• Title/Summary/Keyword: IoT Security

Search Result 917, Processing Time 0.028 seconds

Countermeasure against MITM attack Integrity Violation in a BLE Network (BLE 네트워크에서 무결성 침해 중간자 공격에 대한 대응기법)

  • Han, Hyegyeon;Lee, Byung Mun
    • Journal of Korea Multimedia Society
    • /
    • v.25 no.2
    • /
    • pp.221-236
    • /
    • 2022
  • BLE protocol prevents MITM attacks with user interaction through some input/output devices such as keyboard or display. Therefore, If it use a device which has no input/output facility, it can be vulnerable to MITM attack. If messages to be sent to a control device is forged by MITM attack, the device can be abnormally operated by malicious attack from attacker. Therefore, we describes a scenario which has the vulnerabilities of the BLE network in this paper and propose countermeasure method against MITM attacks integrity violations. Its mechanism provides data confidentiality and integrity with MD5 and security key distribution of Diffie Helman's method. In order to verify the effectiveness of the countermeasure method proposed in this paper, we have conducted the experiments. ​As experiments, the message was sent 200 times and all of them successfully detected whether there was MITM attack or not. In addition, it took at most about 4.2ms delay time with proposed countermeasure method between devices even attacking was going on. It is expected that more secure data transmission can be achieved between IoT devices on a BLE network through the method proposed.

Research Trend on Internet of Things and Smart City Using Keyword Fequency and Centrality Analysis : Focusing on United States, Japan, South Korea (키워드 빈도와 중심성 분석을 이용한 사물인터넷 및 스마트 시티 연구 동향: 미국·일본·한국을 중심으로)

  • Lee, Taekkyeun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.18 no.3
    • /
    • pp.9-23
    • /
    • 2022
  • This study aims to examine research trends on the Internet of Things and smart city based on papers from the United States, Japan, and Korea. We collected 7113 papers related to the Internet of Things and smart city published from 2016 to 2021 in Elsevier's Scopus. Keyword frequency and centrality analysis were performed based on the abstracts of the collected papers. We found keywords with high frequency of appearance by calculating keyword frequency and identified central research keywords through the centrality analysis by country. As a result of the analysis, research on security, machine learning, and edge computing related to the Internet of Things and smart city were the most central and highly mediating research conducted in each country. As an implication, studies related to deep learning, cybersecurity, and edge computing in Korea have lower degree centrality and betweenness centrality compared to the United States and Japan. To solve the problem it is necessary to combine these studies with various fields. The future research direction is to analyze research trends on the Internet of Things and smart city in various regions such as Europe and China.

Software Risk Management and Cyber Security for Development of Integrated System Remotely Monitoring and Controlling Ventilators (인공호흡기 원격 통합 모니터링 및 제어 시스템 개발을 위한 소프트웨어 위험관리 및 사이버보안)

  • Ji-Yong Chung;You Rim Kim;Wonseuk Jang
    • Journal of Biomedical Engineering Research
    • /
    • v.44 no.2
    • /
    • pp.99-108
    • /
    • 2023
  • According to the COVID-19, development of various medical software based on IoT(Internet of Things) was accelerated. Especially, interest in a central software system that can remotely monitor and control ventilators is increasing to solve problems related to the continuous increase in severe COVID-19 patients. Since medical device software is closely related to human life, this study aims to develop central monitoring system that can remotely monitor and control multiple ventilators in compliance with medical device software development standards and to verify performance of system. In addition, to ensure the safety and reliability of this central monitoring system, this study also specifies risk management requirements that can identify hazardous situations and evaluate potential hazards and confirms the implementation of cybersecurity to protect against potential cyber threats, which can have serious consequences for patient safety. As a result, we obtained medical device software manufacturing certificates from MFDS(Ministry of Food and Drug Safety) through technical documents about performance verification, risk management and cybersecurity application.

IoT Makes Life Simpler: How to Improve the Chinese Consumer's Intention to Use of LG HomNet Smart Home

  • Xiangdong Shen;Xi Chen;Yuting Jiang;Haixin Ji
    • Journal of Korea Trade
    • /
    • v.26 no.8
    • /
    • pp.1-20
    • /
    • 2022
  • Purpose - The paper aims to develop the theory of TAM and perceived risk through a more comprehensive and rigorous understanding of the influencing factors of the consumer's adoption of LG HomNet smart home from the perspective of trade-offs. Design/methodology - Based on the TAM and perceived risk theory, combined with the individual characteristics of consumers in the context of information technology as the external factors of the technology acceptance model, this paper constructs a theoretical model of the factors affecting the use intention of the consumer. It was empirically tested by using SEM, and survey data was collected from 458 respondents. Findings - The research results show that 9 hypotheses of the research model are supported and have reliable prediction accuracy. Consumers' perceived interest, perceived connectivity and perceived controllability have a significant positive impact on their intention to use. In addition, this paper also confirmed the mediating effect of perceived usefulness and perceived ease of use. Originality/value - Consumers are very concerned about gains and losses. Low-level performance risks, security risks, and financial risks will drive the consumer to have a stronger intention to use, and financial risks have the strongest impact. This research provides a useful implication and guidance for smart home equipment manufacturers and service providers in product and service innovation and marketing and promotion strategies.

Federated Learning modeling for defense against GPS Spoofing in UAV-based Disaster Monitoring Systems (UAV 기반 재난 재해 감시 시스템에서 GPS 스푸핑 방지를 위한 연합학습 모델링)

  • Kim, DongHee;Doh, InShil;Chae, KiJoon
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2021.05a
    • /
    • pp.198-201
    • /
    • 2021
  • 무인 항공기(UAV, Unmanned Aerial Vehicles)는 높은 기동성을 가지며 설치 비용이 저렴하다는 이점이 있어 홍수, 지진 등의 재난 재해 감시 시스템에 이용되고 있다. 재난 재해 감시 시스템에서 UAV는 지상에 위치한 사물인터넷(IoT, Internet of Things) 기기로부터 데이터를 수집하는 임무를 수행하기 위해 계획된 항로를 따라 비행한다. 이때 UAV가 정상 경로로 비행하기 위해서는 실시간으로 GPS 위치 확인이 가능해야 한다. 만일 UAV가 계산한 현재 위치의 GPS 정보가 잘못될 경우 비행경로에 대한 통제권을 상실하여 임무 수행을 완료하지 못하는 결과가 초래될 수 있다는 취약점이 존재한다. 이러한 취약점으로 인해 UAV는 공격자가 악의적으로 거짓 GPS 위치 신호를 전송하는GPS 스푸핑(Spoofing) 공격에 쉽게 노출된다. 본 논문에서는 신뢰할 수 있는 시스템을 구축하기 위해 지상에 위치한 기기가 송신하는 신호의 세기와 GPS 정보를 이용하여 UAV에 GPS 스푸핑 공격 여부를 탐지하고 공격당한 UAV가 경로를 이탈하지 않도록 대응하기 위해 연합학습(Federated Learning)을 이용하는 방안을 제안한다.

A Study on the Implementation of Raspberry Pi Based Educational Smart Farm

  • Min-jeong Koo
    • International journal of advanced smart convergence
    • /
    • v.12 no.4
    • /
    • pp.458-463
    • /
    • 2023
  • This study presents a paper on the implementation of a Raspberry Pi-based educational smart farm system. It confirms that in a real smart farm environment, the control of temperature, humidity, soil moisture, and light intensity can be smoothly managed. It also includes remote monitoring and control of sensor information through a web service. Additionally, information about intruders collected by the Pi camera is transmitted to the administrator. Although the cost of existing smart farms varies depending on the location, material, and type of installation, it costs 400 million won for polytunnel and 1.5 billion won for glass greenhouses when constructing 0.5ha (1,500 pyeong) on average. Nevertheless, among the problems of smart farms, there are lax locks, malfunctions to automation, and errors in smart farm sensors (power problems, etc.). We believe that this study can protect crops at low cost if it is complementarily used to improve the security and reliability of expensive smart farms. The cost of using this study is about 100,000 won, so it can be used inexpensively even when applied to the area. In addition, in the case of plant cultivators, cultivators with remote control functions are sold for more than 1 million won, so they can be used as low-cost plant cultivators.

The Impact of Block Chain Characteristics on the Intention to Use Hotel Reservation System in China (중국에서의 호텔예약 시스템의 블록체인 특성이 사용의도에 미치는 영향)

  • JIN, Peng-Ru;LEE, Jong-Ho
    • The Journal of Industrial Distribution & Business
    • /
    • v.10 no.8
    • /
    • pp.33-44
    • /
    • 2019
  • Purpose - As the scope of existing digital transformation expanded to various degrees, the Fourth Industrial Revolution came into being. In 2016, Klaus Schwab, Chairman of the World Economic Forum (WEF), said that the new technologies that lead the fourth industrial revolution are AI, Block chain, IoT, Big Data, Augmented Reality, and Virtual Reality. This technology is expected to be a full-fledged fusion of digital, biological and physical boundaries. Everything in the world is connected to the online network, and the trend of 'block chain' technology is getting attention because it is a core technology for realizing a super connective society. If the block chain is commercialized at the World Knowledge Forum (WKF), it will be a platform that can be applied to the entire industry. The block chain is rapidly evolving around the financial sector, and the impact of block chains on logistics, medical services, and public services has increased beyond the financial sector. Research design, data, and methodology - Figure analysis of data and social science analytical software of IBM SPSS AMOS 23.0 and IBM Statistics 23.0 were used for all the data researched. Data were collected from hotel employees in China from 25th March to 10th May. Results - The purpose of this study is to investigate the effect of the block chain characteristics of the existing hotel reservation system on the intention to use and to examine the influence of the block chain characteristics of the hotel reservation system on the intention to use, We rearranged the variables having the same or similar meaning and analyzed the effect of these factors on the intention to use the block chain characteristic of the hotel reservation system. 339 questionnaires were used for analysis. Conclusions - There are only sample hotel workers in this study, and their ages are in their 20s and 30s. In future studies, samples should be constructed in various layers and studied. In this study, the block chain characteristics are set as five variables as security, reliability, economical efficiency, availability, and diversity. Among them, Security and reliability made positive effects on the perceived usefulness. Also, security and economics did on the perceived ease. Availability and diversity did on both perceived usefulness and perceived ease. Perceived ease did on perceived usefulness. And perceived ease and perceived usefulness did on user intent. But security and economics did not on the perceived usefulness

A Study on Countermeasures of Convergence for Big Data and Security Threats to Attack DRDoS in U-Healthcare Device (U-Healthcare 기기에서 DRDoS공격 보안위협과 Big Data를 융합한 대응방안 연구)

  • Hur, Yun-A;Lee, Keun-Ho
    • Journal of the Korea Convergence Society
    • /
    • v.6 no.4
    • /
    • pp.243-248
    • /
    • 2015
  • U-Healthcare is a convergence service with medical care and IT which enables to examine, manage and maintain the patient's health any time and any place. For communication conducted in U-Healthcare service, the transmission methods are used that patient's medical checkup analysis results or emergency data are transmitted to hospital server using wireless communication method. At this moment when the attacker who executes the malicious access makes DRDoS(Distributed Reflection DoS) attack to U-Healthcare devices or BS(Base Station), various damages occur that contextual information of urgent patients are not transmitted to hospital server. In order to deal with this problem, this study suggests DRDoS attack scenario and countermeasures against DRDoS and converges with Big Data which could process large amount of packets. When the attacker attacks U-Healthcare devices or BS(Base Station), DB is interconnected and the attack is prevented if it is coincident. This study analyzes the attack method that could occur in U-Healthcare devices or BS which are remote medical service and suggests countermeasures against the security threat using Big Data.

Review of the suitability to introduce new identity verification means in South Korea : Focused on Block Chain and FIDO (우리나라의 본인확인수단에 관한 신규 인증수단의 도입 적합성 검토 : Block Chain과 FIDO를 중심으로)

  • Shin, Young-Jin
    • Journal of Convergence for Information Technology
    • /
    • v.8 no.5
    • /
    • pp.85-93
    • /
    • 2018
  • This study investigates the suitability of the blockchain and FIDO among non-face-to-face authentication means in order to secure diversity of identfication means operated in South Korea. In order to do this, the study selected and analyzed seven conformance criteria (universality, persistence, uniqueness, convenience, security, applicability, and economics), and the results were appropriate. Accordingly, in order to apply the blockchain and FIDO as the identification means, the related regulations and notices should be revised to improve the identification procedure. In addition, differentiated certification standards should be established for each service field to apply various authentication means as well as existing identification means, and the authentication means should be continuously developed and linked with the service. In the future, the identification means will bring security of the information circulation environment in the IoT, so it should be implemented in a variety of services by supporting application of identification means.

Group Key Generation and Exchange Scheme using a Trapdoor Collision Hash in M2M Communications Environment (M2M 통신 환경에서 트랩도어 충돌 해쉬를 이용한 그룹키 생성 및 교환 기법)

  • Kim, Sung-Soo;Jun, Moon-Seog;Choi, Do-Hyeon
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.5
    • /
    • pp.9-17
    • /
    • 2015
  • The development of wireless communication technology and change in the ICT market has led to the development of the M2M service and technology. Under these circumstances, the M2M environment has been the focus of communication environment construction between machines without control or direct intervention of human being. With characteristics of wireless communication environment, the possibility of being exposed to numerous security threats and safe communication security technology have becoming an issue an important requirements for problems such as data exposure, forgery, modulation, deletion, and privacy. This research analyzes requirements of trapdoor collision hash, generates keys between groups under the M2M environment by using the specificity of trapdoor, and suggests technology to exchange keys with session keys. Further, it also suggests techniques to confirm authentication of device and gateway in accordance with group key generation. The techniques herein suggested are confirmed as safe methods in that they have attack resistance such as Masquerade Attack, Man-in-the-Middle Attack, and Replay Attack in the group communication block by using the speciality of collision message and collision hash.