Research
Blockchain
As the ecosystem of the blockchain is expanding, there come many interesting research topics. In our research group, we are working on the following topics.
CryptoPad: a dedicated device for crypto services. Specifically, we are developing a behavioral whitelisting technique to thwart malicious code execution.
Hardware acceleration of zero-knowledge proof algorithms, specifically, Number Theoretic Transform (NTT) and Multi-Scalar Multiplication (MSM) for zk-SNARK.
Proof of reserves to prove the balance of centralized exchanges.
Privacy preservation techniques for blockchain.
Hardware acceleration of Merkle Tree generation.
Kiseok Jeon, Junghee Lee, Bumsoo Kim, and James J. Kim, "Hardware Accelerated Reusable Merkle Tree Generation for Bitcoin Blockchain Headers," IEEE Computer Architecture Letters, Vol. 22, Issue 2, July-December 2023, pp. 69-72.
Jione Choi, Kiseok Jeon, Junghee Lee, Junsik Sim, Myungsum Kim, "CryptoPad: Dedicated Device for Convenient and Secure Wallet," in Proc. of International Conference on Digital Society (ICDS), 2023
MyData Cloud
MyData services are expected to expedite the utilization of personal data. Typically, an operator collects personal data from different sources and provides the collected data to data processors for utilization. However, there is a growing concern about personal data abuse. For this, The right of data subjects is being reinforced, especially the right of personal data control. On the extreme opposite, there is an approach where personal data are collected by a personal device such as a smartphone. If data processors need the data, they only put requests to the device and only the results are returned. In this model, personal data never leave the personal device. This model is good for data control, but hard to combine data of different data subjects. To overcome the shortcomings of these two models, we propose a cloud model where personal data are collected and processed on a cloud platform so that personal data never leave the cloud. Since data processors utilize the data on the cloud, it is easy to combine data.
We are currently working on the following research topics.
Preventing personal data breaches from the cloud platform.
Enhancing the authentication protocol with attestation.
Junsik Sim, Beomjoong Kim, Kiseok Jeon, Moonho Joo, Jihun Lim, Junghee Lee, and Kim-Kwang Raymond Choo, "Technical Requirements and Approaches in Personal Data Control," ACM Computing Surveys, Vol. 55, Issue 9, January, 2023, pp. 1-30.
Trusted Hardware
Hardware is known to be much harder to be modified compared to software. Thus, there are many on-going research activities to enhance the security of systems by employing hardware as a root-of-trust. One of such approaches is hardware-based trusted execution environment. Our research group is working on developing various hardware techniques to support the trusted execution environment.
Currently, we are working on the following research topics.
Connecting trusted execution environments (TEEs) to securely establish a distributed execution environment.
Defending against side-channel attacks by employing randomization.
Junghee Lee, Chrysostomos Nicopoulos, Gweonho Jeong, Jihye Kim, and Hyunok Oh, "Practical Verifiable Computation by Using a Hardware-Based Correct Execution Environment," IEEE Access, Vol. 8, November 2020, pp. 216689-216706
Internet-of-Things and Blockchain
Unlike conventional servers housed in a centralized and secured indoor environment (e.g., data centers), Internet-of-Things (IoT) devices such as sensor/actuator are geographically distributed and may be closely located to the physical systems where IoT devices are utilized. However, the resource-constrained nature of IoT devices limits their capacity to deploy sophisticated security solutions. The proposed approach assumes that a device can be compromised and hence, the need to be able to automatically isolate the compromised device(s). In order to enforce security policies even when devices are compromised, we propose using blockchain in the monitoring framework. For details, please refer to the following paper.
Sreenivas Sudarshan Seshadri, David Rodriguez, Mukunda Subedi, Kim-Kwang Raymond Choo, Sara Ahmed, Qian Chen, and Junghee Lee, "IoTCop: A Blockchain-based Monitoring Framework for Detection and Isolation of Malicious Devices in Internet-of-Things Systems," to appear in IEEE Internet of Things Journal.
File-based Deception Technology
PhantomFS is a file-based deception technology that detects and prevents misbehavior of malicious users by using fake files and hiding sensitive files. It employs a hidden interface that is known only to legitimate users and applications. For details, please refer to the following paper.
Junghee Lee, Jione Choi, Gyuho Lee, Shin-woo Shim, and Taekyu Kim, "PhantomFS: File-based Deception Technology for Thwarting Malicious Users," IEEE Access, Vol. 8, Issue 1, February 2020, pp. 32203-32214.
Its VirtualBox disk image and related documents are available at the following links.
[Disk Image] [README] [HOWTO]
PhantomFS has been extended to version 2 to address intelligent adversaries who are aware of the deception technology. PhantomFS-v2 is available at the following links.
[Disk Image] [README] [HOWTO]
Demo videos are available: #1 #2 #3 #4 #5 #6
Jione Choi, Hwiwon Lee, Younggi Park, Huy Kang Kim, Junghee Lee, Youngjae Kim, Gyuho Lee, Shin-woo Shim, and Taekyu Kim, "PhantomFS-v2: Dare You To Avoid This Trap," to IEEE Access, Vol. 8, October 2020, pp. 198285-198300