Invi-server: Reducing the attack surfaces by making protected server invisible on networks

Park, J.,Noh, J.,Kim, M.,Kang, B.B. North-Holland ; Elsevier Science Ltd 2017 Computers & security Vol.67 No.-

<P>The advantage of having remote access motivates network administrators to connect mission critical servers (e.g., enterprise management systems) as well as public web servers via the Internet, even though connecting these mission-critical servers to the Internet is not recommended. These mission-critical or public servers are accessible from any host on the Internet, allowing cyber attackers to engage the targeted server as part of a process to discover potential exploits and unpatched vulnerabilities. Although it would be difficult to eradicate all the potential vulnerabilities in advance, accessibility to a server can be controlled to limit or minimize the chance of exposing a vulnerable surface. We aimed to address the accessibility issue by designing and prototyping an Invi-server system, in which the IP and MAC addresses of the protected secret server remain invisible from external scanning and eavesdropping trials and even from compromised internal hosts on the network. This Invi-server system can be used as a way to reduce the attack surface of a protected server while allowing authorized users to send and receive packets via the protected server. We also implemented a prototype of the Invi-server system to demonstrate that our proposed system has the ability to reduce the attack surfaces significantly without increasing network performance overhead to any significant extent. (C) 2017 Published by Elsevier Ltd.</P>

Secure bimodal PIN-entry method using audio signals

Lee, M.K.,Nam, H.,Kim, D.K. North-Holland ; Elsevier Science Ltd 2016 Computers & security Vol.56 No.-

<P>A Personal Identification Number (PIN) is a multiple-digit sequence widely used for user authentication. It is desirable for a PIN-entry method to be secure against two main security threats, random guessing attacks and recording attacks. Although there have been many proposals for challenge-response-based PIN-entry methods, it is well known that the only way to prevent both attacks is to physically prevent attackers from observing the challenge response pairs, which motivates the development of PIN-entry methods that use secure secondary channels such as audio signals. To provide a guideline for designing an audio based PIN-entry method, we propose a simple framework to transform a non-audio-based method into an audio-based one. We also present a new PIN-entry method that improves the performance of this simple transformation. Most audio-based methods in the literature are unimodal methods, that is, they transmit almost all required information through an audio channel because it was believed that this approach maximized the user's performance. In this paper, however, we show that a carefully designed bimodal system may be more usable than a unimodal one. We present a new PIN-entry method whose audio channel only transmits the minimal required data while most of the challenge information is transmitted through the efficient visual channel. Our user study shows that the PIN-entry time of the proposed method is shorter than those of the previous audio-based methods, while its error rate is kept as low as that of the previous methods. (C) 2015 Elsevier Ltd. All rights reserved.</P>

Quality of Private Information (QoPI) model for effective representation and prediction of privacy controls in mobile computing

Kim, S.H.,Ko, I.Y.,Kim, S.H. North-Holland ; Elsevier Science Ltd 2017 Computers & security Vol.66 No.-

<P>Most existing privacy-control methods in mobile computing support only binary and static privacy controls; therefore, it is usually difficult for mobile users to make use of effective privacy controls by considering both the necessity of an application and the types and quality of private information to be provided to the application under dynamic usage scenarios. In this paper, we define a quality of private information (QoPI) model to represent various types and quality levels of users' private information required by mobile applications. Using the QoPI model, we can also represent contextual properties that might affect the selection of the types and quality of private information in dynamic mobile computing situations. Users' common privacy-control patterns can be characterized, represented, and managed by using this model, and we can assist users in achieving context-aware and personalized privacy control. We evaluate the effectiveness of using the QoPI model by analyzing the data that we collected from users while allowing them to consider practical mobile computing situations. The analysis results show that the users actively utilized the fine-grained (multilevel) privacy controls supported by using the QoPI model, and their privacy -control patterns could be effectively collected and predicted based on this model. The results also show that consideration of contextual properties is essential for improving the accuracy and time performance of predicting an appropriate QoPI level to be used when a user accesses a mobile application. (C) 2017 Elsevier Ltd. All rights reserved.</P>

Analyzing research trends in personal information privacy using topic modeling

Choi, H.S.,Lee, W.S.,Sohn, S.Y. North-Holland ; Elsevier Science Ltd 2017 Computers & security Vol.67 No.-

<P>This study examines trends in academic research on personal information privacy. Using Scopus DB, we extracted 2356 documents covering journal articles, reviews, book chapters, conference papers, and working papers published between 1972 and August 2015. Latent Dirichlet allocation (LDA) is applied to the abstracts of those extracted documents to identify topics. Topics discovered from all documents focus mainly on technology, and the findings indicate that algorithms, Facebook privacy, and online social networks have become prominent topics. In contrast, it was observed that journal articles put more emphasis on both the e-business and healthcare. These results identify a research gap in the area of personal information privacy and offer a direction for future research. (C) 2017 Elsevier Ltd. All rights reserved.</P>

S-OpenSGX: A system-level platform for exploring SGX enclave-based computing

Choi, C.,Kwak, N.,Jang, J.,Jang, D.,Oh, K.,Kwag, K.,Kang, B.B. North-Holland ; Elsevier Science Ltd 2017 Computers & security Vol.70 No.-

<P>Intel recently introduced Software Guard Extensions (SGX) to enable applications to protect their selected code and data from privileged platform software. As it draws wider attention from the security research community, an open-source emulator for SGX (OpenSGX) has been developed to allow researchers to explore the SGX environment. To the best of our knowledge, OpenSGX is currently the only publicly available SGX emulation platform; however, its system-level support is largely limited owing to its user-mode emulation. In particular, experiments that require system functionalities or device emulation cannot be conducted with the current OpenSGX. To solve this problem, we propose System-OpenSGX (S-OpenSGX), which leverages QEMU's system emulation to provide researchers with full system-level support for exploring SGX enclave-based programming. In this paper, we show the design of S-OpenSGX, including system functionalities such as scheduling, multithreading, page table handling, and SGX paging. Non-trivial issues derived from the difference between user-mode and system emulation, and our approaches to addressing them are also described. Lastly, we utilize S-OpenSGX to experiment with a new mitigation method against the data leaking attack on enclave threads and an APIC (Advanced Programmable Interrupt Controller) device modification to reduce SGX's mode switch overhead. (C) 2017 Elsevier Ltd. All rights reserved.</P>

A survey on touch dynamics authentication in mobile devices

Teh, P.S.,Zhang, N.,Teoh, A.B.J.,Chen, K. North-Holland ; Elsevier Science Ltd 2016 Computers & security Vol.59 No.-

<P>There have been research activities in the area of keystroke dynamics biometrics on physical keyboards (desktop computers or conventional mobile phones) undertaken in the past three decades. However, in terms of touch dynamics biometrics on virtual keyboards (modem touchscreen mobile devices), there has been little published work. Particularly, there is a lack of an extensive survey and evaluation of the methodologies adopted in the area. Owing to the widespread use of touchscreen mobile devices, it is necessary for us to examine the techniques and their effectiveness in the domain of touch dynamics biometrics. The aim of this paper is to provide some insights and comparative analysis of the current state of the art in the topic area, including data acquisition protocols, feature data representations, decision making techniques, as well as experimental settings and evaluations. With such a survey, we can gain a better understanding of the current state of the art, thus identifying challenging issues and knowledge gaps for further research. (C) 2016 Elsevier Ltd. All rights reserved.</P>

On-demand bootstrapping mechanism for isolated cryptographic operations on commodity accelerators

Kim, Y.,Kwon, O.,Jang, J.,Jin, S.,Baek, H.,Kang, B.B.,Yoon, H. North-Holland ; Elsevier Science Ltd 2016 Computers & security Vol.62 No.-

<P>General-Purpose computing on a Graphics Processing Unit (GPGPU) involves leveraging commodity GPUs as massively parallel processing units. GPGPU is an emerging computing paradigm for high-performance and data-intensive computations such as cryptographic operations. Although GPGPU is an attractive solution for accelerating modem cryptographic operations, the security challenges that stem from utilizing commodity GPUs remain an unresolved problem. In this paper, we present an On-demand Bootstrapping Mechanism for Isolated cryptographic operations (OBMI). OBMI transforms commodity GPUs into a securely isolated processing core for various cryptographic operations while maintaining cost-effective computations. By leveraging System Management Mode (SMM), a privileged execution mode provided by x86 architectures, OBMI implements a program and a secret key into the GPU such that they are securely isolated during the acceleration of cryptographic operations, even in the presence of compromised kernels. Our approach does not require an additional hardware-abstraction layer such as a hypervisor or micro-kernel, and it does not entail modifying the GPU driver. An evaluation of the proposed OBMI demonstrated that even adversaries with kernel privileges cannot gain access to the secret key, and it also showed that the proposed mechanism incurs negligible performance degradation for both the CPU and GPU. (C) 2016 Elsevier Ltd. All rights reserved.</P>

Theoretical study of the extremely small torsional barriers of thiophenol in the ground and the first excited electronic states

Choi, H.,Park, Y.C.,Lee, Y.S.,An, H.,Baeck, K.K. North Holland ; Elsevier Science Ltd 2013 Chemical physics letters Vol.580 No.-

The extremely small (around 0.80kcal/mol) barrier for the -SH rotation of thiophenol is studied by using MP2, CASSCF(12,11), and three DFT (B3LYP, HCTH, and ωB97X-D) methods with various basis sets. The 6-311++G(3df,3pd) turns out to be the proper minimal basis-set for reliable calculations. CCSD(T) and CASPT2//CASSCF calculations confirm that the planar conformation of the -SH is the minimum-energy structure of not only the ground S<SUB>0</SUB> but also the first excited S<SUB>1</SUB> electronic states. The calculated torsional barrier of the S<SUB>1</SUB>, 1.89kcal/mol, is also quite small.

The competition number of the complement of a cycle

Kim, S.R.,Park, B.,Sano, Y. North Holland ; Elsevier Science Ltd 2013 Discrete applied mathematics Vol.161 No.12

In this paper, we compute the competition number of the complement of a cycle. It is well-known that the competition number of a cycle of length at least 4 is two while the competition number of a cycle of length 3 is one. Characterizing a graph by its competition number has been one of important research problems in the study of competition graphs, and competition numbers of various interesting families of graphs have been found. We thought that it is worthy of computing the competition number of the complement of a cycle. In the meantime, the observation that the complement of an odd cycle of length at least 5 is isomorphic to a circulant graph led us to compute the competition number of a large family of circulant graphs. In fact, those circulant graphs satisfy the long lasting Opsut's conjecture stating that the competition number of a locally cobipartite graph is at most two.

Block of hERG K⁺ channel and prolongation of action potential duration by fluphenazine at submicromolar concentration

Hong, H.K.,Hoon Lee, B.,Park, M.H.,Ho Lee, S.,Chu, D.,Jin Kim, W.,Choe, H.,Hee Choi, B.,Jo, S.H. North-Holland ; Elsevier Science Ltd 2013 european journal of pharmacology Vol.702 No.1

Fluphenazine is a potent antipsychotic drug that can increase action potential duration and induce QT prolongation in several animal models and in humans. As the block of cardiac human ether-a-go-go-related gene (hERG) channels is one of the leading causes of acquired long QT syndrome, we investigated the acute effects of fluphenazine on hERG channels to determine the electrophysiological basis for its proarrhythmic potential. Fluphenazine at concentrations of 0.1-1.0μM increased the action potential duration at 90% of repolarization (APD<SUB>90</SUB>) and action potential duration at 50% of repolarization (APD<SUB>50</SUB>) in 5min when action potentials were elicited under current-clamp conditions in guinea pig ventricular myocytes. We examined the effects of fluphenazine on hERG channels expressed in Xenopus oocytes and HEK293 cells using two-microelectrode voltage-clamp and patch-clamp techniques. The IC<SUB>50</SUB> for the fluphenazine-induced block of hERG currents in HEK293 cells at 36<SUP>o</SUP>C was 0.102μM at +20mV. Fluphenazine-induced a concentration-dependent decrease of the current amplitude at the end of the voltage steps and hERG tail currents. The fluphenazine-dependent hERG block in Xenopus oocytes increased progressively relative to the degree of depolarization. Fluphenazine affected the channels in the activated and inactivated states but not in the closed states, and the S6 domain mutation from tyrosine to alanine at amino acid 652 (Y652A) attenuated the hERG current block. These results suggest that the antipsychotic drug fluphenazine is a potent blocker of hERG channels, providing a molecular mechanism for the drug-induced arrhythmogenic side effects.