• Proceedings of the Korean Society of Computer Information Conference
• /
• 2016.01a
• /
• pp.85-86
• /
• 2016

본 논문에서는 IoT 환경에서 IoT 게이트웨이를 통해 제공되고 있는 서비스 탐색 프로토콜에 대한 문제점을 분석하고 이를 해결하기 위한 해결방법에 대한 방향을 제시한다. 현재 다양한 IoT 서비스 탐색 프로토콜이 제안되어 있으며 제안된 서비스 탐색 프로토콜은 IP 기반 프로토콜과 non-IP 기반 프로토콜로 구분된다. 최근 IoT 기반 홈 네트워크 서비스 제공을 위해 스마트 IoT 게이트웨이가 개발되었다. 제안된 IoT 게이트웨이는 이종 네트워크 인터페이스에 대한 프로토콜 컨버팅 기능은 제공하고 있으나 서비스 탐색에 대한 홍보기능을 제공하고 있지 않다. 따라서 상이한 인터페이스로 구성된 IoT 디바이스에 대한 서비스 탐색 기능을 제공하지 못한다. 본 논문에서는 이런 문제점을 정의하고 이를 해결하기 위한 IoT 게이트웨이 내부 기능을 정의하고 추가적으로 공통 IoT 서비스 탐색 프로토콜 개발에 대한 방향을 제시한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.05a
• /
• pp.566-568
• /
• 2018

최근 IoT 기술이 산업 전반에 걸쳐 적용되고 있다. 본 논문에서는 기존 택배 시스템에서 비효율적인 경로로 배송되는 문제점을 개선하기 위해 택배 시스템에 IoT 기술을 적용하여 경로 최적화를 도모하며 IoT 장치와 IoT 플랫폼을 중심으로 문제 해결 솔루션을 제시한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.5
• /
• pp.609-616
• /
• 2014

Recently information industry has developed from IT into ICT. Among ICT area, M2M is evolving into IoT. As progress is being made in the IoT industry, people continue to try converging the IoT and other industries. One good example of such convergence is with sports industry. In this paper, we perform information analysis centered at keyword as a basic research for development of advanced leisure sports industry integrated with the IoT.

• Journal of Information Technology Services
• /
• v.15 no.4
• /
• pp.41-62
• /
• 2016

In Internet of Things (IoT) era, more diverse types of information are collected and the environment of information usage, distribution, and processing is changing. Recently, there have been a growing number of cases involving breach and infringement of personal information in IoT services, for examples, including data breach incidents of Web cam service or drone and hacking cases of smart connected car or individual monitoring service. With the evolution of IoT, concerns on personal information protection has become a crucial issue and thus the risk analysis and management method of personal information should be systematically prepared. This study shows risk factors in IoT regarding possible breach of personal information and infringement of privacy. We propose "a risk analysis framework of protecting personal information in IoT environments" consisting of asset (personal information-type and sensitivity) subject to risk, threats of infringement (device, network, and server points), and social impact caused from the privacy incident. To verify this proposed framework, we conducted risk analysis of IoT services (smart communication device, connected car, smart healthcare, smart home, and smart infra) using this framework. Based on the analysis results, we identified the level of risk to personal information in IoT services and suggested measures to protect personal information and appropriately use it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.343-351
• /
• 2017

With ICT technology develops, IoT environment is attracting attention. However, IoT devices have various CPU performance as much as various purpose of use. Some IoT devices use the cpu that doesn't support public key cryptogrphy or crypto acceleration. In this paper, we study Blockchain-based IoT Device Authentication Scheme that provides authentication, integirity and non-repudation through analysis of Lamport Hash-chain, Lamport Signature, Blockchain and existing Authentication protocols. The proposed scheme requires only simple hash operation in IoT devices and it can operate in low performance IoT device, thus ensuring secure authentication in IoT environment.

• Journal of the Korea Convergence Society
• /
• v.9 no.4
• /
• pp.57-63
• /
• 2018

IoT devices are used in many areas to perform various roles and functions in a cloud environment. However, a method of access control that can stably control the IoT device has not been proposed yet. In this paper, we propose a hierarchical multi-level property access control scheme that can perform stable access of IoT devices used in a cluster environment. In order to facilitate the access of the IoT device, the proposed method not only provides the ID key (security token) unique to the IoT device by providing the IoT Hub, but also allows the IoT Hub to authenticate the X.509 certificate and the private key, So that the private key of the IoT device can not be seen outside the IoT device. As a result of the performance evaluation, the proposed method improved the authentication accuracy by 10.5% on average and the processing time by 14.3%. The overhead of IoT Hub according to the number of IoT attributes was 9.1% lower than the conventional method.

• Journal of Internet Computing and Services
• /
• v.24 no.1
• /
• pp.17-26
• /
• 2023

A smart city is a massive internet of things (IoT) environment, where all terminal devices are connected to a network to create and share information. In accordance with massive IoT environments, millions of IoT devices are connected, and countless data are generated in real time. However, since heterogeneous IoT devices are used, collecting the logs for each IoT device is difficult. Due to these issues, when an IoT device is invaded or is engaged in malicious behavior, such as infection with malware, it is difficult to respond quickly, and additional damage may occur due to information leakage or stopping the IoT device. To solve this problem, in this paper, we propose identifying the attack technique used for initial access to IoT devices through MITRE ATT&CK, collect the logs that can be generated from the identified attack technique, and use them to identify the cause of malware infection.

• Journal of Digital Convergence
• /
• v.20 no.3
• /
• pp.325-331
• /
• 2022

As IoT devices are used in various ways in an edge network environment, multiple studies are being conducted that utilizes the information collected from IoT devices in various applications. However, it is not easy to apply accurate IoT data immediately as IoT data collected according to network environment (interference, interference, etc.) are frequently missed or error occurs. In order to minimize mistakes in IoT data collected in an edge network environment, this paper proposes a management technique that ensures the reliability of IoT data by randomly generating signature values of IoT data and allocating only Security Information (SI) values to IoT data in bit form. The proposed technique binds IoT data into a blockchain by applying multiple hash chains to asymmetrically link and process data collected from IoT devices. In this case, the blockchainized IoT data uses a probability function to which a weight is applied according to a correlation index based on deep learning. In addition, the proposed technique can expand and operate grouped IoT data into an n-layer structure to lower the integrity and processing cost of IoT data.

• Journal of Digital Convergence
• /
• v.16 no.11
• /
• pp.329-334
• /
• 2018

Web services are standardized software technologies that enable interoperability of operating systems and programming languages through networks and related standards. Web services are distributed computing services that provide and discover services making it possible to access various services. Since the search method of web service considers only the functional aspect, it has a limitation on user-oriented search when selecting a service. In order to solve these problems, this study proposes an automatic IoT information generation tool, and provides IoT extension information when searching a web service, thereby improving the problem so that a suitable service can be selected for a user. Automatic IoT extension information generation tool proposed in this study collects and stores various information generated in the process of sensing, networking, and information processing by collaborating autonomously in a distributed environment of user, object, and service. The proposed method supports the service search suitable for the user by providing the information generated by the user as extended information when searching the web service. The proposed method can be applied to the 4th industry sector to provide a customized service that meets various environment requirements.

• Journal of Information Processing Systems
• /
• v.18 no.4
• /
• pp.489-499
• /
• 2022

Recently, the number of Internet of Things (IoT) devices has been increasing exponentially. These IoT devices are directly connected to the internet to exchange information. IoT devices are becoming smaller and lighter. However, security measures are not taken in a timely manner compared to the security vulnerabilities of IoT devices. This is often the case when the security patches cannot be applied to the device because the security patches are not adequately applied or there is no patch function. Thus, security vulnerabilities continue to exist, and security incidents continue to increase. In this study, we classified and analyzed the most common security vulnerabilities for IoT devices and identify the essential vulnerabilities of IoT devices that should be considered for security when producing IoT devices. This paper will contribute to reducing the occurrence of security vulnerabilities in companies that produce IoT devices. Additionally, companies can identify vulnerabilities that frequently occur in IoT devices and take preemptive measures.