CyberTrust Technology Institute

Taipei, Taiwan

CyberTrust Technology Institute

Taipei, Taiwan

Time filter

Source Type

PubMed | Chang Gung Memorial Hospital, Chang Gung University and CyberTrust Technology Institute
Type: | Journal: Journal of biomedical informatics | Year: 2016

We designed and developed two interactive apps interfaces for dietary food measurements on mobile devices. The user-centered designs of both the IPI (interactive photo interface) and the SBI (sketching-based interface) were evaluated. Four types of outcomes were assessed to evaluate the usability of mobile devices for dietary measurements, including accuracy, absolute weight differences, and the response time to determine the efficacy of food measurements.The IPI presented users with images of pre-determined portion sizes of a specific food and allowed users to scan and then select the most representative image matching the food that they were measuring. The SBI required users to relate the food shape to a readily available comparator (e.g., credit card) and scribble to shade in the appropriate area. A randomized controlled trial was conducted to evaluate their usability.A total of 108 participants were randomly assigned into the following three groups: the IPI (n=36) and SBI (n=38) experimental groups and the traditional life-size photo (TLP) group as the control. A total of 18 types of food items with 3-4 different weights were randomly selected for assessment by each type. The independent Chi-square test and t-test were performed for the dichotomous and continuous variable analyses, respectively. The total accuracy rates were 66.98%, 44.15%, and 72.06% for the IPI, SBI, and TLP, respectively. No significant difference was observed between the IPI and TLP, regardless of the accuracy proportion or weight differences. The SBI accuracy rates were significantly lower than the IPI and TLP accuracy rates, especially for several spooned, square cube, and sliced pie food items. The time needed to complete the operation assessment by the user was significantly lower for the IPI than for the SBI.Our study corroborates that the user-centered visual-based design of the IPI on a mobile device is comparable the TLP in terms of the usability for dietary food measurements. However, improvements are needed because both the IPI and TLP accuracies associated with some food shapes were lower than 60%. The SBI is not yet a viable aid. This innovative alternative required further improvements to the user interface.


Lin F.Y.-S.,National Taiwan University | Chen P.-Y.,National Taiwan University | Chen P.-Y.,CyberTrust Technology Institute | Chen Q.-T.,National Taiwan University
Advances in Intelligent and Soft Computing | Year: 2012

In this paper, an innovative metric called Average Degree of Disconnectivity (Average DOD) is proposed. The Average DOD combining the concept of the probability calculated by contest success function with the DOD metric would be used to evaluate the damage degree of network. The larger value of the Average DOD, the more damage degree of the network would be. An attack-defense scenario as a mathematical model would be used to support network operators to predict that all the likelihood strategies both cyber attacker and network defender would take. The attacker could use the attack resources to launch attack on the nodes of network. On the other hand, the network defender allocates existed resources of defender to protect survival nodes of network. In the process of problem solving, the "gradient method" and "game theory" would be adopted to find the optimal resource allocation strategies for both cyber attacker and network defender. © 2012 Springer-Verlag.


Yeh K.-H.,National Dong Hwa University | Tsai K.-Y.,Hwa Hsia University of Technology | Fan C.-Y.,CyberTrust Technology Institute
Multimedia Tools and Applications | Year: 2015

During these years, the research field of certificateless signature (CLS) scheme is promptly investigated as the key escrow problem in identity-based cryptography can be solved via CLS concept. However, due to the bandwidth limitation of mobile communication and the resource-constraint property of handheld mobile devices, most CLS schemes cannot fulfill the requirement of computation efficiency for mobile communication architecture. Hence, the design of lightweight CLS protocol refined from traditional cryptosystem technologies for existing mobile communication environment becomes one of the most important research trends. In this paper, we demonstrate a novel CLS scheme which is immune against bilinear pairings. Without the heavy computation of bilinear pairings, our proposed scheme is efficient and practical for mobile communication. Meanwhile, the proposed CLS scheme possesses strong security density owing to the adoption of point addition of elliptic curve cryptography. A formal security analysis is presented to guarantee the security robustness of our CLS protocol under the hardness of breaking elliptic curve discrete logarithm problem. © 2014, Springer Science+Business Media New York.


Huang S.-Y.,CyberTrust Technology Institute | Fan C.-I.,National Sun Yat - sen University | Tseng Y.-F.,National Sun Yat - sen University
Future Generation Computer Systems | Year: 2015

Predicate encryption is a cryptographic primitive that provides fine-grained control over access to encrypted data. It is often used for encrypted data search in a cloud storage environment. In this paper, we propose an enabled/disabled predicate encryption scheme, which is the first work that provides timed-release services and data self-destruction (they correspond to the terms "enabled" and "disabled," respectively). Owing to these properties, the sender can set the readable/unreadable time of the files to be sent to the receiver. The receiver can read the sent file only after the readable time. After the unreadable time, the structure of the file will be destroyed and the file will become unreadable. Furthermore, for practical usage purposes, the extended scheme, which is based on the proposed scheme, provides not only timed-release services and data self-destruction but also long message encryption and undecryptable search. In the extended scheme, the length of encrypted messages does not depend on the order of the group. Moreover, the cloud server can obtain only the matched ciphertexts after the search. © 2015 Elsevier B.V.


Lin C.-H.,CyberTrust Technology Institute | Lin C.-H.,National Taiwan University of Science and Technology | Tien C.-W.,CyberTrust Technology Institute | Pao H.-K.,National Taiwan University of Science and Technology
CloudCom 2012 - Proceedings: 2012 4th IEEE International Conference on Cloud Computing Technology and Science | Year: 2012

While more and more digital application services move to the cloud virtualization environment, the network security challenges are equally striking. In general, these network attacks can be detected by deploying network intrusion detection systems (NIDSs) to the cloud platform. As clients in the cloud can create many virtual machines (VMs) to run their services privately, all detection rules are usually loaded into NIDSs to avoid any oversight, and cause damage to the performance of NIDS. This work presents a new architecture for building an efficient NIDS to the cloud virtualization environment. By resolving the virtual system information from operating systems' kernel map in hypervisor layer, the services in the cloud can be identified exactly and the required detection rules can be adopted dynamically. The experiment results show that the proposed NIDS is efficient and effective. © 2012 IEEE.


Lin P.-C.,National Chung Cheng University | Chen S.-Y.,National Chung Cheng University | Lin C.-H.,CyberTrust Technology Institute
2014 Australasian Telecommunication Networks and Applications Conference, ATNAC 2014 | Year: 2015

Web applications, such as video streaming, map services and office applications, have become very popular due to the advances of web technology. Traditional traffic classification methods based on port numbers and payload signatures barely work because the applications run on the same port numbers (usually port 80 and 443) and the payloads are usually encrypted. Furthermore, a web application may provide multiple functions, and the traffic from them has diverse characteristics. In this work, we use statistical features from application messages to characterize the traffic from individual functions of web applications, and perform fine-grained classification to identify the application functions. The experimental results show the classification can achieve high accuracy up to 98.30% for the interaction functions and 92.72% for the download functions. © 2014 IEEE.


Fan C.-I.,National Sun Yat - sen University | Huang S.-Y.,CyberTrust Technology Institute | Lai Y.-L.,National Sun Yat - sen University
IEEE Transactions on Industrial Informatics | Year: 2014

According to related research, energy consumption can be effectively reduced by using energy management information of smart grids. In smart grid architecture, electricity suppliers can monitor, predicate, and control energy generation/consumption in real time. Users can know the current price of electrical energy and obtain energy management information from smart meters. It helps users reduce home's energy use. However, electricity consumptions of users may divulge the privacy information of users. Therefore, privacy of users and communication security of the smart grid become crucial security issues. This paper presents a secure power-usage data aggregation scheme for smart grid. Electricity suppliers can learn about the current power usage of each neighborhood to arrange energy supply and distribution without knowing the individual electricity consumption of each user. This is the first scheme against internal attackers, and it provides secure batch verification. Additionally, the security of the proposed scheme is demonstrated by formal proofs. © 2005-2012 IEEE.


Lo N.-W.,National Taiwan University of Science and Technology | Chiang M.-C.,National Taiwan University of Science and Technology | Hsu C.Y.,CyberTrust Technology Institute
Proceedings - 2015 10th Asia Joint Conference on Information Security, AsiaJCIS 2015 | Year: 2015

A mobile ad hoc network (MANET) is composed of multiple wireless mobile devices in which an infrastructureless network with dynamic topology is built based on wireless communication technologies. Novel applications such as location based services and personal communication Apps used by mobile users with handheld wireless devices utilize MANET environments. In consequence, communication anonymity and message security have become critical issues for MANET environments. In this study, a novel secure routing protocol with communication anonymity, named as Hash-based Anonymous Secure Routing (HASR) protocol, is proposed to support identity anonymity, location anonymity and route anonymity" and defend against major security threats such as replay attack, spoofing, route maintenance attack, and denial of service (DoS) attack. Security analyses show that HASR can achieve both communication anonymity and message security with efficient performance in MANET environments. © 2015 IEEE.


Fan C.-I.,National Sun Yat - sen University | Huang S.-Y.,CyberTrust Technology Institute | Hsu W.-C.,National Sun Yat - sen University
Proceedings - 2015 10th Asia Joint Conference on Information Security, AsiaJCIS 2015 | Year: 2015

Cloud storage is a remote storage service, where users can upload and download their data anytime and anywhere. However, it raises issues regarding privacy and data confidentiality because all the data are stored in the cloud storage. This is a subject of concern for users, and it affects their willingness to use cloud storage services. On the other hand, a cloud storage server typically performs a specialized data compression technique (data deduplication) to eliminate duplicate data because the storage space is not infinite. Data deduplication, which makes it possible for data owners to share a copy of the same data, can be performed to reduce the consumption of storage space. Due to the above issues, there is a research on encrypted data deduplication. In this manuscript, we propose an encrypted data deduplication mechanism which makes the cloud storage server be able to eliminate duplicate ciphertexts and improves the privacy protection. © 2015 IEEE.


Lo N.-W.,National Taiwan University of Science and Technology | Yu C.-K.,National Taiwan University of Science and Technology | Hsu C.Y.,CyberTrust Technology Institute
Proceedings - 2015 10th Asia Joint Conference on Information Security, AsiaJCIS 2015 | Year: 2015

In recent years people in modern societies have heavily relied on their own intelligent mobile devices such as smartphones and tablets to get personal services and improve work efficiency. In consequence, quick and simple authentication mechanisms along with energy saving consideration are generally adopted by these smart handheld devices such as screen autolock schemes. When a smart device activates its screen lock mode to protect user privacy and data security on this device, its screen auto-lock scheme will be executed at the same time. Device user can setup the length of time period to control when to activate the screen lock mode of a smart device. However, it causes inconvenience for device users when a short time period is set for invoking screen auto-lock. How to get balance between security and convenience for individual users to use their own smart devices has become an interesting issue. In this paper, an intelligent display (screen) auto-lock scheme is proposed for mobile users. It can dynamically adjust the unlock time period setting of an auto-lock scheme based on derived knowledge from past user behaviors. © 2015 IEEE.

Loading CyberTrust Technology Institute collaborators
Loading CyberTrust Technology Institute collaborators