Hyoungshick Kim

• Sungkyunkwan University

Power consumption data play a crucial role in demand management and abnormality detection in smart grids. Despite its management benefits, analyzing power consumption data leads to profiling consumers and opens privacy issues. To demonstrate this, we present a power profiling model for smart grid consumers based on real-time load data acquired from...

The exploration of backdoor vulnerabilities in object detectors, particularly in real-world scenarios, remains limited. A significant challenge lies in the absence of a natural physical backdoor dataset, and constructing such a dataset is both time- and labor-intensive. In this work, we address this gap by creating a large-scale dataset comprising...

Despite stringent data protection regulations, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other country-specific laws, numerous websites continue to use cookies to track user activities, raising significant privacy concerns. This study aims to investigate the compliance of e-commerce websi...

We present Blind-Match, a novel biometric identification system that leverages homomorphic encryption (HE) for efficient and privacy-preserving 1:N matching. Blind-Match introduces a HE-optimized cosine similarity computation method, where the key idea is to divide the feature vector into smaller parts for processing rather than computing the entir...

Decentralized Finance (DeFi) offers a whole new investment experience and has quickly emerged as an enticing alternative to Centralized Finance (CeFi). Rapidly growing market size and active users, however, have also made DeFi a lucrative target for scams and hacks, with 1.95 billion USD lost in 2023. Unfortunately, no prior research thoroughly inv...

Establishing trust and helping experts debug and understand the inner workings of deep learning models, interpretation methods are increasingly coupled with these models, building interpretable deep learning systems. However, adversarial attacks pose a significant threat to public trust by making interpretations of deep learning models confusing an...

Phishing attacks pose a significant threat to Internet users, with cybercriminals elaborately replicating the visual appearance of legitimate websites to deceive victims. Visual similarity-based detection systems have emerged as an effective countermeasure, but their effectiveness and robustness in real-world scenarios have been unexplored. In this...

Traditional one-time authentication mechanisms cannot authenticate smartphone users’ identities throughout the session – the concept of using behavioral-based biometrics captured by the built-in motion sensors and touch data is a candidate to solve this issue. Many studies proposed solutions for behavioral-based continuous authentication; however,...

Homomorphic encryption (HE) enables privacy-preserving deep learning by allowing computations on encrypted data without decryption. However, deploying convolutional neural networks (CNNs) with HE is challenging due to the need to convert input data into a two-dimensional matrix for convolution using the im2col technique, which rearranges the input...

Decentralized Identity (DID) is emerging as a new digital identity management scheme that promises users complete control of their personal data and identification without central authority involvement. The World Wide Web Consortium (W3C) has drafted the DID standard and provided reference implementations. We conduct a security analysis of the W3C...

Smart contracts are self-executing programs stored and executed on a blockchain platform. However, previous studies demonstrated that developing secure smart contracts is not easy. Unfortunately, the use of insecure smart contracts results in a significant financial loss for service providers or customers. Therefore, identifying security vulnerabil...

In this paper, we present a novel Single-class target-specific Adversarial attack called SingleADV. The goal of SingleADV is to generate a universal perturbation that deceives the target model into confusing a specific category of objects with a target category while ensuring highly relevant and accurate interpretations. The universal perturbation...

One of the main challenges in deploying a keystroke dynamics-based continuous authentication scheme on smartphones is ensuring low error rates over time. Unstable false rejection rates (FRRs) would lead to frequent phone locks during long-term use, and deteriorating attack detection rates would jeopardize its security benefits. The fact that it is...

Smart contracts are self-executing programs on a blockchain to ensure immutable and transparent agreements without the involvement of intermediaries. Despite the growing popularity of smart contracts for many blockchain platforms like Ethereum, smart contract developers cannot prevent copying their smart contracts from competitors due to the absenc...

Anomaly detection has been known as an effective technique to detect faults or cyber-attacks in industrial control systems (ICS). Therefore, many anomaly detection models have been proposed for ICS. However, most models have been implemented and evaluated under specific circumstances, which leads to confusion about choosing the best model in a real...

Malware variants are generated using various evasion techniques to bypass malware detectors, so it is important to understand what properties make them evade malware detection techniques. To do this, a framework is proposed to effectively generate fully-working, unseen malware samples on Windows portable executable (PE) files with various perturbat...

In the big data arena, opportunities and challenges are mixed. The volume of data in the financial institution is proliferating, which imposes a challenge to big data analytics to ensure safety during each transaction. Moreover, as more and more social networking sites (SNS) are integrating an inbuilt online payment system into their domain, an exp...

Training highly performant deep neural networks (DNNs) typically requires the collection of a massive dataset and the use of powerful computing resources. Therefore, unauthorized redistribution of private pre-trained DNNs may cause severe economic loss for model owners. For protecting the ownership of DNN models, DNN watermarking schemes have been...

To enhance the performance of web services, web servers often compress data to be delivered. Unfortunately, the data compression technique has also introduced a side effect called compression side-channel attacks (CSCA). CSCA allows eavesdroppers to unveil secret strings included in the encrypted traffic by observing the length of data. A promising...

Collaborative inference has recently emerged as an attractive framework for applying deep learning to Internet of Things (IoT) applications by splitting a DNN model into several subpart models among resource-constrained IoT devices and the cloud. However, the reconstruction attack was proposed recently to recover the original input image from inter...

A user’s location information can be used to identify the user. For example, in Android, we can keep our smartphone unlocked when it is located near a place that was previously registered as a trusted place. However, existing location-based user authentication solutions failed to support fine-grained indoor location registration. In this paper, we...

Fast Proxy Mobile IPv6 (FPMIPv6) is an extension of the PMIPv6 mobility management deployed as part of the next-generation internet protocol. It allows location-independent routing of IP datagrams, based on local mobility to IPv6 hosts without involvement of stations in the IP address signaling. A mobile node keeps its IP address constant as it mov...

As a well-known physical unclonable function that can provide huge number of challenge response pairs (CRP) with a compact design and fully compatibility with current electronic fabrication process, the arbiter PUF (APUF) has attracted great attention. To improve its resilience against modeling attacks, many APUF variants have been proposed so far....

Since Bitcoin appeared in 2009, over 6,000 different cryptocurrency projects have followed. The cryptocurrency world may be the only technology where a massive number of competitors offer similar services yet claim unique benefits, including scalability, fast transactions, and security. But are these projects really offering unique features and sig...

Deep learning models have been shown to be vulnerable to recent backdoor attacks. A backdoored model behaves normally for inputs containing no attacker-secretly-chosen trigger and maliciously for inputs with the trigger. To date, backdoor attacks and countermeasures mainly focus on image classification tasks. And most of them are implemented in the...

Federated learning (FL) and split learning (SL) are state-of-the-art distributed machine learning techniques to enable machine learning without accessing raw data on clients or end devices. However, their comparative training performance under real-world resource-restricted Internet of Things (IoT) device settings, e.g., Raspberry Pi, remains barel...

A physical unclonable function (PUF) generates hardware intrinsic volatile secrets by exploiting uncontrollable manufacturing randomness. Several PUF candidates use challenge-response pairs (CRPs) to enhance their security. A practically plausible idea for PUF is to use the technique called n-Choose-k-Sum (nCk) structure/topology, exemplified by th...

Because connected cars typically have several communication capabilities (through 5G, WiFi, and Bluetooth), and third-party applications can be installed on the cars, it would be essential to deploy intrusion detection systems (IDS) to prevent attacks from external attackers or malicious applications. Therefore, many IDS proposals have been present...

Because the recent ransomware families are becoming progressively more advanced, it is challenging to detect ransomware using static features only. However, their behaviors are still more generic and universal to analyze due to their inherent goals and functions. Therefore, we can capture their behaviors by monitoring their system-level activities...

Collaborative inference has recently emerged as an intriguing framework for applying deep learning to Internet of Things (IoT) applications, which works by splitting a DNN model into two subpart models respectively on resource-constrained IoT devices and the cloud. Even though IoT applications' raw input data is not directly exposed to the cloud in...

News on social media can significantly influence users, manipulating them for political or economic reasons. Adversarial manipulations in the text have proven to create vulnerabilities in classifiers, and the current research is towards finding classifier models that are not susceptible to such manipulations. In this paper, we present a novel techn...

Quick Response (QR) codes are widely used due to their versatility and low deployment cost. However, the existing QR code standard is ineffective for security-critical applications (e.g., electronic identity management) as the stored information can be easily exposed to unauthorized parties. Moreover, it does not provide sufficient storage capacity...

Creating a state-of-the-art deep-learning system requires vast amounts of data, expertise, and hardware, yet research into copyright protection for neural networks has been limited. One of the main methods for achieving such protection involves relying on the susceptibility of neural networks to backdoor attacks in order to inject a watermark into...

A fundamental premise of SMS One-Time Password (OTP) is that the used pseudo-random numbers (PRNs) are uniquely unpredictable for each login session. Hence, the process of generating PRNs is the most critical step in the OTP authentication. An improper implementation of the pseudo-random number generator (PRNG) will result in predictable or even st...

Federated learning (FL) and split learning (SL) are state-of-the-art distributed machine learning techniques to enable machine learning training without accessing raw data on clients or end devices. However, their \emph{comparative training performance} under real-world resource-restricted Internet of Things (IoT) device settings, e.g., Raspberry P...

This work designs and evaluates a run-time deep neural network (DNN) model Trojan detection method exploiting STRong Intentional Perturbation of inputs that is a multi-domain Trojan detection defence across Vision, Text and Audio domains---termed as STRIP-ViTA. Specifically, STRIP-ViTA is demonstratively independent of not only task domain but also...

Ransomware is a growing threat that typically operates by either encrypting a victim's files or locking a victim's computer until the victim pays a ransom. However, it is still challenging to detect such malware timely with existing traditional malware detection techniques. In this paper, we present a novel ransomware detection system, called "Peel...

Decentralized identifiers (DID) has shown great potential for sharing user identities across different domains and services without compromising user privacy. DID is designed to enable the minimum disclosure of the proof from a user’s credentials on a need-to-know basis with a contextualized delegation. At first glance, DID appears to be well-suite...

Convolutional Neural Networks (CNNs) deployed in real-life applications such as autonomous vehicles have shown to be vulnerable to manipulation attacks, such as poisoning attacks and fine-tuning. Hence, it is essential to ensure the integrity and authenticity of CNNs because compromised models can produce incorrect outputs and behave maliciously. I...

This book constitutes the revised selected papers from the 22nd International Conference on Information Security Applications, WISA 2021, which took place on Jeju Island, South Korea, during August 2021. The 23 papers included in this book were carefully reviewed and selected from 66 submissions. They were organized in topical sections as follows:...

Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients’ health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. Recently, Adavoudi-Jolfaei...

Providing a cross-domain federated identity is essential for next-generation Internet services because information about user identity should be seamlessly exchanged across different domains for authentication and authorization. Federated identity can enable users to use various services through a single account. However, conventional federated ide...

As an essential processing step in computer vision applications, image resizing or scaling, more specifically downsampling, has to be applied before feeding a normally large image into a convolutional neural network (CNN) model because CNN models typically take small fixed-size images as inputs. However, image scaling functions could be adversarial...

The latest smartphones have started providing multiple authentication options including PINs, patterns, and passwords (knowledge based), as well as face, fingerprint, iris, and voice identification (biometric-based). In this article, we conducted two user studies to investigate how the convenience and security of unlocking phones are influenced by...

There have been many efforts to detect rumors using various machine learning (ML) models, but there is still a lack of understanding of their performance against different rumor topics and available features, resulting in a significant performance degrade against completely new and unseen (unknown) rumors. To address this issue, we investigate the...

Internet users in South Korea seem to have clearly different web browser choices and usage patterns compared to the rest of the world, heavily using Internet Explorer (IE) or multiple browsers. Our work is primarily motivated to investigate the reasons for such differences in web browser usage, relating with the use of government mandated security...

Image spam emails are often used to evade text-based spam filters that detect spam emails with their frequently used keywords. In this paper, we propose a new image spam email detection tool called DeepCapture using a convolutional neural network (CNN) model. There have been many efforts to detect image spam emails, but there is a significant perfo...

Most shipping companies provide a package tracking system where customers can easily track their package delivery status when the package is being shipped. However, we present a security problem called enumeration attacks against package tracking systems in which attackers can collect customers’ personal data illegally through the systems. We speci...

This work provides the community with a timely comprehensive review of backdoor attacks and countermeasures on deep learning. According to the attacker's capability and affected stage of the machine learning pipeline, the attack surfaces are recognized to be wide and then formalized into six categorizations: code poisoning, outsourcing, pretrained,...

Image spam emails are often used to evade text-based spam filters that detect spam emails with their frequently used keywords. In this paper, we propose a new image spam email detection tool called DeepCapture using a convolutional neural network (CNN) model. There have been many efforts to detect image spam emails, but there is a significant perfo...

To accelerate the deployment of fifth-generation (5G) cellular networks, millions of devices are being connected to massive Internet of Things (IoT) networks. However, advances in the scale of connectivity on 5G networks may increase the attack surface of these devices, thereby increasing the number of attack opportunities. To address the potential...

Extensive use of unmanned aerial vehicles (commonly referred to as a “drone”) has posed security and safety challenges. To mitigate security threats caused by flights of unauthorized drones, we present a framework called SENTINEL (Secure and Efficient autheNTIcation for uNmanned aErial vehicLes) under the Internet of Drones (IoD) infrastructure. SE...

Creating a state-of-the-art deep-learning system requires vast amounts of data, expertise, and hardware, yet research into embedding copyright protection for neural networks has been limited. One of the main methods for achieving such protection involves relying on the susceptibility of neural networks to backdoor attacks, but the robustness of the...

As the number of network devices is increasing and they are highly connected, network attacks have become more complex and varied. To mitigate these attacks, multiple types of network security equipment are used in combination, requiring considerable security knowledge of each type of network security equipment. Also, the deployment of network secu...

This work is the first attempt to evaluate and compare felderated learning (FL) and split neural networks (SplitNN) in real-world IoT settings in terms of learning performance and device implementation overhead. We consider a variety of datasets, different model architectures, multiple clients, and various performance metrics. For learning performa...

A new collaborative learning, called split learning, was recently introduced, aiming to protect user data privacy without revealing raw input data to a server. It collaboratively runs a deep neural network model where the model is split into two parts, one for the client and the other for the server. Therefore, the server has no direct access to ra...

As the number of controllers and devices increases in Industrial Internet of Things (IIoT) applications, it is essential to provide a secure and usable user authentication system for human operators who have to manage tens or hundreds of controllers and devices with his/her password. In this paper, we propose a formally verified certificate-based a...

This article proposes a generic framework to detect device spoofing attacks using physical network characteristics that are hard for an attacker to mimic, including received signal strength indicator and round trip time. A technological challenge with this approach is that those values can change over time and affect the detection accuracy. To over...

To help smartphone users protect their phone, fingerprint-based authentication systems (e.g., Apple’s Touch ID) have increasingly become popular in smartphones. In web applications, however, fingerprint-based authentication is still rarely used. One of the most serious concerns is the lack of technology for securely storing fingerprint data used fo...

In the current centralized IoT ecosystems, all financial transactions are routed through IoT platform providers. The security and privacy issues are inevitable with an untrusted or compromised IoT platform provider. To address these issues, we propose Hy-Bridge, a hybrid blockchain-based billing and charging framework. In Hy-Bridge, the IoT platfor...

Sensor data on a user’s mobile device can often be used to identify the user for improving the security of smartphones in indoor environments. In this paper, we present a novel continuous user identification system called LightLock that collects light sensor data from a user’s smartphone and analyzes them to identify a specific user using a machine...