Browse > Article
http://dx.doi.org/10.15207/JKCS.2021.12.5.009

Hash-based SSDP for IoT Device Security  

Kim, Hyo-Jong (Dept. of Computers & Media Engineering, Tongmyong University)
Han, Kun-Hee (Division of Computer Engineering, Baekseok University)
Shin, Seung-Soo (Dept. of Software Convergence Security, Tongmyong University)
Publication Information
Journal of the Korea Convergence Society / v.12, no.5, 2021 , pp. 9-16 More about this Journal
Abstract
Due to the prolonged infectious disease of COVID-19 worldwide, there are various security threats due to network attacks on Internet of Things devices that are vulnerable to telecommuting. Initially, users of Internet of Things devices were exploited for vulnerabilities in Remote Desktop Protocol, spear phishing and APT attacks. Since then, the technology of network attacks has gradually evolved, exploiting the simple service discovery protocol of Internet of Things devices, and DRDoS attacks have continued to increase. Existing SSDPs are accessible to unauthorized devices on the network, resulting in problems with information disclosure and amplification attacks on SSDP servers. To compensate for the problem with the authentication procedure of existing SSDPs, we propose a hash-based SSDP that encrypts server-specific information with hash and adds authentication fields to both Notify and M-Search message packets to determine whether an authorized IoT device is present.
Keywords
Internet of Things; Simple Service Discovery Protocol; Distributed Denial of Service; Distributed Reflective Denial of Service; Man in the Middle Attack;
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 B. T. Kang & H. K. Kim. (2011). A study on the vulnerability of OTP implementation by using MITM attack and reverse engineering. Journal of the Korea Institute of Information Security & Cryptology, 21(6), 83-99.   DOI
2 C. S. Lim, W. K. Lee & T. C. Jo. (2010). An Effective Protection Mechanism for SSL Man-in-theMiddle Proxy Attacks. Journal of KIISE : Computing Practices and Letters, 16(6), 693-697.
3 N. K. Baik. (2020). Multi-level detection method for DRDoS attack. Journal of the Korea Institute of Information and Communication Engineering, 24(12), 1670-1675.   DOI
4 H. J. Kim, S. Y. Cjoi & S. S Shin. (2021). Designing a Response Scheme to Prevent Distributed Reflection Dos. Proceedings of the Korean Society for Internet Information.
5 S. J. Bang et el. (2018). A Security Analysis of IoT Hub by manufacturer through MITM Attack. The Korean Institute of Information Scientists and Engineers.
6 Y. A. Hur & K. H. Lee. (2015). A Study on Countermeasures of Convergence for Big Data and Security Threats to Attack DRDoS in U-Healthcare Device. Journal of the Korea Convergence Society, 6(4), 243-248.   DOI
7 H. S. Choi, H. D. Park & H. J. Lee. (2015). A Study on Amplification DRDoS Attacks and Defenses. Journal of Korea Institute of Information, Electronics, and Communication Technology, 8(5), 429-437.   DOI
8 H. E Yang, Y. M Oh & Y. J Lee. (2020). The Mobile Anti-Virus Game Using IoT. Proceedings of KIIT Conference.
9 H. G. Moon & D. J Park. (2020). Edge-Centric Metamorphic IoT Device Platform for Efficient On-Demand Hardware Replacement in Large- Scale IoT Applications. Journal of the Korea Institute of Information and Communication Engineering, 24(12), 1688-1696.   DOI
10 S. C Lee & D. H Shin. (2020). TCP/IP Using Minimal Resources in IoT Systems. Journal of the Korea Society of Computer and Information, 25(10). 125-133.   DOI
11 J. H. Seol & K. Y Lee. (2008). Implementation of Middleware Security System for Home Networking. Journal of the Korea Institute of Information and Communication Engineering, 12(5), 863-869.   DOI
12 K. O Park & J. K Lee. (2017). A Countermeasure Technique for Attack of Reflection SSDP in Home IoT. Convergence Society for SMB, 7(2). 1-9.
13 J. H Oh & K. H Lee. (2016). Attack Scenarios and Countermeasures using CoAP in IoT Environment. Journal of the Korea Convergence Society, 7(4), 33-28.   DOI
14 J. W. Seo & S. J. Lee. (2015). A study on the detection of DDoS attack using the IP Spoofing. Journal of the Korea Institute of Information Security & Cryptology, 25(1). 147-153.   DOI
15 J. S. Jeon, Y. S. Jeong & W. Y. Soh. (2005). Design of Packet Generator for TCP/UDP Protocols Using Packet Sniffing and IP Spoofing. In Proceedings of the Korean Information Science Society Conference. (pp. 649-651).
16 Y. Liu, H. C. Baek, J. H. Park & S. B. Kim. (2017). An Improved Model Design for Traceback Analysis Time Based on Euclidean Distance to IP Spoofing Attack. Journal of convergence security, 17(5), 11-18.
17 H. D. Lee, H. T. Ha, H.C. Baek, C. G. Kim & S. B. Kim. (2012). Efficient Detction and Defence Model against IP Spoofing Attack through Cooperation of Trusted Hosts. Journal of the Korea Institute of Information and Communication Engineering, 16(12), 2649-2656.   DOI
18 M. Kuhrer, T. Hupperich, C. Rossow & T. Holz. (2014). Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks. 8th {USENIX} Workshop on Offensive Technologies ({WOOT} 14).