活動與影片

2015
1. 中央研究院資訊科技創新研究中心 黃彥男研究員
技術名稱:建立雲端資安情資中心的技術及服務 (Establishing Technology and Service for Cloud Cyber Security Center)

技術說明:
分散式誘捕平台利用Honeyd模擬同一區域網路內的多台伺服器,引誘意圖攻擊者連接。後端提供多項虛構之網路服務,使攻擊者進入後誤以為已連上真實提供服務之主機,而開始進行各項攻擊程序。這些攻擊程序將被完整記錄,可做為後續研究網路攻擊之寶貴資訊,並與世界各地網安社群分享交流
The Entrapment Framework integrates several open source software and custom developed code, to provide well-faked network services for the hackers to intrude and perform actual hacking procedure. All the activities will be recorded and thus available for further analysis and sharing with global security community.

2. 【群體】國立臺灣大學孫雅麗教授、國立成功大學謝錫堃教授、國立政治灣大學郁方副教授
技術名稱:雲端服務之連續資安防禦偵測系統 (Real-time Continuous Security Protection System for Security Isolation Management in Virtualized Cloud)

技術說明:
研發資安技術提供安全的雲端運行環境。1.虛擬主機程式執行行為的側錄、分析、惡意行為偵察與鑑識。2.以通訊行為之特徵值經非監督式學習偵測點對點殭屍網路。3.開發雲端高效群集演算技術分析巨量資料與生成模式。
Develop three information security core techniques for cloud-enabled and virtualization solutions. 1. Profile and analyze malware runtime execution behaviors in virtual machines, extract invariant malicious behavior for in-depth malware detection and forensics. 2. Analyze session-based network traffic to get outstanding feature subsets via Information Gain method with cluster and similarity analysis to identified P2P Botnet by unsupervised learning algorithms. 3. Develop distributed unsupervised clustering techniques to analyze large data sets with the capability of scale-up for cluster-based behavioral analysis and model construction, such as malware characterization and detection.

3. 【群體】國立臺灣科技大學吳宗成教授、國立臺灣科技大學羅乃維副教授、國立臺灣科技大學查士朝副教授、國立東華大學葉國暉副教授、華夏科技大學蔡國裕助理教授
技術名稱:可信賴的App安全應用框架 (Trusted App Framework)

技術說明:
本計畫開發之安全框架平台提供以下共通功能模組:移轉App使用權、App 複製攻擊之預防與偵測、檢測App執行之隱私風險與存取權限控管、提供App源碼完整性驗證等,以建立可信賴的App使用環境。
A Trusted App Framework was proposed by the research team and its corresponding prototype was developed also to evaluate the feasibility of all proposed features within the framework. There are five distinct functional modules in the framework including secure App ownership transfer function, App anti-cloning function, App privacy risk measurement function, App data flow monitoring function, and App source code integrity verification function.

4. 國立交通大學 曾文貴教授
技術名稱:支援屬性存取控制、加密布林運算與完整性檢查的安全醫療資料庫 (Secure database for medical records with attribute-based access control, encrypted Boolean operations, and data integrity check)

技術說明:
我們設計開發一套安全醫療資料庫,利用可靠的密碼技術,能夠支援以下功能特性:利用混合加密達到資料隱私性、利用洋蔥加密達到資料查詢操作、利用屬性加密達到資料授權分享、利用資料完整性證明來達到資料完整性。本資料庫的安全特性是,即使資料庫管理者也無法得知儲存資料的內容。
We design a secure database for medical records. By using cryptographic techniques, the database can achieve data confidentiality. The database supports encrypted data queries and encrypted data sharing. We use hybrid encryption to protect data content efficiently. To support encrypted data queries, we use onion encryption. Especially, we design a homomorphic encryption method to support Boolean operations on encrypted data. To support encrypted data sharing, we use attribute-based encryption. As a result, the database supports attribute-based access control. We use provable data possession technique to check data efficiently.

5.【群體】國立成功大學楊竹星教授、國立中山大學陳嘉玫教授、國立成功大學李忠憲教授、國立成功大學林輝堂教授
技術名稱:雲端安全防禦系統 (Cloud Defense System)

技術說明:
針對目前雲端環境中所會遭遇到之進階持續性滲透攻擊進行偵測與追蹤、雲端環境內部日誌進行蒐集與整合、惡意網域及雲端流量監控等,對於雲端服務提供商可有一全面性之資安防護。
This project focus on the cloud threats, including advanced persistence threat, log collection and correlation, domain generation algorithm botnet and malicious network traffic monitoring. Providing a secure and reliable cloud environment.

6.國立中央大學 鄭永斌副教授
技術名稱:3D軟體除錯視覺化工具xDIVA (xDIVA (eXtreme Debugging Information Visualization Assistant))

技術說明:
視覺化除錯軟體xDIVA使用3D圖形、顏色和動畫來視覺化軟體與除錯資訊,xDIVA也可運用在Electronic design automation (EDA)軟體產業中,加速EDA軟體的除錯過程。
Debugging visualization tool called xDIVA is applied in EDA and makes the debugging process more efficient.

7.【群體】國立東華大學吳秀陽教授、國立臺灣科技大學邱舉明教授、國立臺灣科技大學項天瑞副教授、國立臺灣科技大學金台齡副教授
技術名稱:行動雲端環境動態群組服務研究與創新應用 (Group Service Architecture and Dynamic Group Management in Mobile Cloud)

技術說明:
整合行動、雲端、社群網路、巨量資料處理、P2P 點對點與分散式處理技術,為行動使用者建構一個服務環境,能夠在任何時間、任何地點、任何網路、與任何裝置上,皆能持續與其他使用者組成具有共同目標的動態群體,進行高品質的群組應用服務。
We integrates the key technologies of mobile, cloud, social, big data and P2P distributed computing for supporting dynamic grouping services, and also to promote an innovative application of dynamic group services in mobile cloud.

8.  國立臺灣科技大學 鄧惟中副教授
技術名稱:利用時鐘偏斜的實體裝置辨識技術 (Physical Device Identification Technology based on Clock Skew Measurement)

技術說明:
本技術能夠在數分鐘內精確量測時脈偏移,並可用以作為雲端帳戶的二次認證功能,加強雲端服務的安全性。
This technology enables cloud servers to measure the clock skews of client devices in few minutes, yet the precision remains in ppm level. It is promising to adopt this technique on physical device identification. Possible applications include two-factor authentication for cloud service login. Different from the existing approaches like linear programming or piecewise minimum, a Hough transform based technique is developed to realize this precise measurement in a short period of time.

9. 國立臺北科技大學 陳偉凱教授
技術名稱:雲端測試平台 (Cloud Testing Platform (CTP))

技術說明:
Android平台多元化與開放的特性導致開發App時,必須注意App與各種Android裝置的相容性。本技術可以協助App開發者同時在多款不同廠牌、型號的Android裝置上執行測試,以確認所開發出來的App能正確地於各種不同的Android裝置上執行。
Android platform is known for its diversity and openness, which however can also be painful to developers. When developing an App, the developer must be very careful to ensure that the App is compatible to different types of Android devices. Using CTP, a developer can simultaneously test an App on different Android devices so that compatibility issues can easily be found and resolved.

1. 科技部資訊安全實務研發計畫績優團隊採訪
本計畫召集人:國立臺灣科技大學 李漢銘教授
採訪團隊:國立臺灣大學孫雅麗教授、國立臺灣科技大學羅乃維教授、國立東華大學吳秀陽教授

2. 由電腦公會拍攝資安技術亮點,2016年台北國際暨技術發明交易展-科技館,參展團隊AirSig(空中簽名)