair exchange of signatures can be widely used in signing digital contracts, e-payment and other electronic commerce. This paper proposes an efficient ID-based verifiably encrypted signature scheme from pairings. Using this new scheme as kernel, we provide an efficient ID-based optimistic fair signature exchange protocol. We offer arguments for the fairness, efficiency and security proof of our new protocol. Our new protocol provides an efficient and secure solution for the problem of fair exchange of signatures in ID-based cryptosystem. [ABSTRACT FROM AUTHOR]

Published

2005

123. A Fast Inversion Algorithm and Low-Complexity Architecture over GF(2m).

Author

Yue Hao, Jiming Liu, Yu-Ping Wang, Yiu-ming Cheung, Hujun Yin, Licheng Jiao, Jianfeng Ma, Yong-Chang Jiao, Sosun Kim, Nam Su Chang, Chang Han Kim, Young-Ho Park, and Jongin Lim

Abstract

The performance of public-key cryptosystems is mainly appointed by the underlying finite field arithmetic. Among the basic arithmetic operations over finite field, the multiplicative inversion is the most time consuming operation. In this paper, a fast inversion algorithm over GF(2m) with the polynomial basis representation is proposed. The proposed algorithm executes in about 27.5% or 45.6% less iterations than the extended binary gcd algorithm (EBGA) or the montgomery inverse algorithm (MIA) over GF(2163), respectively. In addition, we propose a new hardware architecture to apply for low-complexity systems. The proposed architecture takes approximately 48.3% or 24.9% less the number of reduction operations than [4] or [8] over GF(2239), respectively. Furthermore, it executes in about 21.8% less the number of addition operations than [8] over GF(2163). [ABSTRACT FROM AUTHOR]

Published

2005