• Information and Communications Magazine
• /
• v.32 no.1
• /
• pp.24-27
• /
• 2014

기존의 사이버 환경의 보안 기술은 단순히 데이터, 네트워크, 시스템을 보호함으로써 인간의 자산을 보호하는 차원의 기술이었다면, IoT 환경에서 보안 기술은 궁극적으로 사물들로부터 사람을 보호하는 기술로 패러다임의 변화가 예상된다. 따라서 본고에서는 미래의 새로운 성장동력으로 부상하고 있는 사물인터넷(IoT) 서비스 활성화를 지원하는 동시에 인간의 자산과 생명을 보호하기 위하여 정부차원에서 수립한 정보보호 기술 개발 계획을 정리한다. IoT 정보보호 기술은 디바이스, 네트워크, 서비스/플랫폼의 3개 계층으로 나누어 9개 원천기술로 분류하였다

• Review of KIISC
• /
• v.31 no.6
• /
• pp.31-35
• /
• 2021

다양한 스마트 홈 IoT가 개발됨에 따라 가정 내에서 IoT를 활용한 서비스가 확장되고 있다. 스마트 홈 IoT와 IoT가 등록된 스마트 폰은 서비스 제공을 위해 클라우드 서버와 통신을 수행한다. 클라우드 서버와 통신 과정에서 스마트 홈 IoT와 스마트 폰, 클라우드 서버에는 사용자에 대한 다양한 정보가 저장될 가능성이 있다. 사용자에 대한 다양한 정보가 클라우드 서버로 전송되는 것은 개인정보 문제를 야기할 수 있지만, 포렌식 관점에서는 범죄를 해결하는 데 증거로 사용될 수 있다. 따라서 본 논문에서는 클라우드 서버와 통신을 수행하는 클라우드 기반의 스마트 홈 IoT를 대상으로 데이터를 수집하는 기법을 알아보고 데이터 수집 기법이 적용된 기존의 스마트 홈 IoT 연구를 스마트 홈 IoT 기기 별로 나누어 분석한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.9
• /
• pp.269-274
• /
• 2016

In this paper We focuses on suggestion to quality model for IoT infrastructure services for Internet of Things. Quality model is suggested on security set out in ISO25000 quality factors and assessment of the existing traditional software application of ISO 9126 quality model. We validated that the proposed model can be realized it was applied to evaluate the 4 elements and related security in Metrics.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.11a
• /
• pp.1283-1286
• /
• 2017

사물인터넷(Internet of Things; IoT)이 발달하면서 FIWARE, oneM2M, AllJoyn 등의 많은 IoT 플랫폼이 개발되고 관련 표준들도 제정되고 있다. 이런 환경에서는 각 IoT 플랫폼의 통신 프로토콜, 보안정책 등이 상이하기 때문에 데이터가 연동되기 어렵고, 보안 인터워킹을 수행하는 것은 더욱 어려운 문제다. oneM2M과 FIWARE의 경우, Fi-Proxy 인터워킹 어댑터를 이용하여 상호간 인터워킹이 시연된 사례가 있지만 그 과정에서 보안이 고려되지는 않았다. oneM2M은 아직 보안 컴포넌트가 별도로 존재하지 않기 때문에, 본 논문에서는 oneM2M-FIWARE 보안 인터워킹 시나리오에 적용할 수 있는 OAuth 2.0 기반 oneM2M 보안 컴포넌트를 구현하고, FIWARE 보안 아키텍처를 분석 및 구현하여 시사점을 도출한다. 또한 본 논문은 oneM2M과 FIWARE 간의 보안 인터워킹 아키텍처를 제안하고, 이를 기반으로 향후 여러 도메인에 활용될 수 있는 구조를 가진 LED 예제를 개발한다.

• Journal of Internet of Things and Convergence
• /
• v.5 no.2
• /
• pp.103-110
• /
• 2019

In this paper, we suggested how the Internet of Things (IoT) technology could be applied to an internet platform that is used for managing the customer's power grid efficiently. For an internet platform with efficient management, analysis is done by several sections; communication method, and its protocol, and also security element. From this analysis, with currently used sensors, we have presented a development method for the sensor to server data reliable communication solution and data management server with a security solution. Moreover, this paper suggests a communication module that could be used for a power grid management platform, protocol and security algorithm and also a way to build a server for managing those systems and modules.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.121-127
• /
• 2016

Recently, the popularity of smart devices such as Wi-Fi and LTE has increased the use ratio of wireless dramatically. On the other hand, the use ratio of wired internet is decreasing. The IoT(Internet of Things) is not only for people but also for communication between people and things, and communication between things and things by connecting to a wireless without choosing a place. Along with the rapid spread of the IoT there is a growing concern about the threat of IoT security. In this paper, the proposed scheme is a efficiency group key agreement in IoT environment that guarantees secure communication among light-weight devices. The proposed scheme securely be able to communication with the group devices who share a group key, generated by own secret value and the public value. Such property is suitable to the environment which are required a local area and a group.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.313-314
• /
• 2016

최근 컴퓨터, 휴대폰 등 전자기기만 인터넷 연결이 가능하던 시대를 지나 냉장고, 에어컨, 현관문 등 모든 종류의 사물들 간 사람의 개입이 필요 없는 초연결사회로 발전하고 있다. 이러한 모든 사물들 간 인터넷기반으로 상호 연결되어있는 IoT(Internet of Things)환경이 급격히 성장 하고 있는 가운데 더불어 OSIoT(Open Source IoT)의 수요도 함께 급성장하고 있다. OSIoT의 소프트웨어는 보안에 대한 전문적인 개발자의 체계적인 설계에 의해 개발되어야만 하트블리드(HeartBleed), 쉘쇼크(ShellShock)와 같은 다양한 보안취약점에 안전하다. 하지만 OSIoT소프트웨어는 누구나 쉽게 접근 설계가 가능하기 때문에 일반적으로 배포되고 있는 OSIoT의 소프트웨어 검증이 필요하다. 따라서 본 논문에서는 다른 소프트웨어 점검 도구들과 연계 가능한 정적분석 도구인 취약점 별 익스플로잇 적용 모듈 설계를 제안한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.21 no.2
• /
• pp.15-26
• /
• 2021

Recently, as the introduction of cloud, mobile, and IoT has become active, there is a growing need for technology development that can supplement the limitations of traditional security solutions based on fixed perimeters such as firewalls and Network Access Control (NAC). In response to this, SDP (Software Defined Perimeter) has recently emerged as a new base technology. Unlike existing security technologies, SDP can sets security boundaries (install Gateway S/W) regardless of the location of the protected resources (servers, IoT gateways, etc.) and neutralize most of the network-based hacking attacks that are becoming increasingly sofiscated. In particular, SDP is regarded as a security technology suitable for the cloud and IoT fields. In this study, a new access control system was proposed by combining SDP and hash tree-based large-scale data high-speed signature technology. Through the process authentication function using large-scale data high-speed signature technology, it prevents the threat of unknown malware intruding into the endpoint in advance, and implements a kernel-level security technology that makes it impossible for user-level attacks during the backup and recovery of major data. As a result, endpoint security, which is a weak part of SDP, has been strengthened. The proposed system was developed as a prototype, and the performance test was completed through a test of an authorized testing agency (TTA V&V Test). The SDP-based access control solution is a technology with high potential that can be used in smart car security.

• Journal of Digital Convergence
• /
• v.19 no.9
• /
• pp.463-468
• /
• 2021

Although the IoT is showing explosive growth due to the development of technology and the spread of IoT devices and activation of services, serious security risks and financial damage are occurring due to the activities of various botnets. Therefore, it is important to accurately and quickly detect the activities of these botnets. As security in the IoT environment has characteristics that require operation with minimum processing performance and memory, in this paper, the minimum characteristics for detection are selected, and KNN (K-Nearest Neighbor), Naïve Bayes, Decision Tree, Random A comparative study was conducted on the performance of machine learning algorithms such as Forest to detect botnet activity. Experimental results using the Bot-IoT dataset showed that KNN can detect DDoS, DoS, and Reconnaissance attacks most effectively and efficiently among the applied machine learning algorithms.

• The Journal of Bigdata
• /
• v.8 no.2
• /
• pp.141-148
• /
• 2023

Recent advancements in the integration of satellite technology and the Internet of Things (IoT) have led to the development of a sophisticated network ecosystem, capable of generating and utilizing vast amounts of big data across various sectors. However, this integrated network faces significant security challenges, primarily due to constraints like limited latency, low power requirements, and the incorporation of diverse heterogeneous devices. Addressing these security concerns, this paper explores the construction of a satellite-IoT network through the application of Software Defined Networking (SDN). While SDN offers numerous benefits, it also inherits certain inherent security vulnerabilities. To mitigate these issues, we propose a novel approach that incorporates blockchain technology within the SDN framework. This blockchain-based SDN environment enhances security through a distributed controller system, which also facilitates the authentication of IoT terminals and nodes. Our paper details the implementation plan for this system and discusses its validation through a series of tests. Looking forward, we aim to expand our research to include the convergence of artificial intelligence with satellite-IoT devices, exploring new avenues for leveraging the potential of big data in this context.