• Journal of the Korean Institute of Intelligent Systems
• /
• v.25 no.5
• /
• pp.464-469
• /
• 2015

This paper presents the smart system platform for remotely controlling the windows and doors system(WDS), which gathers and analyzes the state of WDS and the environmental data for preventing crimes and keeping a pleasant indoor. In particular, standard API between the smart WDS platform and the smart home platform has been presented to be easy to a home services, such as security, safety, and home appliance control. The private gateway of wire and wireless communication interfaces has been developed to remotely control and monitor the WDS for anytime and anyplace solving the crime prevention and ventilation problem. Web-and App-based user interface in order to detect the opening and shutting states and remotely control WDS have also been developed to support the mobile environment, respectively.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.1
• /
• pp.51-58
• /
• 2015

Internet of Thing is a collection of various technical components, and the interworking among heterogeneous devices, networks, applications is expected to be accelerated through the openness of IoT platform. For this reason, many technical and administrative security threats will occur in IoT environments. In this paper, authentication methods of recent researches are analyzed for safe IoT services, and new mutual authentication protocol is proposed to provide more secure communication. The proposed protocol prevents an impersonation as malicious gateway or illegal device providing mutual authentication between gateway and IoT device. The performance analysis and evaluation of proposed authentication protocol are performed.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.34 no.4
• /
• pp.72-81
• /
• 2011

In this paper, we propose adaptive convergence security policies and management technologies to improve security assurance in the home networking environment. Many security issues may arise in the home networking environment. Examples of such security issues include the user privacy, the service security, the integrated networking security, the middleware security and the device failure. All these security issues, however, should be fulfilled in phase due to many difficulties including deployment cost and technical complexity. For instance, fundamental security requirements such as authentication, access control and prevention of crime and disaster should be addressed first. Then, supplementary security policies and diverse security management technologies should be fulfilled. In this paper, we classify these requirements into three categories, a service authentication, a user authentication and a device authentication, and propose security policies and management technologies for each requirement. Since the home gateway is responsible for interconnection of many home devices and external network access, a variety of context information could be collected from such devices.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.165-174
• /
• 2019

They are frequently used today in public places such as street, subway, school or library. Since users can sometimes print documents that contain confidential data using Printer Kiosks, the devices should store and manage the documents securely. In this paper, we identify potential security threats in Printer Kiosks and suggest practical attack scenarios that can take place. To show the feasibility of suggested attack, we analyzed network traffic that were generated by the real Printer Kiosk device. As a result of our analysis, we have found that attackers can access other users' scanned files and access other users' documents from Printer Kiosk's home page. We confirmed that using our attack, we could retrieve other users' personal data.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.724-727
• /
• 2014

This paper is analyzing the situation of the Internet of Things Industry and draw the policy implications to promote Internet of Things industry. Major IT companies as Apple, Google, IBM, Sony, and Samsung have developed various smart glass and smart watch as a Iot products. In order to promote Iot Industry, we should take the build up of eco system between IT makers and the various contents provider, protection of personal information and data, development of killer applications and business models, and the conversion from IPv4 to IPv6 as a next internet address infra, build up of international standard platform on IoT.

• Journal of the Korean Institute of Gas
• /
• v.24 no.3
• /
• pp.1-10
• /
• 2020

This paper describes the development of a smart advanced metering infrastructure(AMI) architecture and services for using smart metering in gas industry. A general gas AMI system is composed of a smart gas meter, IoT network, the AMI platform, and an operation management system with security functions. The proposed gas AMI platform supports two-way communication between smart metering devices and AMI services and is applied by oneM2M standard to support interoperability between various types of metering devices and heterogeneous IoT networks. To demonstrating AMI system with the proposed platform, we installed about 2,900 smart gas meters in real environments and operated AMI systems for one year. We verified that about 94% of gas meters are normally worked and AMI services are stably operated without error or malfunction.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.7C
• /
• pp.985-996
• /
• 2004

In order to solve the increasing security problems, IDSs(Intrusion Detection System) have appeared. However, local IDSs have a limit to detect various intrusions in a large-scale network environment. So there are a lot of researches in progress which organize the elements of IDS in a distributed or hierarchical manner. In this paper, we design a integrated IDS which exchanges messages between them through the standardized message format (IDMEF) and communication protocol (IDXP). We also propose a policy profile for an effective control of IDSs, and employ the PKI mechanism for mutual authentication. We implement a prototype system for the proposed IDSs communicating with Snort and analyze its performance.

• The KIPS Transactions:PartC
• /
• v.11C no.6 s.95
• /
• pp.711-718
• /
• 2004

Packet sampling is the techniques to collect a part of the packets through network and analyze the characteristicsof the traffic for managing the network and keeping security. This paper presents a study on the sampling techniques applied to DDoS traffic and on the characteristics of the sampled traffic to detect DDoS attack efficiently and improve traffic analysis capacity. Three famous sampling techniques are evaluated with different sampling rates on various DDoS traffics. To analyze traffic characteristics, one of the DDoS attack detection method. Traffic Rate Analysis (TRA) is used. Simulation results verify that using sampling techniques preserve the traffic characteristics of DDoS and do not significantly reduce the detection accuracy.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.11
• /
• pp.1011-1019
• /
• 2012

This paper presents a novel hybrid authentication scheme in the next-generation Tactical Mobile Communication Systems(TMCS) with wireless MSAP mesh networks. The existing centralized and distributed authentication methods for security between MSAPs may have their pros and cons. The centralized authentication method induces overhead from frequent MSAP association which leads to long authentication delay. On the other hand, the distributed authentication method requires initial sharing of the authentication information. Therefore, a more efficient authentication scheme is needed to protect the network from malicious MSAPs and also maximize efficiency of the network security. The proposed scheme provides a hybrid method of efficiently managing the authentication keys in the wireless MSAP mesh network to reduce the induced authentication message exchange overhead. Also, as the authentication method between MSAP and TMFT is different, a method of utilizing the ACR for handling the EAP packets is proposed. In overall, the proposed scheme provides efficient mutual authentication between MSAPs especially for tactical environments and is analyzed through performance evaluation to prove its superiority.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.8B
• /
• pp.797-804
• /
• 2009

Recently, SIP(Session Initiation Protocol) is used to set up and manage sessions for multimedia applications such as VoIP(Voice over IP) and IMS(IP Multimedia Subsystem). However, because SIP operates over the Internet, it is exposed to pre-existed internet security threats such as service degradation or service disruptions. Multimedia applications which are delay sensitive even suffers more from the threats mentioned above. The proposed methods so far to detect SIP INVITE flooding are CUSUM(Cumulative Sum), Hellinger distance and adaptive threshold, but among methods only take normal state into consideration. So, it is not capable of adapting the condition of the network congestion which are dynamically changing. In this paper, SIP INVITE flooding detection algorithm considering network congestion which enables efficient detections of such attacks is proposed. The proposed algorithm is expected to detect other types of attacks such as BYE and CANCEL more precisely compared to other methods.