About
167
Publications
25,588
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,280
Citations
Introduction
Skills and Expertise
Publications
Publications (167)
![Impact of the privacy budget ϵ\documentclass[12pt]{minimal}...](publication/363290416/figure/fig4/AS:11431281083141837@1662429721444/Impact-of-the-privacy-budget-edocumentclass12ptminimal-usepackageamsmath_Q320.jpg)
Collaborative inference has recently emerged as an attractive framework for applying deep learning to Internet of Things (IoT) applications by splitting a DNN model into several subpart models among resource-constrained IoT devices and the cloud. However, the reconstruction attack was proposed recently to recover the original input image from inter...
A user’s location information can be used to identify the user. For example, in Android, we can keep our smartphone unlocked when it is located near a place that was previously registered as a trusted place. However, existing location-based user authentication solutions failed to support fine-grained indoor location registration. In this paper, we...
Fast Proxy Mobile IPv6 (FPMIPv6) is an extension of the PMIPv6 mobility management deployed as part of the next-generation internet protocol. It allows location-independent routing of IP datagrams, based on local mobility to IPv6 hosts without involvement of stations in the IP address signaling. A mobile node keeps its IP address constant as it mov...
As a well-known physical unclonable function that can provide huge number of challenge response pairs (CRP) with a compact design and fully compatibility with current electronic fabrication process, the arbiter PUF (APUF) has attracted great attention. To improve its resilience against modeling attacks, many APUF variants have been proposed so far....
Since Bitcoin appeared in 2009, over 6,000 different cryptocurrency projects have followed. The cryptocurrency world may be the only technology where a massive number of competitors offer similar services yet claim unique benefits, including scalability, fast transactions, and security. But are these projects really offering unique features and sig...
Deep learning models have been shown to be vulnerable to recent backdoor attacks. A backdoored model behaves normally for inputs containing no attacker-secretly-chosen trigger and maliciously for inputs with the trigger. To date, backdoor attacks and countermeasures mainly focus on image classification tasks. And most of them are implemented in the...
Federated learning (FL) and split learning (SL) are state-of-the-art distributed machine learning techniques to enable machine learning without accessing raw data on clients or end devices. However, their comparative training performance under real-world resource-restricted Internet of Things (IoT) device settings, e.g., Raspberry Pi, remains barel...
Because the recent ransomware families are becoming progressively more advanced, it is challenging to detect ransomware using static features only. However, their behaviors are still more generic and universal to analyze due to their inherent goals and functions. Therefore, we can capture their behaviors by monitoring their system-level activities...
Collaborative inference has recently emerged as an intriguing framework for applying deep learning to Internet of Things (IoT) applications, which works by splitting a DNN model into two subpart models respectively on resource-constrained IoT devices and the cloud. Even though IoT applications' raw input data is not directly exposed to the cloud in...
News on social media can significantly influence users, manipulating them for political or economic reasons. Adversarial manipulations in the text have proven to create vulnerabilities in classifiers, and the current research is towards finding classifier models that are not susceptible to such manipulations. In this paper, we present a novel techn...
Quick Response (QR) codes are widely used due to their versatility and low deployment cost. However, the existing QR code standard is ineffective for security-critical applications (e.g., electronic identity management) as the stored information can be easily exposed to unauthorized parties. Moreover, it does not provide sufficient storage capacity...
Creating a state-of-the-art deep-learning system requires vast amounts of data, expertise, and hardware, yet research into copyright protection for neural networks has been limited. One of the main methods for achieving such protection involves relying on the susceptibility of neural networks to backdoor attacks in order to inject a watermark into...
Federated learning (FL) and split learning (SL) are state-of-the-art distributed machine learning techniques to enable machine learning training without accessing raw data on clients or end devices. However, their \emph{comparative training performance} under real-world resource-restricted Internet of Things (IoT) device settings, e.g., Raspberry P...
This work designs and evaluates a run-time deep neural network (DNN) model Trojan detection method exploiting STRong Intentional Perturbation of inputs that is a multi-domain Trojan detection defence across Vision, Text and Audio domains---termed as STRIP-ViTA. Specifically, STRIP-ViTA is demonstratively independent of not only task domain but also...
Ransomware is a growing threat that typically operates by either encrypting a victim's files or locking a victim's computer until the victim pays a ransom. However, it is still challenging to detect such malware timely with existing traditional malware detection techniques. In this paper, we present a novel ransomware detection system, called "Peel...
Convolutional Neural Networks (CNNs) deployed in real-life applications such as autonomous vehicles have shown to be vulnerable to manipulation attacks, such as poisoning attacks and fine-tuning. Hence, it is essential to ensure the integrity and authenticity of CNNs because compromised models can produce incorrect outputs and behave maliciously. I...
Providing a cross-domain federated identity is essential for next-generation Internet services because information about user identity should be seamlessly exchanged across different domains for authentication and authorization. Federated identity can enable users to use various services through a single account. However, conventional federated ide...
As an essential processing step in computer vision applications, image resizing or scaling, more specifically downsampling, has to be applied before feeding a normally large image into a convolutional neural network (CNN) model because CNN models typically take small fixed-size images as inputs. However, image scaling functions could be adversarial...
The latest smartphones have started providing multiple authentication options including PINs, patterns, and passwords (knowledge based), as well as face, fingerprint, iris, and voice identification (biometric-based). In this article, we conducted two user studies to investigate how the convenience and security of unlocking phones are influenced by...
There have been many efforts to detect rumors using various machine learning (ML) models, but there is still a lack of understanding of their performance against different rumor topics and available features, resulting in a significant performance degrade against completely new and unseen (unknown) rumors. To address this issue, we investigate the...
Internet users in South Korea seem to have clearly different web browser choices and usage patterns compared to the rest of the world, heavily using Internet Explorer (IE) or multiple browsers. Our work is primarily motivated to investigate the reasons for such differences in web browser usage, relating with the use of government mandated security...
Image spam emails are often used to evade text-based spam filters that detect spam emails with their frequently used keywords. In this paper, we propose a new image spam email detection tool called DeepCapture using a convolutional neural network (CNN) model. There have been many efforts to detect image spam emails, but there is a significant perfo...
Most shipping companies provide a package tracking system where customers can easily track their package delivery status when the package is being shipped. However, we present a security problem called enumeration attacks against package tracking systems in which attackers can collect customers’ personal data illegally through the systems. We speci...
Extensive use of unmanned aerial vehicles (commonly referred to as a “drone”) has posed security and safety challenges. To mitigate security threats caused by flights of unauthorized drones, we present a framework called SENTINEL (Secure and Efficient autheNTIcation for uNmanned aErial vehicLes) under the Internet of Drones (IoD) infrastructure. SE...
Creating a state-of-the-art deep-learning system requires vast amounts of data, expertise, and hardware, yet research into embedding copyright protection for neural networks has been limited. One of the main methods for achieving such protection involves relying on the susceptibility of neural networks to backdoor attacks, but the robustness of the...
As the number of network devices is increasing and they are highly connected, network attacks have become more complex and varied. To mitigate these attacks, multiple types of network security equipment are used in combination, requiring considerable security knowledge of each type of network security equipment. Also, the deployment of network secu...
As the number of controllers and devices increases in Industrial Internet of Things (IIoT) applications, it is essential to provide a secure and usable user authentication system for human operators who have to manage tens or hundreds of controllers and devices with his/her password. In this paper, we propose a formally verified certificate-based a...
This article proposes a generic framework to detect device spoofing attacks using physical network characteristics that are hard for an attacker to mimic, including received signal strength indicator and round trip time. A technological challenge with this approach is that those values can change over time and affect the detection accuracy. To over...
To help smartphone users protect their phone, fingerprint-based authentication systems (e.g., Apple’s Touch ID) have increasingly become popular in smartphones. In web applications, however, fingerprint-based authentication is still rarely used. One of the most serious concerns is the lack of technology for securely storing fingerprint data used fo...
In the current centralized IoT ecosystems, all financial transactions are routed through IoT platform providers. The security and privacy issues are inevitable with an untrusted or compromised IoT platform provider. To address these issues, we propose Hy-Bridge, a hybrid blockchain-based billing and charging framework. In Hy-Bridge, the IoT platfor...
Sensor data on a user’s mobile device can often be used to identify the user for improving the security of smartphones in indoor environments. In this paper, we present a novel continuous user identification system called LightLock that collects light sensor data from a user’s smartphone and analyzes them to identify a specific user using a machine...
Location-based information has become an attractive attribute for use in many services including localization, tracking, positioning, and authentication. An additional layer of security can be obtained
by verifying the identity of users who wish to access confidential resources only within restricted,
small, indoor trusted zones. The objective of t...
Decompilation is frequently used to analyze binary programs. In Android, however, decompilers all perform differently with varying apps due to their own characteristics. Obviously, there is no universal solution in all conditions. Based on this observation, we present a practical Android app decompilation system (called Kerberoid) that automaticall...
Many companies offer automatic speech recognition or Speech-to-Text APIs for use in diverse applications. However, audio classification algorithms trained with deep neural networks (DNNs) can sometimes misclassify adversarial examples, posing a significant threat to critical applications. In this paper, we present a novel way to create adversarial...
To understand users' risk perceptions about sharing their PHR on SNS, we first conducted a qualitative user study by interviewing 16 participants. Next, we conducted a large-scale online user study with 497 participants in the U.S. to validate our qualitative results from the first study. Our study results show that a majority of users do not show...
Existing continuous authentication proposals tend to have two major drawbacks. First, touch-based smartphone authentication approaches typically require explicit user interactions with the smartphone to collect sufficient touch data. These approaches may provide an attacker the opportunity to steal a victim's sensitive data before the system detect...
Rewarded advertisements are popularly used in the mobile advertising industry. In this paper, we analyze several rewarded advertisement applications to discover security weaknesses, which allow malicious users to automatically generate in-app activities for earning cash rewards on advertisement networks; we call this attack automated cash mining. T...
Voice assistant is an application that helps users to interact with their devices using voice commands in a more intuitive and natural manner. Recently, many voice assistant applications have been popularly deployed on smartphones and voice-controlled smart speakers. However, the threat and security of those applications have been examined only in...
Instant messaging applications store users' personal data (e.g., user profile, chat messages, photos and video clips). Because those data typically include privacy sensitive information, most instant messaging applications are trying to protect the stored data in an encrypted form so that the authorized messaging application itself can only access...
For long-distance flying, drones often need to charge their battery at quick battery-charging machines (QCMs) because of their limited battery capacity. If a drone individually chooses a QCM without any coordination, a drone network may experience QCM congestion when multiple drones select the same QCM. This QCM congestion may lead to an increasing...
Providing a secure and efficient communication system under network disruption without a trusted third party remains a challenging issue. To develop a secure and efficient system in such situations, we extend the conventional Off-The-Record (OTR) protocol into a new protocol named offline OTR (O²TR). O²TR provides end-to-end security between users...
Because of the dynamic nature of network traffic patterns, such as new traffic application arrivals or flash events, it is becoming increasingly difficult for conventional anomaly detection systems to separate various applications based on their traffic patterns. In this study, by leveraging transport layer packet-level and flow-level features, new...
Establishing secret command and control (C&C) channels from attackers is important in malware design. This paper presents design and analysis of malware architecture exploiting push notification services as C&C channels. The key feature of the push notification-based malware design is remote triggering , which allows attackers to trigger and execut...
This paper proposes a Smart Electric Bus (e-Bus) Battery SUbstitution Scheme called SBUS in a cloud-based e-Bus system for the efficient battery replacement during e-Bus services. A smart e-Bus system using cloud-based management is considered as an alternative public transportation system. The battery of an e-Bus often needs to replaced, which can...
Off-the-record (OTR) is a security protocol that can be used in privacy preserving instant messaging (IM) systems. However, the conventional OTR is not applicable in some practical scenarios (e.g., when communication network became disconnected) because OTR requires both parties to be online at the same time. To address this limitation, we extend t...
It is becoming increasingly necessary for organizations to build a Cyber Threat Intelligence (CTI) platform to fight against sophisticated attacks. To reduce the risk of cyber attacks, security administrators and/or analysts can use a CTI platform to aggregate relevant threat information about adversaries, targets and vulnerabilities, analyze it an...
A Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a defensive mechanism designed to differentiate humans and computers to prevent unauthorized use of online services by automated attacks. They often consist of a visual or audio test that humans can perform easily but that bots cannot solve. However, with curr...
A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) provides the first line of defense to protect websites against bots and automatic crawling. Recently, audio-based CAPTCHA systems are started to use for visually impaired people in many internet services. However, with the recent improvement of speech recognition...
Even though biometric authentication such as fingerprint authentication is popularly used, there are few network services supporting biometric authentication because many users have serious privacy concerns about leakage of the biometric data on a server. For example, in fingerprint authentication, a user's raw fingerprint is typically stored in pl...
We present a new Personal Identification Number (PIN) entry method for smartphones that can be used in security-critical applications, such as smartphone banking. The proposed “Two-Thumbs-Up” (TTU) scheme is resilient against observation attacks such as shoulder-surfing and camera recording, and guides users to protect their PIN information from ea...
Online game involves a very large number of users who are interconnected and interact with each other via the Internet. We studied the characteristics of exchanging virtual goods with real money through the processes called "real money trading (RMT)". This exchange might influence online game user behaviors and cause damage to the reputation of gam...
Electrical network frequency (ENF) signals have common patterns that can be used as signatures for identifying recorded time and location of videos and sound. To enable cost-efficient, reliable and scalable location inference, we created a reference map of ENF signals representing hundreds of locations world wide -- extracting real-world ENF signal...
