Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.22
Hung-Chang Chang
Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.
{"title":"Based on Standard Descriptors and Dynamic Key Features to Detect Malicious USB Storage Devices in APT","authors":"Hung-Chang Chang","doi":"10.1109/AsiaJCIS.2017.22","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.22","url":null,"abstract":"Advanced persistent threats (APTs) are a type of attack that critically threaten a number of corporations. With advances in information technology, attack methods have evolved from social engineering and e-mail methods to simulated human interface device attacks, which have remained undetectable by intrusion detection systems. Teensy was initially designed as a hardware device for legitimate applications, but because it enables the control of computers through a simulated keyboard or mouse-style pointing device, certain parties have utilized it as a malicious APT device to control computers for illegitimate uses. This study proposed a method based on the characteristics of Universal Serial Bus (USB) standard descriptors and dynamic key characteristics to detect malicious USB devices. This method is capable of successfully detecting malicious USB devices and defending against malicious USB attacks.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124787500","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.19
J. D. Ndibwile, Y. Kadobayashi, Doudou Fall
Phishing attacks have been increasing recently. Attackers use clever social engineering techniques to convince their victims into clicking a malware or deceptive login-based webpages. Most solutions for this particular problem focus more on helping desktop computer users than mobile device users. Mobile device users are more vulnerable than their desktop counterparts because they are online most of the time and they have device limitations such as smaller screen size and low computational power. This paper presents UnPhishMe, an effective mobile application prototype that takes advantage of a particular weakness of phishing sites: they accept any kind of input information for authentication. UnPhishMe enables a mobile device user to create fake login account, with fake login credentials, that mimics user login procedure every time the user opens a login webpage and generates an alert to her. UnPhishMe determines whether the current login page shifts to another webpage after an authentication attempt. It does so by monitoring hashcode changes of the URL when the page is loading, listens to HttpURLConnection status code, and then makes a decision on whether the website is fraudulent or not. We measured the effectiveness of UnPhishMe by conducting a user experiment on android platforms and tested its detection accuracy, memory and CPU performance. The results show that UnPhishMe uses a very small amount of computational power and it is effective in assisting users to identify phishing attacks with an accuracy of 96%.
{"title":"UnPhishMe: Phishing Attack Detection by Deceptive Login Simulation through an Android Mobile App","authors":"J. D. Ndibwile, Y. Kadobayashi, Doudou Fall","doi":"10.1109/AsiaJCIS.2017.19","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.19","url":null,"abstract":"Phishing attacks have been increasing recently. Attackers use clever social engineering techniques to convince their victims into clicking a malware or deceptive login-based webpages. Most solutions for this particular problem focus more on helping desktop computer users than mobile device users. Mobile device users are more vulnerable than their desktop counterparts because they are online most of the time and they have device limitations such as smaller screen size and low computational power. This paper presents UnPhishMe, an effective mobile application prototype that takes advantage of a particular weakness of phishing sites: they accept any kind of input information for authentication. UnPhishMe enables a mobile device user to create fake login account, with fake login credentials, that mimics user login procedure every time the user opens a login webpage and generates an alert to her. UnPhishMe determines whether the current login page shifts to another webpage after an authentication attempt. It does so by monitoring hashcode changes of the URL when the page is loading, listens to HttpURLConnection status code, and then makes a decision on whether the website is fraudulent or not. We measured the effectiveness of UnPhishMe by conducting a user experiment on android platforms and tested its detection accuracy, memory and CPU performance. The results show that UnPhishMe uses a very small amount of computational power and it is effective in assisting users to identify phishing attacks with an accuracy of 96%.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133707556","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Network infrastructures are in jeopardy of suffering nowadays since a number of attacks have been developed and grown up enormously. In order to get rid of such security threats, a defense mechanism is much sought-after. This paper proposes an improved model of intrusion detection by using two-level classifier ensemble. The proposed model is made up of a PSO-based feature selection technique and a two-level classifier ensemble which employs two ensemble learners, i.e. boosting and random subspace model (RSM). The experiment conducted on NSL-KDD dataset reveals that the proposed model outperforms previous detection models significantly in terms of accuracy and false alarm rate (FPR).
{"title":"An Improved Model of Anomaly Detection Using Two-Level Classifier Ensemble","authors":"Bayu Adhi Tama, A. Patil, K. Rhee","doi":"10.1109/AsiaJCIS.2017.9","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.9","url":null,"abstract":"Network infrastructures are in jeopardy of suffering nowadays since a number of attacks have been developed and grown up enormously. In order to get rid of such security threats, a defense mechanism is much sought-after. This paper proposes an improved model of intrusion detection by using two-level classifier ensemble. The proposed model is made up of a PSO-based feature selection technique and a two-level classifier ensemble which employs two ensemble learners, i.e. boosting and random subspace model (RSM). The experiment conducted on NSL-KDD dataset reveals that the proposed model outperforms previous detection models significantly in terms of accuracy and false alarm rate (FPR).","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127081830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.18
Soushirou Sakumoto, Akira Kanaoka
Currently, when companies conduct risk analysis of own networks and systems, it is common to outsource risk analysis to third-party experts. At that time, the company passes the information used for risk analysis including confidential information such as network configuration to third-party expert. It raises the risk of leakage and abuse of confidential information. Therefore, a method of risk analysis by using secure computation without passing confidential information of company has been proposed. Although Liu's method have firstly achieved secure risk analysis method using multiparty computation and attack tree analysis, it has several problems to be practical. In this paper, improvement of secure risk analysis method is proposed. It can dynamically reduce compilation time, enhance scale of target network and system without increasing execution time. Experimental work is carried out by prototype implementation. As a result, we achieved improved performance in compile time and enhance scale of target with equivalent performance on execution time.
{"title":"Improvement of Privacy Preserved Rule-Based Risk Analysis via Secure Multi-Party Computation","authors":"Soushirou Sakumoto, Akira Kanaoka","doi":"10.1109/AsiaJCIS.2017.18","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.18","url":null,"abstract":"Currently, when companies conduct risk analysis of own networks and systems, it is common to outsource risk analysis to third-party experts. At that time, the company passes the information used for risk analysis including confidential information such as network configuration to third-party expert. It raises the risk of leakage and abuse of confidential information. Therefore, a method of risk analysis by using secure computation without passing confidential information of company has been proposed. Although Liu's method have firstly achieved secure risk analysis method using multiparty computation and attack tree analysis, it has several problems to be practical. In this paper, improvement of secure risk analysis method is proposed. It can dynamically reduce compilation time, enhance scale of target network and system without increasing execution time. Experimental work is carried out by prototype implementation. As a result, we achieved improved performance in compile time and enhance scale of target with equivalent performance on execution time.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"60 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114009872","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.20
Younsu Lee, Sang-So Choi, Jangwon Choi, Jungsuk Song
With the development of cyber threats on the Internet, the number of malware, especially unknown malware, is also dramatically increasing. Since all of malware cannot be analyzed by analysts, it is very important to find out new malware that should be analyzed by them. In order to cope with this issue, the existing approaches focused on malware classification using static or dynamic analysis results of malware. However, the static and the dynamic analyses themselves are also too costly and not easy to build the isolated, secure and Internet-like analysis environments such as sandbox. In this paper, we propose a lightweight malware classification method based on detection results of anti-virus software. Since the proposed method can reduce the volume of malware that should be analyzed by analysts, it can be used as a preprocess for in-depth analysis of malware. The experimental showed that the proposed method succeeded in classification of 1,000 malware samples into 187 unique groups. This means that 81% of the original malware samples do not need to analyze by analysts.
{"title":"A Lightweight Malware Classification Method Based on Detection Results of Anti-Virus Software","authors":"Younsu Lee, Sang-So Choi, Jangwon Choi, Jungsuk Song","doi":"10.1109/AsiaJCIS.2017.20","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.20","url":null,"abstract":"With the development of cyber threats on the Internet, the number of malware, especially unknown malware, is also dramatically increasing. Since all of malware cannot be analyzed by analysts, it is very important to find out new malware that should be analyzed by them. In order to cope with this issue, the existing approaches focused on malware classification using static or dynamic analysis results of malware. However, the static and the dynamic analyses themselves are also too costly and not easy to build the isolated, secure and Internet-like analysis environments such as sandbox. In this paper, we propose a lightweight malware classification method based on detection results of anti-virus software. Since the proposed method can reduce the volume of malware that should be analyzed by analysts, it can be used as a preprocess for in-depth analysis of malware. The experimental showed that the proposed method succeeded in classification of 1,000 malware samples into 187 unique groups. This means that 81% of the original malware samples do not need to analyze by analysts.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115580679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.23
Chia-Mei Chen, G. Lai, Je-Ming Lin
Mobile devices have become powerful and popular. Most internet applications or services are ported to mobile platforms. Confidential personal information such as credit card and password usually is stored in mobile devices for ubiquitous computing. Therefore, mobile devices become attack target due to financial gain. Mobile applications are published in various market places without or with little verification; hence malicious mobile applications can be deployed in the marketplaces without any difficulty.In this paper, we present a mobile malware detection approach by identifying the threat patterns. The proposed system analyzes the function invocation and the data flow to identify malicious behaviors in Android mobile devices. The experimental results show that the proposed method can efficiently detect malicious mobile applications including unknown malware.
{"title":"Identifying Threat Patterns of Android Applications","authors":"Chia-Mei Chen, G. Lai, Je-Ming Lin","doi":"10.1109/AsiaJCIS.2017.23","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.23","url":null,"abstract":"Mobile devices have become powerful and popular. Most internet applications or services are ported to mobile platforms. Confidential personal information such as credit card and password usually is stored in mobile devices for ubiquitous computing. Therefore, mobile devices become attack target due to financial gain. Mobile applications are published in various market places without or with little verification; hence malicious mobile applications can be deployed in the marketplaces without any difficulty.In this paper, we present a mobile malware detection approach by identifying the threat patterns. The proposed system analyzes the function invocation and the data flow to identify malicious behaviors in Android mobile devices. The experimental results show that the proposed method can efficiently detect malicious mobile applications including unknown malware.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122184385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.14
D. Guan, E. Zhuang, I. C. Chung, Yu-Shen Lin
In this paper, we compare three methods in detecting invalid signatures in batch verification. The first method, randomly select test, randomly chooses a half of signatures to verify in a batch. The second method is the small exponent test which is widely used. The third method, randomly numbering test, is a simplified method of the matrix-detection algorithm. The randomly numbering test randomizes the order of the signatures and verifies the signatures in log k+1 batches where k is the number of signatures. We simulate each method and analyze the efficiency of the methods. As a result, randomly numbering test is more efficient than small exponent test when the number of signatures in a batch verification is large.
{"title":"Performance Analysis of Some Batch Verification Methods of Digital Signatures","authors":"D. Guan, E. Zhuang, I. C. Chung, Yu-Shen Lin","doi":"10.1109/AsiaJCIS.2017.14","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.14","url":null,"abstract":"In this paper, we compare three methods in detecting invalid signatures in batch verification. The first method, randomly select test, randomly chooses a half of signatures to verify in a batch. The second method is the small exponent test which is widely used. The third method, randomly numbering test, is a simplified method of the matrix-detection algorithm. The randomly numbering test randomizes the order of the signatures and verifies the signatures in log k+1 batches where k is the number of signatures. We simulate each method and analyze the efficiency of the methods. As a result, randomly numbering test is more efficient than small exponent test when the number of signatures in a batch verification is large.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129662683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.13
M. Mimura, Yuhei Otsubo, Hidehiko Tanaka, Hidema Tanaka
Detecting RAT (Remote Access Trojan or Remote Administration Tool) used in APT (Advanced Persistent Threat) attacks is a challenging task. Many previous methods to detect RATs on the network require monitoring all network traffic. However, it is difficult to keep all network traffic because the size is too huge. Actually, we would have to detect RAT activity through insufficient information such as proxy server logs. Therefore, we proposed how to detect RAT activity in proxy server logs. Our method uses only the behavior and does not use pattern matching. While the behavior is not defined by character strings or regular expressions, is defined by network traffic patterns such as the sizes of the object returned to the client or the intervals of the logged time. The classification performance in general condition is good. However, the performance in practical condition is not certain. In practical condition, we have to choose arbitrary training data. In this paper, we apply this method to actual proxy server logs in practical condition, and show that this method can detect more than 95 percent of malicious communications with few false positives in APT attacks. This method does not require monitoring all network traffic, uses only standard proxy server logs. Moreover, this method can also detect http based RATs in real time.
{"title":"A Practical Experiment of the HTTP-Based RAT Detection Method in Proxy Server Logs","authors":"M. Mimura, Yuhei Otsubo, Hidehiko Tanaka, Hidema Tanaka","doi":"10.1109/AsiaJCIS.2017.13","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.13","url":null,"abstract":"Detecting RAT (Remote Access Trojan or Remote Administration Tool) used in APT (Advanced Persistent Threat) attacks is a challenging task. Many previous methods to detect RATs on the network require monitoring all network traffic. However, it is difficult to keep all network traffic because the size is too huge. Actually, we would have to detect RAT activity through insufficient information such as proxy server logs. Therefore, we proposed how to detect RAT activity in proxy server logs. Our method uses only the behavior and does not use pattern matching. While the behavior is not defined by character strings or regular expressions, is defined by network traffic patterns such as the sizes of the object returned to the client or the intervals of the logged time. The classification performance in general condition is good. However, the performance in practical condition is not certain. In practical condition, we have to choose arbitrary training data. In this paper, we apply this method to actual proxy server logs in practical condition, and show that this method can detect more than 95 percent of malicious communications with few false positives in APT attacks. This method does not require monitoring all network traffic, uses only standard proxy server logs. Moreover, this method can also detect http based RATs in real time.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121231502","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.17
Masahito Ando, Masayuki Okada, Akira Kanaoka
The current Border Gateway Protocol (BGP) operation in the Internet has a serious problem with regard to Mis-Origination, which is the hijacking or misconfiguration of network prefixes. We already have several Origin Validation (OV) techniques to mitigate the impact of Mis-Origination. an Internet Routing Registry (IRR) has been deployed only for a small number of users. More recently, RPKI (Resource Public Key Infrastructure) has come to be considered as the reality of the OV However, quantitative and large-scale simulation studies of its effect are not discussed deeply. In this paper, a quantitative simulation method of the OV effect for BGP is proposed. OV's impact on the entire Internet is measured in detail. Our results indicate that 1.56% of the top-ranked ASes can protect 98.70% of the ASes from Mis-Origination.
{"title":"Simulation Study of BGP Origin Validation Effect against Mis-Origination with Internet Topology","authors":"Masahito Ando, Masayuki Okada, Akira Kanaoka","doi":"10.1109/AsiaJCIS.2017.17","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.17","url":null,"abstract":"The current Border Gateway Protocol (BGP) operation in the Internet has a serious problem with regard to Mis-Origination, which is the hijacking or misconfiguration of network prefixes. We already have several Origin Validation (OV) techniques to mitigate the impact of Mis-Origination. an Internet Routing Registry (IRR) has been deployed only for a small number of users. More recently, RPKI (Resource Public Key Infrastructure) has come to be considered as the reality of the OV However, quantitative and large-scale simulation studies of its effect are not discussed deeply. In this paper, a quantitative simulation method of the OV effect for BGP is proposed. OV's impact on the entire Internet is measured in detail. Our results indicate that 1.56% of the top-ranked ASes can protect 98.70% of the ASes from Mis-Origination.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116049670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-08-01DOI: 10.1109/AsiaJCIS.2017.12
Ling Yang, Xianhui Lu
We propose a novel dispersal storage scheme based on the ring learning with errors (Ring-LWE) problem. Our main technical contribution is a new systematic erasure code, called SNTT, to solve the problem of applying Ring-LWE in dispersal storage. SNTT is based on the number theoretic transform (NTT). To the best of our knowledge, SNTT is the first work that applies NTT to guarantee data availability. Analysis and experiments show that our new scheme with proper configurations outperforms the state of the art in encoding/decoding speed. Furthermore, we show that SNTT can also be used to optimize performance of existing schemes.
{"title":"An Efficient Dispersal Storage Scheme Based on Ring-LWE and NTT","authors":"Ling Yang, Xianhui Lu","doi":"10.1109/AsiaJCIS.2017.12","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2017.12","url":null,"abstract":"We propose a novel dispersal storage scheme based on the ring learning with errors (Ring-LWE) problem. Our main technical contribution is a new systematic erasure code, called SNTT, to solve the problem of applying Ring-LWE in dispersal storage. SNTT is based on the number theoretic transform (NTT). To the best of our knowledge, SNTT is the first work that applies NTT to guarantee data availability. Analysis and experiments show that our new scheme with proper configurations outperforms the state of the art in encoding/decoding speed. Furthermore, we show that SNTT can also be used to optimize performance of existing schemes.","PeriodicalId":108636,"journal":{"name":"2017 12th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"351 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116533986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: