A5100759361- Internet Traffic Analysis and Secure E-voting
- Software-Defined Networks and 5G
- Caching and Content Delivery
- Network Security and Intrusion Detection
- Cryptographic Implementations and Security
- Physical Unclonable Functions (PUFs) and Hardware Security
- Cloud Computing and Resource Management
- Cryptography and Data Security
- Interactive and Immersive Displays
- Cloud Computing and Remote Desktop Technologies
- Software Reliability and Analysis Research
- Software Engineering Research
- Service-Oriented Architecture and Web Services
- Distributed and Parallel Computing Systems
- Advanced Malware Detection Techniques
- Educational Systems and Policies
- Advanced Image Processing Techniques
- Network Traffic and Congestion Control
- Access Control and Trust
- Network Packet Processing and Optimization
- IoT and Edge/Fog Computing
- Chaos-based Image/Signal Encryption
- Optimization and Search Problems
- Peer-to-Peer Network Technologies
- Educational Research and Pedagogy
Seoul National University
2019-2025
SK Group (South Korea)
2023
Pukyong National University
2023
Kookmin University
2020-2022
ETH Zurich
2015-2020
Agency for Defense Development
2010-2019
Sungkyunkwan University
2018-2019
Google (Switzerland)
2019
Electronics and Telecommunications Research Institute
2011-2013
Inha University
2010
As data produced by multimedia explodes and demand for storage increases, the most important topics NAND-Flash memory field are continuous performance improvements cost/bit reduction. To improve performance, features to quality of service (QoS) as well read/write [1] required. reduce cost/bit, number stacked layers needs increase, while pitch between decreases. It is necessary manage increasing WL resistance a decreased stack pitch. overcome these challenges, this paper presents techniques...
SDN promises to make networks more flexible, programmable, and easier manage. Inherent security problems in today, however, pose a threat the promised benefits. First, network operator lacks tools proactively ensure that policies will be followed or reactively inspect behavior of network. Second, distributed nature state updates at data plane leads inconsistent during reconfigurations. Third, large flow space makes susceptible exhaustion attacks. This paper presents SDNsec, an extension...
In this article, we propose single-trace side-channel attacks against lattice-based key encapsulation mechanisms (KEMs) that are the third-round candidates of national institute standards and technology (NIST) standardization project. Specifically, analyze message encoding operation in phase KEMs to obtain an ephemeral session key. We conclude a singletrace leakage implies whole recovery: experimental results realized on ChipWhisperer UFO STM32F3 target board achieve success rate 100% for...
In the Internet of Things (IoT) environment consisting various devices arrival rate data packets dynamically changes. Failure to process them in complying with QoS requirement can significantly degrade reliability and quality system. Therefore, gateway collecting needs quickly establish a new scheduling policy according changing traffic condition. The existing packet schemes are not effective for IoT since transmission pattern is defined advance. Q-learning type reinforcement learning that...
Although TLS is used on a daily basis by many critical applications, the public-key infrastructure that it relies still lacks an adequate revocation mechanism. An ideal mechanism should be inexpensive, efficient, secure, and privacy-preserving. Moreover, rising trends in pervasive encryption pose new scalability challenges modern system address. In this paper, we investigate how network nodes can deliver certificate-validity information to clients. We present RITM, framework which...
In an ideal Internet, every packet would be attributable to its sender, while host identities and transmitted content remain private. Designing such a network is challenging because source accountability communication privacy are typically viewed as conflicting properties. this paper, we propose architecture that guarantees privacy-preserving by enlisting ISPs agents brokers. While can link originates from their customers, customer identity remains unknown the rest of Internet. our...
We make a case for packet-replay suppression at the network layer, concept that has been generally neglected. Our contribution is twofold. First, we demonstrate new attack, router-reflection can be launched using compromised routers. In this router degrades connectivity of remote Internet region just by replaying packets. The attack feasible even if all packets are attributed to their sources, i.e., source authentication in place, and our evaluation shows threat pervasive---candidate routers...
This paper proposes a new definition on names, addresses, identifiers, and locators based different framework. Starting with observation of the patterns how those terms are used, for their relations presented. First, name address defined assignment, where denotes an entity itself, point to which is attached. On other hand, identifier used locating within given space. Next, relationship among four Finally, we show communication performed respect definition.
Cloud computing promises to reshape the way IT service is produced and consumed by virtualizing resources. As if cloud providers offer virtualized CPU storage resources via machine virtualization distributed technologies respectively, wish their customers' virtual networks running on cloud. With cloud-based (CVNs), customers (often, corporate customers) can easily build new sites, effectively expanding enterprise into thus leveraging entire benefits of (agility, manageability, low cost,...
SDN promises to make networks more flexible, programmable, and easier manage. Inherent security problems in today, however, pose a threat the promised benefits. First, network operator lacks tools proactively ensure that policies will be followed or reactively inspect behavior of network. Second, distributed nature state updates at data plane leads inconsistent during reconfigurations. Third, large flow space makes susceptible exhaustion attacks. This paper presents SDNsec, an extension...
The act of communication on the Internet inevitably leaks information. In particular, network headers reveal information (e.g., source address, flow information); yet, protecting header has proven challenging. Past research successfully protected certain fields address), but no proposal attempted to eliminate from so that packets cannot be linked flows; is systematically used subvert privacy. Hence, we investigate following questions: Can design an architecture eliminates flow-packet...
In this paper, we propose single-trace side-channel attacks against CRYSTALS-DILITHIUM. CRYSTALS-DILITHIUM is a lattice-based digital signature algorithm, one of the third round finalists national institute standards and technology (NIST) standardization project. We attack number-theoretic transform (NTT) in signing procedure key generation to obtain secret key. When targeting procedure, can recover both vectors s1 s2. This enables forgery signatures. However, only vector be recovered when...
Although the Internet achieved tremendous success in recent decades, several limitations have emerged from technical advancement and challenging requirements of diverse applications. For overcoming these limitations, future can be redesigned "clean slate" basis. This paper proposes a novel architecture that considers both horizontal vertical separations called, Domain-Insulated Autonomous Network (DIANA). In this architecture, network is composed set basic building blocks, called "domains",...
Network isolation is a critical modern Internet service.To date, network operators have created logical of distributed systems to provide communication between different parties.However, the current limited in scalability and flexibility.It limits number virtual networks it only supports at host (or virtualmachine) granularity.In this paper, we introduce Scalable Virtual Local Area Networking (SVLAN) that scales large offers improved flexibility providing secure isolation.With notion...
In source-based path selection, the sender chooses to destination from a set of available paths and embeds forwarding information in packets. Future Internet proposals have employed this scheme realize benefits source routing without inherent scalability problems computation at source. Furthermore, address security concerns packet-carried state, these leverage cryptographic primitives (e.g., Message Authentication Codes) per packet data plane. However, implications on performance novel...
VNC (virtual network computing) is a remote access software using RFB (remote frame buffer) protocol. supports to resources of system through sharing the desktop system. In this paper, we describe an extension for effective real-time collaboration Internet. For collaboration, provide three kinds authorities: administrator, worker, and spectator. The administrator controls authorities users. workers can provided by server, while spectators not handle resources, only monitoring server. To...
Motivated by the weaknesses of today's TLS public-key infrastructure (PKI), recent studies have proposed numerous enhancements to fortify PKI ecosystem. Deploying one particular enhancement is no panacea, since each solves only a subset problems. At same time, high deployment barrier makes benefit-cost ratio tilt in wrong direction, leading disappointing adoption rates for most proposals.