Visible to the public Biblio

Found 784 results

Filters: First Letter Of Last Name is K  [Clear All Filters]
A B C D E F G H I J [K] L M N O P Q R S T U V W X Y Z   [Show ALL]
K
Kwon, Hyun, Yoon, Hyunsoo, Choi, Daeseon.  2018.  POSTER: Zero-Day Evasion Attack Analysis on Race Between Attack and Defense. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. :805–807.

Deep neural networks (DNNs) exhibit excellent performance in machine learning tasks such as image recognition, pattern recognition, speech recognition, and intrusion detection. However, the usage of adversarial examples, which are intentionally corrupted by noise, can lead to misclassification. As adversarial examples are serious threats to DNNs, both adversarial attacks and methods of defending against adversarial examples have been continuously studied. Zero-day adversarial examples are created with new test data and are unknown to the classifier; hence, they represent a more significant threat to DNNs. To the best of our knowledge, there are no analytical studies in the literature of zero-day adversarial examples with a focus on attack and defense methods through experiments using several scenarios. Therefore, in this study, zero-day adversarial examples are practically analyzed with an emphasis on attack and defense methods through experiments using various scenarios composed of a fixed target model and an adaptive target model. The Carlini method was used for a state-of-the-art attack, while an adversarial training method was used as a typical defense method. We used the MNIST dataset and analyzed success rates of zero-day adversarial examples, average distortions, and recognition of original samples through several scenarios of fixed and adaptive target models. Experimental results demonstrate that changing the parameters of the target model in real time leads to resistance to adversarial examples in both the fixed and adaptive target models.

Kwon, Hyun, Yoon, Hyunsoo, Park, Ki-Woong.  2019.  Selective Poisoning Attack on Deep Neural Network to Induce Fine-Grained Recognition Error. 2019 IEEE Second International Conference on Artificial Intelligence and Knowledge Engineering (AIKE). :136–139.

Deep neural networks (DNNs) provide good performance for image recognition, speech recognition, and pattern recognition. However, a poisoning attack is a serious threat to DNN's security. The poisoning attack is a method to reduce the accuracy of DNN by adding malicious training data during DNN training process. In some situations such as a military, it may be necessary to drop only a chosen class of accuracy in the model. For example, if an attacker does not allow only nuclear facilities to be selectively recognized, it may be necessary to intentionally prevent UAV from correctly recognizing nuclear-related facilities. In this paper, we propose a selective poisoning attack that reduces the accuracy of only chosen class in the model. The proposed method reduces the accuracy of a chosen class in the model by training malicious training data corresponding to a chosen class, while maintaining the accuracy of the remaining classes. For experiment, we used tensorflow as a machine learning library and MNIST and CIFAR10 as datasets. Experimental results show that the proposed method can reduce the accuracy of the chosen class to 43.2% and 55.3% in MNIST and CIFAR10, while maintaining the accuracy of the remaining classes.

Kwon, K. Hazel, Priniski, J. Hunter, Sarkar, Soumajyoti, Shakarian, Jana, Shakarian, Paulo.  2017.  Crisis and Collective Problem Solving in Dark Web: An Exploration of a Black Hat Forum. Proceedings of the 8th International Conference on Social Media & Society. :45:1–45:5.

This paper explores the process of collective crisis problem-solving in the darkweb. We conducted a preliminary study on one of the Tor-based darkweb forums, during the shutdown of two marketplaces. Content analysis suggests that distrust permeated the forum during the marketplace shutdowns. We analyzed the debates concerned with suspicious claims and conspiracies. The results suggest that a black-market crisis potentially offers an opportunity for cyber-intelligence to disrupt the darkweb by engendering internal conflicts. At the same time, the study also shows that darkweb members were adept at reaching collective solutions by sharing new market information, more secure technologies, and alternative routes for economic activities.

Kwon, Y., Kim, H. K., Koumadi, K. M., Lim, Y. H., Lim, J. I..  2017.  Automated Vulnerability Analysis Technique for Smart Grid Infrastructure. 2017 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1–5.

A smart grid is a fully automated power electricity network, which operates, protects and controls all its physical environments of power electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various vulnerability analysis methodologies for general systems have been suggested, whereas there has been few practical research targeting the smart grid infrastructure. In this paper, we highlight the significance of security vulnerability analysis in the smart grid environment. Then we introduce various automated vulnerability analysis techniques from executable files. In our approach, we propose a novel binary-based vulnerability discovery method for AMI and EV charging system to automatically extract security-related features from the embedded software. Finally, we present the test result of vulnerability discovery applied for AMI and EV charging system in Korean smart grid environment.

Kwon, Yonghwi, Kim, Dohyeong, Sumner, William Nick, Kim, Kyungtae, Saltaformaggio, Brendan, Zhang, Xiangyu, Xu, Dongyan.  2016.  LDX: Causality Inference by Lightweight Dual Execution. Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems. :503–515.

Causality inference, such as dynamic taint anslysis, has many applications (e.g., information leak detection). It determines whether an event e is causally dependent on a preceding event c during execution. We develop a new causality inference engine LDX. Given an execution, it spawns a slave execution, in which it mutates c and observes whether any change is induced at e. To preclude non-determinism, LDX couples the executions by sharing syscall outcomes. To handle path differences induced by the perturbation, we develop a novel on-the-fly execution alignment scheme that maintains a counter to reflect the progress of execution. The scheme relies on program analysis and compiler transformation. LDX can effectively detect information leak and security attacks with an average overhead of 6.08% while running the master and the slave concurrently on separate CPUs, much lower than existing systems that require instruction level monitoring. Furthermore, it has much better accuracy in causality inference.

Kwon, Youngjin, Dunn, Alan M., Lee, Michael Z., Hofmann, Owen S., Xu, Yuanzhong, Witchel, Emmett.  2016.  Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services. Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems. :277–290.

Sego is a hypervisor-based system that gives strong privacy and integrity guarantees to trusted applications, even when the guest operating system is compromised or hostile. Sego verifies operating system services, like the file system, instead of replacing them. By associating trusted metadata with user data across all system devices, Sego verifies system services more efficiently than previous systems, especially services that depend on data contents. We extensively evaluate Sego's performance on real workloads and implement a kernel fault injector to validate Sego's file system-agnostic crash consistency and recovery protocol.

Kwon, Youngjin, Dunn, Alan M., Lee, Michael Z., Hofmann, Owen S., Xu, Yuanzhong, Witchel, Emmett.  2016.  Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services. Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems. :277–290.

Sego is a hypervisor-based system that gives strong privacy and integrity guarantees to trusted applications, even when the guest operating system is compromised or hostile. Sego verifies operating system services, like the file system, instead of replacing them. By associating trusted metadata with user data across all system devices, Sego verifies system services more efficiently than previous systems, especially services that depend on data contents. We extensively evaluate Sego's performance on real workloads and implement a kernel fault injector to validate Sego's file system-agnostic crash consistency and recovery protocol.

Kyaw, A. T., Oo, M. Zin, Khin, C. S..  2020.  Machine-Learning Based DDOS Attack Classifier in Software Defined Network. 2020 17th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON). :431–434.
Due to centralized control and programmable capability of the SDN architecture, network administrators can easily manage and control the whole network through the centralized controller. According to the SDN architecture, the SDN controller is vulnerable to distributed denial of service (DDOS) attacks. Thus, a failure of SDN controller is a major leak for security concern. The objectives of paper is therefore to detect the DDOS attacks and classify the normal or attack traffic in SDN network using machine learning algorithms. In this proposed system, polynomial SVM is applied to compare to existing linear SVM by using scapy, which is packet generation tool and RYU SDN controller. According to the experimental result, polynomial SVM achieves 3% better accuracy and 34% lower false alarm rate compared to Linear SVM.
Kyoungwoo Heo.  2014.  An Accumulated Loss Recovery Algorithm on Overlay Multicast System Using Fountain Codes. Information Science and Applications (ICISA), 2014 International Conference on. :1-3.

In this paper, we propose an accumulated loss recovery algorithm on overlay multicast system using Fountain codes. Fountain code successfully decodes the packet loss, but it is weak in accumulated losses on multicast tree. The proposed algorithm overcomes an accumulated loss and significantly reduces delay on overlay multicast tree.