• Title/Summary/Keyword: IoT 보안

Search Result 667, Processing Time 0.023 seconds

A Study on Pseudo-random Number Generator with Fixed Length Tap unrelated to the variable sensing nodes for IoT Environments (IoT 환경에서 가변 센싱 노드들에 무관한 고정 길이 탭을 가지는 의사 난수 발생기에 관한 연구)

  • Lee, Seon-Keun
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.19 no.2
    • /
    • pp.676-682
    • /
    • 2018
  • As the IoT world including WSNs develops, the number of sensor systems that sense information according to the environment based on the principle of IoT is increasing. In order to perform security for each sensor system in such a complicated environment, the security modules must be varied. These problems make hardware/software implementation difficult when considering the system efficiency and hacking/cracking. Therefore, to solve this problem, this paper proposes a pseudorandom number generator (FLT: Pseudo-random Number Generator with Fixed Length Tap unrelated to the variable sensing nodes) with a fixed-length tap that generates a pseudorandom number with a constant period, irrespective of the number of sensing nodes, and has the purpose of detecting anomalies. The proposed FLT-LFSR architecture allows the security level and overall data formatting to be kept constant for hardware/software implementations in an IoT environment. Therefore, the proposed FLT-LFSR architecture emphasizes the scalability of the network, regardless of the ease of implementation of the sensor system and the number of sensing nodes.

A Study on gateway authentication protocol in IoT (IoT에서 게이트웨이에 대한 인증 프로토콜에 관한 연구)

  • Lee, Jae-Young
    • Journal of Convergence for Information Technology
    • /
    • v.7 no.3
    • /
    • pp.91-96
    • /
    • 2017
  • IoT which is an abbreviation of Internet of Things refers to the communication network service among various objects such as people-people, objects-objects interconnection. The characteristic of IoT that enables direct connection among each device makes security to be considered as more emphasized factor. Though a security module such as an authentication protocol for resolving various security problems that may occur in the IoT environment has been developed, some weak points in security are still being revealed. Therefore, this paper proposes a method for including a protocol including gateway authentication procedure and mutual authentication between the devices and gateways. Protocols with additional authentication procedures can appropriately respond to attackers' spoofing attacks. In addition, important information in the message used for authentication process is protected by encryption or hash function so that it can respond to wiretapping attacks.

A Study on Systematic Firmware Security Analysis Method for IoT Devices (체계적인 IoT 기기의 펌웨어 보안 분석 방법에 관한 연구)

  • Kim, Yejun;Gim, Jeonghyeon;Kim, Seungjoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.31 no.1
    • /
    • pp.31-49
    • /
    • 2021
  • IoT devices refer to embedded devices that can communicate with networks. Since there are various types of IoT devices and they are widely used around us, in the event of an attack, damages such as personal information leakage can occur depending on the type of device. While the security team analyzes IoT devices, they should target firmware as well as software interfaces since IoT devices are operated by both of them. However, the problem is that it is not easy to extract and analyze firmware and that it is not easy to manage product quality at a certain level even if the same target is analyzed according to the analyst's expertise within the security team. Therefore, in this paper, we intend to establish a vulnerability analysis process for the firmware of IoT devices and present available tools for each step. Besides, we organized the process from firmware acquisition to analysis of IoT devices produced by various commercial manufacturers, and we wanted to prove their validity by applying it directly to drone analysis by various manufacturers.

IoT Security Channel Design Using a Chaotic System Synchronized by Key Value (키값 동기된 혼돈계를 이용한 IoT의 보안채널 설계)

  • Yim, Geo-Su
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.15 no.5
    • /
    • pp.981-986
    • /
    • 2020
  • The Internet of Things refers to a space-of-things connection network configured to allow things with built-in sensors and communication functions to interact with people and other things, regardless of the restriction of place or time.IoT is a network developed for the purpose of services for human convenience, but the scope of its use is expanding across industries such as power transmission, energy management, and factory automation. However, the communication protocol of IoT, MQTT, is a lightweight message transmission protocol based on the push technology and has a security vulnerability, and this suggests that there are risks such as personal information infringement or industrial information leakage. To solve this problem, we designed a synchronous MQTT security channel that creates a secure channel by using the characteristic that different chaotic dynamical systems are synchronized with arbitrary values in the lightweight message transmission MQTT protocol. The communication channel we designed is a method of transmitting information to the noise channel by using characteristics such as random number similarity of chaotic signals, sensitivity to initial value, and reproducibility of signals. The encryption method synchronized with the proposed key value is a method optimized for the lightweight message transmission protocol, and if applied to the MQTT of IoT, it is believed to be effective in creating a secure channel.

Lightweight IPsec protocol for IoT communication environments (IoT 통신 환경을 위한 경량 IPsec 프로토콜 연구)

  • Song, In-A;Oh, Jeong-Hyeon;Lee, Doo-Won;Lee, Young-Seok
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.11 no.1
    • /
    • pp.121-128
    • /
    • 2018
  • Internet of Things architecture connected to the Internet is a technology. However, Many paper research for the lightweight Protocol of IoT Environment. In these Paper excluded secure problem about protocol. So Light weight Protocol has weakness of secure in IoT environment. All of IoT devices need encryption algorithm and authentication message code for certain level of security. However, IoT environment is difficult to using existing security technology. For this reason, Studies for Lightweight IPsec is essential in IoT environment. For Study of Lightweight IPsec, We analyze existing protocols such as IPsec, 6LoWPAN for IEEE 802.15.4 layer and Lightweight IPsec based 6LoWPAN. The result is to be obtained for the lightweight IPsec protocols for IoT environment. This protocol can compatible with Internet network.

A Design of Certificate Management Method for Secure Access Control in IoT-based Cloud Convergence Environment (IoT기반 클라우드 융합환경에서 안전한 접근제어를 위한 인증서 관리기법 설계)

  • Park, Jung-Oh
    • Journal of Convergence for Information Technology
    • /
    • v.10 no.7
    • /
    • pp.7-13
    • /
    • 2020
  • IoT which is the core IT of the 4th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

Analysis and Study on Invasion Threat and Security Measures for Smart Home Services in IoT Environment (사물인터넷 환경에서의 스마트홈 서비스 침해위협 분석 및 보안 대책 연구)

  • Lee, Myongyeal;Park, Jaepyo
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.16 no.5
    • /
    • pp.27-32
    • /
    • 2016
  • In general, IoT(Internet of things) designate the intelligence technologies and services which interact all necessity information between human and things, things and thing and things and systems with all things connecting through the internet based. The smart home in present of IoT environment fuses the daily supplies/equipment which needs to use for the private life with the internet of things that is the fruit of the converged business through all most private consumption related in vastly. The concept of smart home has been built around early 2000s due to the spread of high speed internet and advanced of smart electronics and internet, furthermore influencing by the enhancement of wireless network and smart devices, it is advanced as a smart home within the internet of things environment. Smart home service inside the house which most closely implemented with personal life is being developed and advanced in various forms. These developments may exert a positive effect, but if it does not resolve the security issues for the smart home service, then it may cause a big plague of privacy and personal life.

Secure Configuration Scheme of Pre-shared Key for Lightweight Devices in Internet of Things (사물인터넷의 경량화 장치를 위한 안전한 Pre-shared Key 설정 기술)

  • Kim, Jeongin;Kang, Namhi
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.3
    • /
    • pp.1-6
    • /
    • 2015
  • The IoT(Internet of things) technology enable objects around user to be connected with each other for sharing information. To support security is the mandatory requirement in IoT because it is related to the disclosure of private information but also directly related to the human safety. However, it is difficult to apply traditional security mechanism into lightweight devices. This is owing to the fact that many IoT devices are generally resource constrained and powered by battery. PSK(Pre-Shared Key) based approach, which share secret key in advance between communication entities thereafter operate security functions, is suitable for light-weight device. That is because PSK is costly efficient than a session key establishment approach based on public key algorithm. However, how to safely set a PSK of the lightweight device in advance is a difficult issue because input/output interfaces such as keyboard or display are constrained in general lightweight devices. To solve the problem, we propose and develop a secure PSK configuration scheme for resource constrained devices in IoT.

Secure IEEE 802.15.4 Join Protocol for 6LoWPAN (6LowPAN 환경에서의 안전한 IEEE 802.15.4 가입 프로토콜)

  • Ahn, Seung-Hyun;Park, Chang-Seop;Yeon, Han-Beol
    • Convergence Security Journal
    • /
    • v.15 no.7
    • /
    • pp.103-110
    • /
    • 2015
  • The security of the data exchanged between sensor nodes in IoT (Internet of Things) environment becomes increasing. In the conventional IEEE 802.15.4, the key for secure communication between the sensor node and the sensor node and the PAN Coordinator or the sensor node is assumed to be pre-shared in advance. Especially, there is another problem in that sensor node authentication is not considered during the association process. In this paper, we propose a security scheme that solves the problems of previously proposed protocols with the pre-shared key for all devices.

Design of IoT Environment Secure Protocol Using Code-Based Cryptography (코드기반암호를 활용한 IoT 환경 보안 프로토콜 설계)

  • Jang, Kyung-Bae;Sim, Min-Joo;Seo, Hwa-Jeong
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2020.05a
    • /
    • pp.123-126
    • /
    • 2020
  • IoT(Internet of Things) 시대가 활성화되면서 개인정보를 포함한 많은 정보들이 IoT 디바이스들을 통해 전달되고 있다. 정보보호를 위해 암호화하여 통신하는 것이 중요하며 성능의 제한으로 인해 경량 보안 프로토콜 사용이 요구된다. 현재 많은 암호 시스템들은 인수분해 그리고 이산대수의 어려움에 기반하고 있다. 하지만 양자 알고리즘이 실현 가능한 양자 컴퓨터가 개발된다면 앞선 문제들을 쉽게 해결할 수 있다. 이에 본 논문에서는 양자내성암호 중 코드기반암호를 사용한 경량 보안프로토콜을 제안한다. 기존 프로토콜과 비교 분석해보고 안전성 분석 또한 실시하였다.