• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.33-35
• /
• 2012

최근 와이파이, 블루투스 등 근거리 무선 통신 기술의 발달로 홈네트워크, U-City, 홈오토메이션 등의 실생활 적용이 가능해졌다. 이미 삼성, LG 등의 기업에서는 관련 제품을 양산 및 판매하고 있으며 그 기술의 관련연구 또한 활발하게 진행되고 있다. 하지만 이러한 기존 제품 및 시스템들은 가격이 높고 인터넷을 기반으로 운용되기 때문에 AP (Access Point)가 반드시 존재하여야 하며 가정 내의 모든 전자기기들을 연동시키기 위해 구현이 복잡하다는 문제점을 갖는다. 본 논문에서는 이를 해결하기 위해 기존 와이파이 다이렉트 및 블루투스의 D2D (Device-to-Device) 기술을 적용하여 AP의 필요성을 없애고 불필요한 연동을 제외하며 간단한 구현을 요구하는 저가의 제품을 개발하고자 한다. 실험적인 구현을 위해 모터 및 카메라 제어, 타이머, 통신 등이 가능한 AVR ATmega169 마이크로 컨트롤러와 스마트폰을 사용하여 원격 디지털도어락 관리 시스템을 제안한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.241-243
• /
• 2016

In the Past, Trend of car security was Physical Something like doorlock system, and The Generation did not have skills connecting External devices. Through Car Development is up, that trend of car security Changed Physical Security to Intelligence Security. This Changes give a chance to hackers to attack this system. This System use CAN(Controller Area Network) Protocol which have three vulnerabilities. First, ID Spoofing, Twice, D - Dos Attack, Third, Android Application Injected Modern cars have many ECU(Electronic Control Unit) to control devices like Engine ON/OFF, Door Lock Handling, and Controlling Handle. Because CAN Protocol spread signal using broadcast, Hackers can get the signal very easily, and Those often use Mobile devices like Android or IOS to attack this system. if bluetooth signal is spread wide, hackers get the signal, and analysis the bluetooth data, so then They makes certain data to attack ECU, they send the data to ECU, and control ECU installed car. so I suggest that I will prevent this attack to make Auth system and prevent this attack in end of Android.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.847-857
• /
• 2020

As IoT equipment is commercialized, Bluetooth or wireless networks will be built into general living devices such as IP cameras, door locks, cars and TVs. Security for IoT equipment is becoming more important because IoT equipment shares a lot of information through the network and collects personal information and operates the system. In addition, web-based attacks and application attacks currently account for a significant portion of cyber threats, and security experts are analyzing the vulnerabilities of cyber attacks through manual analysis to secure them. However, since it is virtually impossible to analyze vulnerabilities with only manual analysis, researchers studying system security are currently working on automated vulnerability detection systems, and Firm-AFL, published recently in USENIX, proposed a system by conducting a study on fuzzing processing speed and efficiency using a coverage-based fuzzer. However, the existing tools were focused on the fuzzing processing speed of the firmware, and as a result, they did not find any vulnerability in various paths. In this paper, we propose IoTFirmFuzz, which finds more paths, resolves constraints, and discovers more crashes by strengthening the mutation process to find vulnerabilities in various paths not found in existing tools.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.3
• /
• pp.81-90
• /
• 2018

Due to the dramatic advancement of IoT (Internet of Things), it is expected that tens of billions of IoT devices will be connected by the year 2024. Furthermore, as IoT technologies evolves, the security management in IoT platforms has become a critical issue. For example, there are interworking problems between heterogeneous IoT platforms caused by differences from communication protocols, security policies, etc. in each platform. In addition, unsecured interworking can cause major security issues including the information leakage. In this paper, in order to solve these problems, a security interworking architecture is proposed and implemented in both FIWARE and oneM2M, which are representative IoT platforms. First, the security architecture of FIWARE is analyzed and implemented, and then the security framework based on OAuth 2.0 is developed on Mobius platform. Finally, in order to validate the proposed security interworking architecture, a LED (Light-Emitting Diode) example, where the LED is controlled by only authorized users, is developed. The proposed architecture can be extended to the diverse IoT platforms and devices.