Yutaka MiyakeKDDI Research · Cybersecurity Laboratory
Yutaka Miyake
Doctor of Engineering
About
106
Publications
11,932
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
771
Citations
Introduction
Skills and Expertise
Publications
Publications (106)
For the security of IoT devices, the number and type of devices are generally large, so it is important to collect data efficiently and detect threats in a lightweight way. In this paper, we propose the architecture for malware detection, a method to detect malware using flow information, and a method to decrease the amount of transmission data bet...
ID-less palmprint recognition is a biometric identification method using the pattern of the palm. It is highly available because it can obtain biometric information in a contactless manner using only a smartphone’s camera in everybody’s hands. It is highly convenient because it does not require an ID and uses only biometric information. Furthermore...
Biometric information can have high similarity among different people but high variability within the same person. Therefore, it is difficult to identify a person or distinguish between two people based on biometric information. One way to address these issues is to use certain biometric information as pivots to define the feature space of biometri...
Residential Internet service providers (ISPs) today have limited device-level visibility into subscriber houses, primarily due to network address translation (NAT) technology. The continuous growth of “unmanaged” consumer Internet of Things (IoT) devices combined with the rise of work-from-home makes home networks attractive targets to sophisticate...
Many smartphones are equipped with a biometric authentication function to prevent their unauthorized use. An authentication method using palmprint as a physical feature has been proposed. Palmprints can be authenticated without special devices because the features of palmprints can be acquired using a smartphone camera. However, impersonation may b...
In the future internet era, the Internet of Things (IoT) has consolidated its presence in the smart cities with a variety of innovative IoT platforms for the provisioning of relevant services. The provisioning of such services requires ubiquity, reliability, high-performance, efficiency, scalability. In order to accomplish this popular trend is to...
In recent years, lattice-based cryptography has attracted a high degree of attention in the cryptologic research community. It is expected to be in wide use in the foreseeable future once large quantum computers are in sight. On the other hand, JavaScript is a standard programming language for Web applications. It is now supported on a wide variety...
The Informed Consent of a data subject (e.g., citizen) is often necessary to allow the legitimate processing of personal data by a third party application. The current implementation of Informed Consent based on End User License Agreements (EULA) has many limitations, which are likely to become more critical in future IoT applications, where the co...
Time sequence data relating to users, such as medical histories and mobility data, are good candidates for data mining, but often contain highly sensitive information. Different methods in privacypreserving data publishing are utilised to release such private data so that individual records in the released data cannot be re-linked to specific users...
Lattice-based cryptography has attracted a high degree of attention in the cryptologic research community. It is expected to be in wide use in the foreseeable future once large quantum computers are in sight. In addition, JavaScript is a standard programming language for Web applications. It is now supported on a wide variety of computing platforms...
Opinions from people can either be biased or reflect low participation due to legitimate concerns about privacy and anonymity. To alleviate those concerns, the identity of a message sender should be disassociated from the message while the contents of the actual message should be hidden from any relaying nodes. We propose a novel message routing sc...
The success of the IoT world requires service provision attributed with ubiquity, reliability, high-performance, efficiency, scalability. In order to accomplish this attribution it is possible to merge the Cloud Computing and IoT concepts by combining global and local clouds, security gateways, communication interfaces, storage units and applicatio...
Proofs of Data Possession (PDPs) are protocols that allow a file owner to verify that a file stored at an outsourced server is stored entirely. From a security perspective, it must be difficult for the server to pass the verification protocol if the file is not available. Even though several efficient PDPs exist in the literature, to the best of ou...
Mobility data gathered from location sensors such as Global Positioning System (GPS) enabled phones and vehicles is valuable for spatio-temporal data mining for various location-based services (LBS). Such data is often considered sensitive and there exist many a mechanism for privacy preserving analyses of the data. Through various anonymisation me...
Cloud services provide advantages in terms of service scalability and availability of users' data, but increase concerns about the control that a user has over her own data. These concerns include not just issues related to access to the information itself, but issues about the effective deletion of the information by the cloud in compliance with t...
A method, an apparatus and a program for detecting spoofed Internet Protocol (IP) traffic directed to a network having a plurality of autonomous systems (AS) is provided. The method comprises receiving an incoming packet through an AS, the incoming packet containing a source IP address and a destination IP address, acquiring a corresponding source...
Oblivious RAM (ORAM) schemes, the concept introduced by Goldreich and Ostrovsky, are very useful technique for protecting users' privacy when storing data in remote untrusted servers and running software on untrusted systems. However they are usually considered impractical due to their huge overhead. In order to reduce overhead, many improveme...
The growth of online social networks has seen the utilisation of these network graphs for the purpose of providing recommendations. Automated recommendations, however, do not take into account inter-personal trust levels that exist in a social network. In this article, we propose a privacy-preserving trusted social feedback (TSF) scheme where users...
In this paper, we propose an anonymization scheme for generating a k-anonymous and l-diverse (or t-close) table, which uses three scoring functions, and we show the evaluation results for two different data sets. Our scheme is based on both top-down and bottom-up approaches for full-domain and partial-domain generalization, and the three different...
During the execution of a program the keys for encryption algorithms are in the random access memory (RAM) of the machine. Technically, it is easy to extract the keys from a dumped image of the memory. However, not many examples of such key extractions exist, especially during program execution. In this paper, we present a key extraction technique...
Simple Side-Channel Analyses (SSCA) are known as techniques to uncover a cryptographic secret from one single spied waveform. Up to now, these very powerful attacks have been illustrated on simple devices which leakage was obvious. On more advanced targets, such as high-end processors of smartphones, a simple visual analysis of the waveforms might...
In this paper, we present a protocol for a ID-based signature scheme using a tamper-resistant module that holds a private key for signing. This is a distributed-signature scheme, and a computation using a private key is executed on the tamper-resistant module (TRM), with the remaining computations performed on a host PC. The scheme is secure agains...
Wireless sensor networks (WSNs) have been deployed for several applications that use M2M communications. Malicious code propagation is considered a serious threat on WSNs. In this paper, we considere a simple, distributed remote attestation method for a WSN that does not require secret information, precise timing measurement, or a tamper-resistant...
In this paper, we report that we have solved the SVP Challenge over a 128-dimensional lattice in Ideal Lattice Challenge from TU Darmstadt, which is currently the highest dimension in the challenge that has ever been solved. The security of lattice-based cryptography is based on the hardness of solving the shortest vector problem (SVP) in lattices....
With the growth of social networks, recommender systems have taken advantage of the social network graph structures to provide better recommendation. In this paper, we propose a privacy preserving trusted social feedback (TSF) system, in which users obtain feedback on questions or items from their friends. It is different from and independent of a...
Ranking vast amounts of user-contributed content, such as digital photographs, is handled well through user-driven ranking, but user-driven ranking is often subjective and difficult to compare. The analytic hierarchy process helps making sense of subjective opinion, whereas finding a global ranking is a problem of rank aggregation of partially rank...
Network coding is a way of transmitting information where nodes in a network combine incoming packets into a single one to increase throughput in some scenarios, nodes wishing to get the original information can perform decoding when enough packets have been received. Given its efficiency, the exclusive or (XOR) operation is very popular for networ...
This paper presents a chosen-IV (Initial Vector) correlation power analysis on the international standard stream cipher KCipher-2 together with an effective countermeasure. First, we describe a power analysis technique which can reveal the secret key (initial key) of KCipher-2 and then evaluate the validity of the CPA with experiments using both FP...
KCipher-2 is a word-oriented stream cipher and an ISOJEC 18033 standard. It is listed as a CRYPTREC cryptographic algorithm for Japanese governmental use. It consists of two feedback shift registers and a non-linear function. The size of each register in KCipher-2 is 32 bits and the non-linear function mainly applies 32-bit operations. Therefore, i...
A proof of Data Possession (PDP) allows a client to verify that a remote server is still in possession of a file entrusted to it. One way to design a PDP, is to compute a function depending on a secret and the file. Then, during the verification stage, the client reveals the secret input to the server who recomputes the function and sends the outpu...
In this paper, we introduce a new architecture for personalized services. The architecture separates access control using a user own privacy policy from data storage for private information, and it supports privacy policy management by users. We design a core module, the Privacy Policy Manager (PPM). The module includes several functionalities: ID...
Recent years have seen a dramatic increase in the number and importance of mobile devices. The security properties that these devices provide to their applications, however, are inadequate to protect against many undesired behaviors. A broad class of such behaviors is violations of simple information-flow properties. This paper proposes an enforcem...
In recent years, the leakage of confidential files through the P2P (peer-to-peer) file sharing software has become a problem. Once sensitive files have been leaked to a P2P network, they are distributed rapidly and at random to a great many computers, bringing the danger of far-reaching damage. To deal with this, we propose a method to control the...
This paper proposes P3MCF, an efficient privacy-preserving, multi-domain collaborative filtering scheme for user oriented recommendations. P3MCF achieves a lightweight, high accuracy recommendation for a multi-domain recommendation system. In P3MCF, a data supplier transfers only statistical values on user ratings to recommenders in order to improv...
Developing emergency and disaster management systems is an important issue in our “computer society”. The primary issue is how to share information about a current disaster and the status of resource allocation for emergency management. System continuity management is another important issue on disaster-related issue. Furthermore, we should conside...
This paper presents a chosen-IV (Initial Vector) correlation power analysis on the international standard stream cipher KCipher-2 together with an effective countermeasure. First, we describe a power analysis technique which can reveal the secret key (initial key) of KCipher-2 and then evaluate the validity of the CPA with an experiment on an FPGA...
In this paper, we propose a user authentication method with mobile phone. In our proposal, a mobile phone with a Subscriber Identity Module (SIM) card is used as security token for user authentication on WEB services. This authentication method named SIM-based authentication provides a secure authentication because of robustness of the SIM card. Ho...
Organizations that are responsible for disaster and emergency management are faced with the issue of how to gather reliable and useful information during a major disaster. We consider an informationgathering platform for large-scale disasters and emergencies based on mobile terminals. A simple solution to realize an information-gathering system is...
We propose a practice-oriented scheme for protecting RAM access pattern. We first consider an instance which relies on the use of a secure (trusted) hardware buffer; it achieves both security and performance levels acceptable in practice by adapting ideas from oblivious RAM mechanisms, yet without the expensive (re-)shuffling of buffers. Another in...
In this paper, we focus on security-and-privacy-related issues that confront IT systems during disasters. We summarize these security and privacy issues in the context of two major areas of operation: information gathering and system continuity management. Then we provide the results of a survey on techniques for solving these issues. Finally, we d...
The risk of privacy breaches by malicious programs has been increasing, and these programs have used more elaborate techniques to circumvent detection. Attacks using a collaboration of applications are especially difficult to find since distinct applications obtain privacy-sensitive data and send the data to the outside. Current mobile platforms ha...
In this paper, we propose new ideas to protect user privacy while allowing the use of a user history graph. We define new privacy notions for user history graphs and consider algorithms to generate a privacy-preserving digraph from the original graph.
A key issue for an organization that is responsible for disaster and emergency management becomes how to gather reliable and useful information during a major disaster. We consider an information-gathering platform for large-scale disasters and emergencies based on mobile terminals. A simple solution to realize an information-gathering system is to...
When a cellular phone is lost or stolen, it may be used improperly or the personal information may be stolen from it by a malicious user. Biometric authentication such as palmprint recognition is the strongest of the personal authentication technologies designed to prevent such misuse. In biometric authentication, when compared with a local authent...
Establishment of a practical software protection method is a major issue in software distribution. There are several approaches to the issue; however, no practical, secure method for mobile phone applications has been proposed. In this paper, we propose a new software protection scheme combined with a tamper-proof device (TPD) in order to achieve c...
This paper proposes a broadcast encryption scheme with traitor tracing based on the ternary tree structure. The subset difference method with ternary tree reduces the communication cost and tracing cost of the original method with the binary tree. However, straightforward expansion of the method ends in failure due to the vulnerability to coalition...
In this paper, we propose an obfuscation scheme for the information contained in a trajectory of locations. The scheme requires no trusted entity for the obfuscation. The scheme includes two obfuscation methods, amplification and amalgamation, which obfuscates time-location information into a cylinder.
Existing approaches for protecting privacy in public database consider a service model where a service provider publishes public datasets that consist of data gathered from clients. We extend the service model to the multi-service providers setting. In the new model, a service provider obtains anonymized datasets from other service providers who ga...
Accidents of information leakage and insider threats by malicious employee are major issues in enterprise IT system. Data importance analysis methods can resolve this issue, the importance of data is automatically analyzed by the method and confirms whether the operation suits the security policy for the level of importance of the data. Insider thr...
It is preferable for authentication and key exchange protocols to be verified automatically and rapidly in accordance with security requirements. In order to meet these requirements, we proposed a security verification method for 2-party authentication and key exchange protocols based on Bellare et al.'s model and showed the verification points of...
A challenging task in privacy protection for public data is to realize an algorithm that generalizes a table according to requirements of a data user. In this paper, we propose an anonymization scheme for generating a k-anonymous and l-diverse table, and show evaluation results using three different tables. Our scheme is based on both top-down and...
Flow-based attacker detection is a common way to detect malicious hosts at a router on a high-traffic network with fewer computing resources. The most challenging aspect is to detect attackers that traverse well-known ports such as TCP ports 21, 25, 80, 443, etc. Although various methods have been studied, they cannot accurately detect such attacke...
In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster o...
As a bot communicates with a malicious controller over a normal communication or an encrypted channel and updates its code frequently, it becomes difficult to detect an infected personal computer (PC) using a signature-based intrusion detection system (IDS) and an antivirus system (AV). As sending control and attack packets from the bot process are...
We present the design of an apparatus that creates a protected personal communication channel over computer-embedded devices. The prototype implementation of the apparatus demonstrates that it can securely and intuitively link devices with no contact with an online server while imposing low overhead.
Web tracking sites or Web bugs are potential but serious threats to users’ privacy during Web browsing. Web sites and their associated advertising sites surreptitiously gather the profiles of visitors and possibly abuse or improperly expose them, even if visitors are unaware their profiles are being utilized. In order to prevent such sites in a cor...
In this paper, we propose new attacks on 9-round Salsa20 and 8-round ChaCha. We constructed a distinguisher of double-bit differentials to improve Aumasson's single-bit differential cryptanalysis. We searched for correlations using a PC, and found strong correlations in 9-round Salsa20 and 8-round ChaCha. The complexities of the introduced attacks...
Digital content distribution services require that 1) only valid user devices that has a valid key can decrypt the broadcasting content, 2) the keys can no longer be used to decrypt the content, if keys in a device are revealed, and 3) invalid users who illegally use keys in a device can be identified. This paper proposes a broadcast encryption sch...
Spoofed IP traffic (traffic containing packets with incorrect source IP addresses) is often used by Internet-based attackers for anonymity. This method reduces the risk of trace-back and avoids attack detection by traffic-based sensors. An ISP's Security Operations Center (SOC) needs an efficient spoofed source detection mechanism to protect its cu...
Although security protocols like TLS/SSL are widely used in the Internet, it is still difficult to secure communications among personal network devices, typically seen in P2P applications and pervasive computing environment. This is because it is uncommon among such personal devices to have public key certificates to authenticate themselves, and fu...
A remote attestation that measures files on a hard disk drive (HDD) is important for intrusion detection on a data center server. When the server is infected by a rootkit or when a file measurement application is manipulated, the response of the kernel or the measurement application is not reliable. A trusted platform module (TPM) that achieves a c...
Monitoring a process and its file I/O behaviors is important for security inspection for a data center server against intrusions, malware infection and information leakage. In the case of the Linux kernel 2.6, a set of hook functions called the Linux Security Module (LSM) has been implemented in order to monitor and control the system calls. By usi...
Web tracking sites or Web bugs are potential but serious threats to users' privacy during Web browsing. Web sites and their associated advertising sites surreptitiously gather the profiles of visitors and possibly abuse or improperly expose them, even if visitors do not provide their profiles consciously. In order to prevent such activities in a co...
Cloud computing grows as an important keyword to accelerate IT businesses. A feature of cloud computing is distributed architecture based on unfixed nodes, and security risks have been high-lighted for cloud computing services. In this paper, we present a novel approach for solving the essential issue of cloud computing: how to protect a program ru...
Using Web-based content management systems such as Blog, an end user can easily publish User Generated Content (UGC). Although publishing of UGCs is easy, controlling access to them is a difficult problem for end users. Currently, most of Blog sites offer no access control mechanism, and even when it is available to users, it is not sufficient to c...
Secure private networking over the Internet is difficult especially when trying to form a new network with private servers and hosts that belong to different administrative domains. Although such form of private network is useful as a closed group communication environment, simply applying existing VPN technologies is not sufficient. Not to mention...
Phishing attacks, which steal users' account information by fake Websites, have become a serious problem on theInternet. There are two major approaches in phishing detection: the blacklist- and the heuristics-based approach. Heuristics-based approaches employ common characteristics of phishing sites such as distinctive keywords used in Web pages or...
DNS is one of the internet's fundamental building blocks, used by various applications such as web and mail transfer. Therefore, monitoring DNS traffic has potential to detect host anomalies such as spammers and infected hosts in a network. However, previous works assume a small number of hosts or target on domain name anomalies, so that they canno...
Spam e-mails and distributed denial of service (DDoS) attacks have now become critical issues to the Internet. These attacks are considered to be sent from bot infected PCs. As a bot communicates with a malicious controller over an encrypted channel and updates its code frequently, it becomes difficult to detect infected personal computers (PCs) us...
It is considered important in the medical care sector to share medical information such as case information. There have been positive moves toward electronic storage and sharing of various data. There have been many studies of systems to realize such services, but the usual approach is to construct a network system of client–server type with concen...
Attacks against encrypted protocols are becoming increasingly popular. They pose a serious challenge to the conventional intrusion detection systems (IDSs) which heavily rely on inspecting the network packet fields and are consequently unable to monitor encrypted sessions. IDSs can be broadly categorized into two types: signature-based and anomaly-...