• Title/Summary/Keyword: IoT Security

Search Result 917, Processing Time 0.028 seconds

Implementation of crypto key-based IoT network security system (암호키 기반 IoT 네트워크 보안 시스템 구현)

  • Jeon, Ji-Soo;Kang, Dong-Yeon;Han, Sung-Hwa
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2022.10a
    • /
    • pp.349-350
    • /
    • 2022
  • As research on IT convergence continues, the scope of IoT (Internet of Things) services continues to expand. The IoT service uses a device suitable for the purpose. These IoT devices require an authentication function. In addition, in IoT services that handle important information such as personal information, security of transmission data is required. In this study, we implement a crypto key-based IoT network security system that can authenticate devices for IoT services and securely transmit data between devices. Through this study, IoT service can authenticate the device itself and maintain the confidentiality of transmitted data. However, since it is an IoT service, additional research on the application efficiency of the encryption algorithm is required.

  • PDF

Next-Gen IoT Security: ARIA Cryptography within Hardware Secure Modules - A Comparative Analysis of MQTT and LwM2M Integration (차세대 IoT 보안: 하드웨어 보안모듈 내 ARIA 암호화 - MQTT 와 LwM2M 통합의 비교 분석)

  • Iqbal Muhammad;Laksmono Agus Mahardika Ari;Derry Pratama;Howon kim
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2024.05a
    • /
    • pp.235-238
    • /
    • 2024
  • This paper investigates the integration of ARIA cryptography within hardware secure modules to bolster IoT security. We present a comparative analysis of two prominent IoT communication protocols, MQTT and LwM2M, augmented with ARIA cryptography. The study evaluates their performance, security, and scalability in practical IoT applications. Our experimental setup comprises FPGA-enabled hardware secure modules interfaced with Raspberry Pi acting as an MQTT and LwM2M client. We utilize the Mosquitto MQTT server and an LwM2M server deployed on AWS IoT. Through rigorous experimentation, we measure various performance metrics, including latency, throughput, and resource utilization. Additionally, security aspects are scrutinized, assessing the resilience of each protocol against common IoT security threats. Our findings highlight the efficacy of ARIA cryptography in bolstering IoT security and reveal insights into the comparative strengths and weaknesses of MQTT and LwM2M protocols. These results contribute to the development of robust and secure IoT systems, paving the way for future research in this domain.

Secure Multicast using Proxy Re-Encryption in an IoT Environment

  • Kim, SuHyun;Hwang, YongWoon;Seo, JungTaek
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.2
    • /
    • pp.946-959
    • /
    • 2018
  • Recently interest in Internet of Things(IoT) has attracted significant attention at national level. IoT can create new services as a technology to exchange data through connections among a huge number of objects around the user. Data communication between objects provides not only information collected in the surrounding environment but also various personalized information. IoT services which provide these various types of data are exposed to numerous security vulnerabilities. If data is maliciously collected and used by an attacker in an IoT environment that deals with various data, security threats are greater than those in existing network environments. Therefore, security of all data exchanged in the IoT environment is essential. However, lightweight terminal devices used in the IoT environment are not suitable for applying the existing encryption algorithm. In addition, IoT networks consisting of many sensors require group communication. Therefore, this paper proposes a secure multicast scheme using the proxy re-encryption method based on Vehicular ad-hoc networks(VANET) environment. The proposed method is suitable for a large-scale dynamic IoT network environment using unreliable servers.

A Study on the Security Framework for IoT Services based on Cloud and Fog Computing (클라우드와 포그 컴퓨팅 기반 IoT 서비스를 위한 보안 프레임워크 연구)

  • Shin, Minjeong;Kim, Sungun
    • Journal of Korea Multimedia Society
    • /
    • v.20 no.12
    • /
    • pp.1928-1939
    • /
    • 2017
  • Fog computing is another paradigm of the cloud computing, which extends the ubiquitous services to applications on many connected devices in the IoT (Internet of Things). In general, if we access a lot of IoT devices with existing cloud, we waste a huge amount of bandwidth and work efficiency becomes low. So we apply the paradigm called fog between IoT devices and cloud. The network architecture based on cloud and fog computing discloses the security and privacy issues according to mixed paradigm. There are so many security issues in many aspects. Moreover many IoT devices are connected at fog and they generate much data, therefore light and efficient security mechanism is needed. For example, with inappropriate encryption or authentication algorithm, it causes a huge bandwidth loss. In this paper, we consider issues related with data encryption and authentication mechanism in the network architecture for cloud and fog-based M2M (Machine to Machine) IoT services. This includes trusted encryption and authentication algorithm, and key generation method. The contribution of this paper is to provide efficient security mechanisms for the proposed service architecture. We implemented the envisaged conceptual security check mechanisms and verified their performance.

Security Analysis of MQTT and CoAP protocols in the IoT Environment (IoT 환경에서의 MQTT, CoAP 보안 기술 분석)

  • Oh, Se-Ra;Kim, Young-Gab
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2016.04a
    • /
    • pp.297-299
    • /
    • 2016
  • 기술의 발달과 융합으로 사물인터넷(Internet of Things; IoT)의 시대가 열렸다. 빅 데이터와 센서의 발달로 인해 정보는 전과 달리 더욱 사용자와 밀접해졌고 다양해졌으며 양 또한 많아졌다. 이와 더불어 IoT 환경은 다양한 기술들이 융합된 구조로 기존 기술들이 가지고 있는 보안 취약점뿐만 아니라 보다 복잡한 보안 문제점들이 발생할 수 있다. 본 논문에서는 IoT 환경에서 서비스나 IoT 기기들이 갖춰야할 보안 요구사항들을 확장성(scalability), 상호운용성(interoperability), 최소 자원 필요성(minimum resource necessity)으로 분류 하고 정의하였으며, IoT 서비스를 제공하기 위해 사용하는 대표적 프로토콜인 MQTT(Message Queue Telemetry Transfer)와 CoAP(Constrained Application Protocol)에 초점을 맞춰 각각의 표준 문서에서 권고하고 있는 보안 기술에 대해 살펴본다. 또한 그런 기술들에 있어서 발생 가능한 보안 취약점들을 분석하고 이를 해결하기 위한 방법을 제시한다.

A Scheme of User Face Recognition using a Moire Phenomenon in IoT Environment (IoT환경에서 무아레 현상을 이용한 사용자 얼굴 인증 기법)

  • Cho, Ik-Hyun;Lee, Keun-Ho
    • Journal of Digital Convergence
    • /
    • v.17 no.2
    • /
    • pp.171-176
    • /
    • 2019
  • In modern times, many IoT products are being used as all things and devices are connected to the Internet and IoT products become easily accessible through the network. For the convenience of users, IoT products can be remotely operated automatically without manual operation. Various research and development are underway to improve the convenience of users by using IoT products. However, since only the convenience of the users is pursued, in terms of security, there is a serious problem that exposes the user's personal information. This paper has proposed a method to apply $moir{\acute{e}}$ technology to IoT products in order to improve the performance of security, and a method to increase the safety of IoT products using user face authentication based on shadow $moir{\acute{e}}$ as a $moir{\acute{e}}$ phenomenon method, and the projection $moir{\acute{e}}$. When comparing the existing IoT products and IoT products applied with $moir{\acute{e}}$ technology, IoT products applied with $moir{\acute{e}}$ technology are safer in terms of security.

Hacking and Security Trends in IoT Devices (IoT 기기의 해킹 사건과 보안 동향)

  • Young-Sil Lee;Ga-Hyeon Lee;Hoon-Jae Lee
    • Proceedings of the Korean Society of Computer Information Conference
    • /
    • 2023.07a
    • /
    • pp.219-220
    • /
    • 2023
  • 현재 IoT 기기들은 일상생활에서 필수 가전기기가 되어가고 있다. 가정에서는 스마트홈으로 연결된 냉장고, 세탁기, 인공지능 스피커 등이 이미 많이 사용되고 있으며, 자율주행 차량과 키오스크 등 하루에도 매우 다양한 IoT 기기들을 가깝게 접하고 있다. 스마트 워치(Smart Watch)가 출시된 이후로는 IoT 기기가 매 순간 사용되며 사용자 개인정보와 사생활 등 중요하고 예민한 정보와 기업의 기밀 정보가 자동으로 기기에 저장되고 있다. 이러한 이유로 해커들의 타깃이 되어 새로운 해킹 수법이 발생하고 보안 취약점이 발견되고 있다. 본 논문에서는 IoT 기기에 관련하여 최근에 발생하는 해킹 사건들과 보안 취약점을 분석하고 이에 따른 대책을 알아보고자 한다.

  • PDF

A Review of Security Threats of Internet of Things

  • Nargis Jamal;Sataish Riaz;Jawad Ibrahim
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.6
    • /
    • pp.99-108
    • /
    • 2024
  • The Internet of Things (IoT) is a novel concept that allows a large number of objects to be connected to the Internet while also allowing them to be controlled remotely. The Internet of Things is extensive and has become an almost inseparable part of our daily lives. Users' personal data is frequently obtained by these linked gadgets and stored online. In recent years, the security of acquired data has become a major concern. As devices grow more linked, privacy and security concerns grow more pressing, and they must be addressed as soon as possible. IoT implementations and devices are particularly vulnerable to attacks that might adversely affect customer security and privacy, which might have an impact on their practical utility. The goal of this study is to bring attention to the security and privacy concerns that exist in IoT systems. To that purpose, the paper examines security challenges at each level of the IoT protocol stack, identifies underlying impediments and critical security requirements, and provides a rapid overview of available security solutions for securing IoT in a layered environment.

A Study of End-to-End Message Security Protocol Based on Lightweight Ciphers for Smart IoT Devices (스마트 IoT 디바이스를 위한 경량 암호기반 종단간 메시지 보안 프로토콜)

  • Kim, Hee-jeong;Kim, Jeong Nyeo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.28 no.6
    • /
    • pp.1309-1317
    • /
    • 2018
  • Although the IoT market is steadily growing, there is still a lack of consideration for increasing security threats in the IoT environment. In particular, it is difficult to apply existing IP security technology to resource-constrained devices. Therefore, there is a demand for reliable end-to-end communication security measures to cope with security threats such as information tampering and leakage that may occur during communication between heterogeneous networks do. In this paper, we propose an end-to-end message security protocol based on lightweight cipher that increases security and lowers security overhead in resource-constrained IoT device communication. Through simulation of processing time, we verified that the proposed protocol has better performance than the existing AES-based protocol.

A Research on IoT Security Technology based on Blockchain and Lightweight Cryptographic Algorithms

  • Sun-Jib Kim
    • International Journal of Advanced Culture Technology
    • /
    • v.11 no.1
    • /
    • pp.343-348
    • /
    • 2023
  • As the IoT market continues to grow, security threats to IoT devices with limited resources are also increasing. However, the application of security technology to the existing system to IoT devices with limited resources is impossible due to the inherent characteristics of IoT devices. Various methods for solving related problems have been studied in existing studies to solve this problem. Therefore, this study analyzes the characteristics of domestic IoT authentication standards and existing research to propose an algorithm that applies blockchain-based authentication and lightweight encryption algorithms to IoT equipment with limited resources. In this study, a key generation method was applied using a Lamport hash-chain and data integrity between IoT devices were provided using a Merkle Tree, and an LEA encryption algorithm was applied using confidentiality in data communication. In the experiment, it was verified that the efficiency is high when the LEA encryption algorithm, which is a lightweight encryption algorithm, is applied to IoT devices with limited resources.