• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.4
• /
• pp.700-707
• /
• 2018

Vehicles are used in daily life as convenient transport, it is important to authenticate driver because vehicles are controlled by driver. Especially, in these days, there is a discussion on introduction of Driving Under the Influence car-starting locking device installation for preventing accidents caused by Driving Under the Influence of alcohol, these car-starting locking device installation requires a lot of money and time. Suitable user authentication for solving user's inconvenience during the disabled and men of national merit to receive discount benefits is needed. In this paper, For solving these problems, we propose the efficient vehicle control and user authentication system for preventing driving under the influence and providing the disabled and men of national merit benefit based on driver authentication by using user's smartphone NFC communication and user's biometric information.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.19 no.10
• /
• pp.661-667
• /
• 2018

Recently, the smart home market is growing due to the development of wireless communication technology and sensor devices, and various devices are being utilized. Such an IoT environment collects various vast amount of device information for intelligent services, receives services based on user information, controls various devices, and provides communication between different types of devices. However, with this growth, various security threats are occurring in the smart home environment. In fact, Proofpoint and HP warned about the cases of damage in a smart home environment and the severity of security vulnerabilities, and cases of infringement in various environments were announced. Therefore, in this paper, we have studied secure mutual authentication method between smart nodes used in smart home to solve security problems that may occur in smart home environment. In the case of the proposed thesis, security evaluations are performed using random numbers and frequently updated session keys and secret keys for well-known vulnerabilities that can occur in IoT environments and sensor devices such as sniffing, spoofing, device mutual authentication, And safety. In addition, it is confirmed that it is superior in security and key management through comparison with existing smart home security protocol.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.550-558
• /
• 2019

As the scale of the Internet of Things (IoT) environment grows and develops day by day, the information collected and shared through IoT devices becomes increasingly diverse and more common. However, because IoT devices have limitations on computing power and a low power capacity due to their miniaturized size, it is difficult to apply security technologies like encryption and authentication that have been directly applied in the previous Internet environment, making the IoT vulnerable to security threats. Because of this weakness, important information that needs to be delivered safely and accurately is exposed to the threat of malicious exploitation, such as data forgery, data leakage, and infringement of personal information. In order to overcome this threat, various security studies are being actively conducted to compensate for the weaknesses in IoT environment devices. In particular, since various devices interact, and share and communicate information collected in the IoT environment, each device should be able to communicate with reliability. With regard to this, various studies have been carried out on techniques for device authentication. This study examines the limitations and problems of the authentication techniques that have been studied thus far, and proposes technologies that can certify IoT devices for safe communication between reliable devices in the Internet environment.

• Journal of Korea Multimedia Society
• /
• v.19 no.1
• /
• pp.41-50
• /
• 2016

Moblie device based financial services are vulnerable to social engineering attacks because of the display screen of mobile devices. In other words, in the case of shoulder surfing, attackers can easily look over a user's shoulder and expose his/her password. To resolve this problem, a colour-based secure keyboard solution has been proposed. However, it is inconvenient for genuine users to verify their password using this method. Furthermore, password colours can be exposed because of fixed keyboard colours. Therefore, we propose a secure mobile authentication method to provide advanced functionality and strong privacy. Our authentication method is robust to social engineering attacks, especially keylogger and shoulder surfing attacks. According to the evaluation results, our method offers increased security and improved usability compared with existing methods.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.973-976
• /
• 2005

In IEEE 802.15.4 (Low-Rate Wireless Personal Area Network) specification, a successful reception and validation of a data or MAC command frame can be confirmed with an acknowledgment. However, the specification does not support security for acknowledgment frame; the lack of a MAC covering acknowledgments allows an adversary to forge an acknowledgment for any frame. This paper proposes an identity authentication mechanism at the link layer for acknowledgment frame in IEEE 802.15.4 network. With the proposed mechanism there is only three bits for authentication, which can greatly reduce overhead. The encrypted bit stream for identity authentication will be transmitted to device by coordinator within association process. Statistical method indicates that our mechanism is successful in handling MAC layer attack.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.4
• /
• pp.923-948
• /
• 2013

The main concern in mobile peer-to-peer (P2P) networks is security because jamming or eavesdropping on a wireless link is much easier than on a wired one and such damage can be incurred without physical access or contact. In particular, authentication has increasingly become a requirement in mobile P2P environments. This paper presents a new mutual authentication mechanism which requires less storage space and maintains a high level of security in mobile P2P networks. The proposed mechanism improves efficiency by avoiding the use of centralized entities and is designed to be agile in terms of both reliability and low-cost implementation. The mechanism suggested in the simulation evaluates the function costs occurring in authentication between the devices under mobile P2P network environment comparing to existing method in terms of basic operation costs, traffic costs, communications costs, storage costs and scalability. The simulation results show that the proposed mechanism provides high authentication with low cryptography processing overhead.

• Journal of the Korea Convergence Society
• /
• v.2 no.4
• /
• pp.9-14
• /
• 2011

Phishing is an attack to theft an user's identity by masquerading the user or the device. The number of phishing victims are sharply increased due to wide spread use of smart phones and messenger programs. Smart phones can operate various wi-fi based apps besides typical voice call and SMS functions. Generally, the messenger program such as Kakao Talk or Nate On is consisted of client and server functions. Thus, the authentication between the client and the server is essential to communicate securely. In this paper, we propose the messenger authentication protocol safe against smart phone phishing. To protect communications among clients, the proposed method provides message encryption and authentication functions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.201-212
• /
• 2017

As services using mobile devices increase, exposure of personal information, and secure threats increase. In this paper, we propose a location-based user authentication system used in mobile device for tightening security. Our authentication system is performed to authenticate two steps. The first authentication is location authentication to ensure that the user accesses an application in trustable space. This authentication method uses an Access Point's information. The second authentication is trustable space authentication to confirm the normal user. This method is carried out the authentication by using biometric information from the user.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.17 no.8
• /
• pp.311-317
• /
• 2016

Many services have been developed that are based on smart devices, and security between devices is emphasized. A beacon on the current IoT(Internet of Things) services has been utilized in the commercial field and is being applied to the services of the home IoT. On the other hand, the beacon is weak to security using Bluetooth-based services. Therefore, it is important to strengthen the security of the beacon. This paper proposes a dual security technique that can enhance the security of beacon-based services. The dual security architecture and security process is proposed based on beacon and authentication service. In addition, mobile application was developed and validated based on the beacon for proving the suitability of the proposed technique. The experimental method for verification are the authentication failure case, such as 1st authentication fail, and authentication success case, such as 1st authentication success and 2nd authentication success. The components of the verification experiments consists of two beacons (matched with Beacon ID, mismatched with Beacon ID), one mobile device and authentication application. This was tested to verify the compatibility of the dual security architecture and 1st/2nd authentication process.

• Journal of Internet of Things and Convergence
• /
• v.1 no.1
• /
• pp.39-44
• /
• 2015

Organization is increasing the authorizing process to use public certificate and bio information. Certificate, has evolved to be able to parallel distributes the bio authentication and portable bio-authentication device. Authentication using an individual's PC and smart devices continue to generalize, while convenience for authentication is increased by comparison Study on cooperation with the security at the network level's a weak situation. If ask authentication method through the cooperation of the public certificate and bio information work with current network access control, there is a possibility to develop a more powerful security policy. by cooperation weaknesses against vulnerable personal authentication techniques on security token in a reliable and secure personal authentication techniques, such as bio-recognition, Bio Information for identification and to prevent exposing a methodology suggest to validate whether or not to carry out in this paper. In addition, organize the scenario that can work with the 802.1x network authentication method, and presented a proposal aimed at realization.