• The Journal of the Convergence on Culture Technology
• /
• v.2 no.4
• /
• pp.77-82
• /
• 2016

IoT technology was selected as one of IT 10 strategic technologies by gartner from 2013 to 2015, and implements advanced smart society while enabling interaction between people and things. Because IoT devices are connected to the Internet, they are involved in issues including exposure of private lives, for example, hacking to result in wireless signal interference, data theft, data modification and forgery and service denial, and critical security issues including threat to national confidential information and facilities. This study aims to suggest a method for examining threats to security through IP exposure of IoT devices and examining related problems to minimize threats to security through IP exposure including exposure of private lives or damages to the national infrastructure system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.507-509
• /
• 2018

Recently, the research for IoT technologies has been established actively, however the structure of centralized network has been pointed out as the vulnerable points. To solve these problems such as system load and security vulnerability, the research to introduce block chain technology is needed. In this paper, we propose the network domain for convergence of block chain and IoT platform, and describe the advantages from the convergence and various and applicable fields.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.1
• /
• pp.179-186
• /
• 2018

The number of devices connect to the internet is rapidly increasing with the advent of the IoT(Internet of Things). The IoT has improved the convenience of life. However, it makes security issues such as privacy violations. Therefore cybersecurity is the most important issue to be discussed nowadays. Especially, various protocols are used for same purpose due to rapidly increase of IoT market. To deal with this security threat noble vulnerability analysis is needed. In this paper, we contribute to the IoT security by proposing a new randomness-based test case evaluation methodology using variance and entropy. The test case evaluation method proposed in this paper can evaluate the test cases at a high speed regardless of the test set size, unlike the traditional technique.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.49-55
• /
• 2016

Recently mobile service industry has grown very rapidly. In this paper, We investigated the changes in mobile service network as well as security vulnerabilities of network in future 5G mobile service network, too. Recently, there are rapid developement of information and communication and rapid growth of mobile e-business users. Therefore We try to solve security problem on the internet environment which charges from wire internet to wireless internet or wire/wireless internet. Since the wireless mobile environment is limited, researches such as small size, end-to-end and privacy security are performed by many people. In addition, there is a need of internetworking between mobile and IoT services. Wireless Application Protocol has weakness of leaking out information from Gateway which connected wire and wireless communication. As such, We investigate the structure of mobile service network in order to gain security vulnerabilities and insights in this paper.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.6
• /
• pp.802-808
• /
• 2020

The IoT(Internet of Things) is based on the development of sensor technology and high-speed communication infrastructure, and the number of IoT connected to the network is increasing more than the number of people, and the increase is also very fast. In the field of defense, IoT is being deployed in various fields such as operations, military, base defense, and informatization, and the need is also increasing. Unlike the existing PC/server information protection system, cyber threats are also increasing as IoT sensors, which are vulnerable to information protection, are increasing in the network, so it is necessary to study the platform to protect the defense information and communication network. we investigated the case of connecting wired and wireless IoT to the defense network, and presented an efficient interlocking design method of the IoT integrated independent network with enhanced security by minimizing the contact point with the defense network.

• Journal of Digital Convergence
• /
• v.15 no.3
• /
• pp.187-193
• /
• 2017

Objects Internet-based healthcare services provide healthcare and healthcare services, including measurement of user's vital signs, diagnosis and prevention of diseases, through a variety of object internet devices. However, there is a problem that new security vulnerability can occur when inter-working with the security weakness of each element technology because the internet service based on the object Internet provides a service by integrating various element technologies. In this paper, we propose a user privacy protection model that can securely process user's healthcare information from a third party when delivering healthcare information of users using wearable equipment based on IoT in a mobile environment to a server. The proposed model provides attribute values for each healthcare sensor information so that the user can safely handle, store, and store the healthcare information, thereby managing the privacy of the user in a hierarchical manner. As a result of the performance evaluation, the throughput of IoT device is improved by 10.5% on average and the server overhead is 9.9% lower than that of the existing model.

• Advanced Industrial SCIence
• /
• v.2 no.1
• /
• pp.1-7
• /
• 2023

The use of Internet of Things(IoT) in smart cities and smart homes is essential. The security of the sensor nodes, which are the core of the IoT, is weak and hacking attacks are severe enough to have a fatal impact on real life. This research is conducted to improve the security of the Internet of Things by developing a lightweight secure communication protocol for the Internet of Things, and to build a safe Internet of Things environment suitable for the era of the 4th Industrial Revolution. It contributes to building a safe and convenient smart city and smart home by proposing key management and identifier development to increase the confidentiality of communication and the establishment of an Internet authentication system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.31-49
• /
• 2021

IoT devices refer to embedded devices that can communicate with networks. Since there are various types of IoT devices and they are widely used around us, in the event of an attack, damages such as personal information leakage can occur depending on the type of device. While the security team analyzes IoT devices, they should target firmware as well as software interfaces since IoT devices are operated by both of them. However, the problem is that it is not easy to extract and analyze firmware and that it is not easy to manage product quality at a certain level even if the same target is analyzed according to the analyst's expertise within the security team. Therefore, in this paper, we intend to establish a vulnerability analysis process for the firmware of IoT devices and present available tools for each step. Besides, we organized the process from firmware acquisition to analysis of IoT devices produced by various commercial manufacturers, and we wanted to prove their validity by applying it directly to drone analysis by various manufacturers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.11-17
• /
• 2021

Due to the recent development of the Internet of Things (IoT) and the increase in services using drones, research on IoD is actively underway. Drones have limited computational power and storage size, and when communicating between drones, data is exchanged after proper authentication between entities. Drones must be secure from traceability because they contain sensitive information such as location and travel path. In this paper, we point out a fatal security vulnerability that can be caused by the use of pseudonyms and certificates in existing IoD research and propose a solution.