• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.344-345
• /
• 2022

ogy is being used in many fields, such as smart farms, smart oceans, smart homes, and smart energy. Various IoT terminals are used for these IoT services. Here, IoT devices are physically installed in various places. A malicious attacker can access the IoT service using an unauthorized IoT device, access unauthorized important information, and then modify it. In this study, to solve these problems, we propose an authentication system for IoT devices used in IoT services. The IoT device authentication system proposed in this study consists of an authentication module mounted on the IoT device and an authentication module of the IoT server. If the IoT device authentication system proposed in this study is used, only authorized IoT devices can access the service and access of unauthorized IoT devices can be denied. Since this study proposes only the basic IoT device authentication mechanism, additional research on additional IoT device authentication functions according to the security strength is required.IoT technol

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.3
• /
• pp.459-469
• /
• 2023

The number of IoT devices is explosively increasing due to the development of embedded equipment and computer networks. As a result, cyber threats to IoT are increasing, and currently, malicious codes are being distributed and infected to IoT devices and exploited for DDoS. Currently, IoT devices that are the target of such an attack have various installation environments and have limited resources. In addition, IoT devices have a characteristic that once set up, the owner does not care about management. Because of this, IoT devices are becoming a blind spot for management that is easily infected with malicious codes. Because of these difficulties, the threat of malicious codes always exists in IoT devices, and when they are infected, responses are not properly made. In this paper, we will design an malware detection system for IoT in consideration of the characteristics of the IoT environment and present detection rules suitable for use in the system. Using this system, it will be possible to construct an IoT malware detection system inexpensively and efficiently without changing the structure of IoT devices that are already installed and exposed to cyber threats.

• KNOM Review
• /
• v.23 no.1
• /
• pp.51-62
• /
• 2020

Open IoT platform that shares communication infrastructure and provides cloud resources can flexibly reduce development period and cost of smart service. In this paper, as an open IoT platform, we propose a virtual IoT system based on edge computing that implements a virtual IoT device for a physical IoT device and allows service developers to interact with the virtual device. A management server in the edge cloud, near the IoT physical device, manages the creation, movement, and removal of virtual IoT devices corresponding to the physical IoT devices. This paper define the operations of the management server, the physical IoT device, and the virtual IoT device, which are major components of the virtual IoT system, and design the communication protocol required to perform the operations. Finally, through simulations, this paper evaluate the performance of the edge computing based virtual IoT system by confirming that each component performs the defined states and operations as designed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.151-156
• /
• 2016

The IoT technology and sensors used for collecting the environment information has rapidly increased the number and type. With the increasing need for this type of sensor effective system for selecting and testing the sensor nodes for the IoT to develop products and services. In this study, we design and implement IoT sensor testing system for IoT service and product. In order to support rapid prototyping, the proposed system provides testing and management tools for IoT sensor nodes. We analyze the requirements of the proposed system and design the system based on the functional component-specific design. Finally, we implement testing application to verify the functional elements of the proposed system.

• Journal of the Korea Convergence Society
• /
• v.8 no.10
• /
• pp.61-66
• /
• 2017

Recently, IoT technology is rapidly developing with the keyword "Anytime, Anywhere, Convenient". In addition, security problems in IoT systems are exploding and the damage is increasing as well. In this paper, we propose a method to develop IoT system safely by using internationally recognized CC evaluation in ICT by identifying the standardization and security technology development status defining IoT system security requirements. For this purpose, IoT system and service security aspects are analyzed. Based on this, it is possible to design the security functional requirements and to demonstrate the rationale of the security objective through the correspondence relation, and it is possible to design the protection profile for the IoT system. This is a sufficient basis for the development methodology to be presented in this paper because it is used as a means of referring to the set of security requirements of administrators, developers, and users.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.585-588
• /
• 2016

Due to the nature IoT Device (or Sensor) of the IoT System it may be susceptible (or attached) to our daily lives, so easy to direct physical access to IoT Device, which caused physical security is very weak. In this study, we implemented "Zero-Day Attack" on the ARMv7 Thumb Architecture as a direct target local system.

• KIISE Transactions on Computing Practices
• /
• v.23 no.9
• /
• pp.550-556
• /
• 2017

Due to the rapid growth and development of Internet of Things (IoT), various devices are now accessible and controllable anytime from anywhere. However, the current IoT system requires a series of complex steps (e.g., launch an application, choose a space and thing, control the thing, etc.) to control the IoT devices; therefore, IoT suffers from a lack of efficient and intuitive methods of interacting with users. To address this problem, we propose a novel IoT control framework based on IoT tags and social messages. The proposed system provides an intuitive and efficient way to control the device based on the device ownership: 1) users can easily control the device by IoT tagging, or 2) users can send an IoT social message to the device owner to request control of the tagged device. Through the development of the prototype system, we show that the proposed system provides an efficient and intuitive way to control devices in the IoT environment.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.6
• /
• pp.909-917
• /
• 2018

Recently, the Internet of Thing (IoT) technology is expanding explosively in the number of devices and applications in many application areas. In IoT systems, sensors and actuators are connected to the Internet and cooperate to do some applications by exchanging information. In this paper an IoT smart home system is developed to monitor and control home devices easily. Our system consists of sensor devices, IoT gateways, and an IoT server. Sensor devices developed using Rfduino sense the physical world and transmit their data using BLE to the IoT server thru the IoT gateway. We implemented the IoT gateway using Raspberry Pi and the IoT server using ARTIK cloud. We installed our system and made a test in our lab, which showed that our system can be installed and managed easily and extended its functionality in an easy way. By taking advantage of the rule mechanism and action messages of ARTIK cloud, we implemented the control of device parameters easily by sending action messages to the ARTIK cloud.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.59-66
• /
• 2018

Android Things is an Android-based platform running in Google's IoT environment. Android smartphones require permissions from application users to use certain features, but in the case of Android Things, there is no display to send request notifications to users. Therefore Does not make a request to use the permissions and automatically accepts the permissions from the system. If the privilege is used indiscriminately, malicious behavior such as system failure or leakage of personal information can be performed by a function which is not related to the function originally. Therefore, By monitoring the privileges that a device uses in an Android-based IoT system, users can proactively respond to security threats that can arise through unauthorized use of the IoT system. This paper proposes a system that manages the rights currently being used by IoT devices in the Android Things based IoT environment, so that Android-based IoT devices can cope with irrelevant use of rights.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.3
• /
• pp.139-150
• /
• 2015

The major components of IoT(Internet of Things) environment are IoT devices rather than the conventional desktop computers. One of the intrinsic characteristics of IoT devices is diversity in view of data type and data access method. In addition, IoT devices usually deal with real-time data. In order to use such IoT data for internal business or cloud services, an IoT platform capable of easy domain management and consistent data access interface is required. This paper proposes a Linux FUSE-based virtual file system connecting IoT devices on POSIX file system view. It is possible to manage IoT domain with the native Linux utilities such as mkdir, mknod, ls and find in the file system. Also, the file system makes it possible to access or control IoT devices through POSIX interface such as open(), read(), write() or close() without any separate APIs or utilities. A test result shows that the management performance of the file system is lower than that of linux file system negligibly.