Browse > Article
http://dx.doi.org/10.14400/JDC.2018.16.9.179

Cyber KillChain Based Security Policy Utilizing Hash for Internet of Things  

Jeong, So-Won (Department of Convergence Security, Sungshin University)
Choi, Yu-Rim (Department of Convergence Security, Sungshin University)
Lee, Il-Gu (Department of Convergence Security Engineering, Sungshin University)
Publication Information
Journal of Digital Convergence / v.16, no.9, 2018 , pp. 179-185 More about this Journal
Abstract
Technology of Internet of Things (IoT) which is receiving the spotlight recently as a new growth engine of Information Communications Technology (ICT) industry in the $4^{th}$ Industrial Revolution needs trustworthiness beyond simple technology of security. IoT devices should consider trustworthiness from planning and design of IoTs so that everyone who develop, evaluate and use the device can measure and trust its security. Increased number of IoTs and long lifetime result in the increased securituy vulnerability due to the difficulty of software patch and update. In this paper, we investigated security and scalability issues of current IoT devices through research of the technical, political and industrial trend of IoT. In order to overcome the limitations, we propose an automatic verification of software integrity utilizing and a political solution to apply cyber killchain based security mechanism using hash which is an element technology of blockchain to solve these problems.
Keywords
Internet of Things; Cyber KillChain; Blockchain; Integrity; Software;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 O. Bello & S. Zeadally. (2016). Intelligent device-to-device communication in the internet of things. IEEE Systems Journal, 10(30), 1172-1182.   DOI
2 S. H. Lee & D. W. Lee. (2016). Actual Cases for Smart Fusion Industry based on Internet of Thing. Journal of the Korea Convergence Society, 7(2), 1-6.   DOI
3 S. H. Lee, D. H. Shim & D. W. Kee. (2016). Actual Cases of Internet of Thing on Smart City Industry. Journal of Convergence for Information Technology, 6(4), 65-70.   DOI
4 CISCO, Internet of Things, https://www.cisco.com/c/dam/en/us/products/collateral/e/internet-of-things/at-a-glance-c45-731471.pdf (last access: 2018.07.10.).
5 J. Lin, W. Yu, N. Zhang, X. Yang, H. Zhang & W. Zhao. (2017). A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet of Things Journal, 4(5), 1125-1142.   DOI
6 Y. Yang, L. Wu, G. Yin, L. Ki & H. Zhao. (2017). A survey on security and provacy issues in internet-of-things. IEEE Internet of Things Journal, 4(5), 1250-1258.   DOI
7 S. Hong & H. J. Sin. (2017). Analysis of the Vulnerability of the IoT by the Scenario. Journal of the Korea Convergence Society, 8(9), 1-7.   DOI
8 H. J. Mun, G. H. Choi & Y. C. Hwang. (2016). Countermeasure to Underlying Security Threats in IoT communication. Journal of Convergence for Information Technology, 6(2), 37-44.   DOI
9 C. Kolias, G. Kambourakis, A. Stavrou & J. Voas. (2017). DDoS in the IoT: Mirai and other botnets. Computer, 50(7), 80-84.   DOI
10 J. Gubbi, R. Buyya, S. Marusic & M. Palaniswami. (2013). Internet of Things (IoT): A vision, architecture elements, and future directions. Future generation computer systems, 29(7), 1645-1660.   DOI
11 Symantec. (2018). Internet Security Threat Report, Vol.23.
12 NIST. (2016). Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems, NIST Special Publication 800-160 Volume 1.
13 ENISA. (2015). Privacy and Data Protection by Design.
14 T. Yadav & A. M. Rao. (2015). Technical Aspects of Cyber Kill Chain. International Symosium on Security in Computing and Communication, 438-452.
15 NISC. (2016). General Framework for Secure IoT Systems.
16 KISA. (2016). IoT common security guide for security internalization of ICT convergence products and services, IoT Security Alliance of KISA.
17 I. C. Lin & T. C. Liao. (2017). A Survey of Blockchain Security Issues and Challenges, International Journal of Network Security, 19(5), 653-659
18 CC v3.1 Release 5. Common Criteria for Information Technology Security Evaluation (CC). url: https://www.commoncriteriaportal.org/cc/ (last access: 2018.07.10.).
19 Lockheed Martin Cyber KillChain, url: https://www.lockheedmartin.com/en-us/capabilities/cybr/cyber-kill-chain.html (last access: 2018.07.10.).