• Journal of Convergence for Information Technology
• /
• v.7 no.2
• /
• pp.1-9
• /
• 2017

Recently, the DDoS attack using the amplifier method makes it difficult to distinguish the normal traffic from the normal server and it is difficult to detect even the attack detection. Since the SSDP protocol is a common protocol widely used in IoT devices, it is used as a DDoS amplification attack. In this paper, we analyze the reflector attack of SSDP which is one of the DDoS and suggest a technical proposal to detect and defend against the attack by managing the Mac address of each device. Also, we propose a control structure to protect the reflection attack of SSDP in Home IoT. The efficiency of the proposed system has been verified by performing an experimental attack on the virtual environment.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.12
• /
• pp.1705-1713
• /
• 2018

It is currently undergoing the fourth industrial revolution, which is the convergence of ICT and manufacturing, connecting both industrial equipment and production processes to one network and communicating with each other. The fact that they are connected to one network has the advantage of management, but there is a risk of security. In particular, Wi-Fi can be easily accessed by outsiders through a software change of the MAC address or password exposures. In this paper, by applying the method of Beacon using a Bluetooth Low Energy Add in Bluetooth 4.0, we propose a system of black-box approach to secure connections to wireless Internet, users do not have to know the password. We also implemented the proposed system using the raspberry pi and verified the effectiveness of a real-time system by testing the communication.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.9
• /
• pp.1187-1192
• /
• 2020

The dronebot combat system is a representative model of the future battlefield in the 4th industrial revolution. In dronebot, unmanned reconnaissance tankrobot can minimize human damage and reduce cost with higher combat power than humans. However, since the battlefield environment is very complex such as obstacles and enemy situations, it is also necessary for the pilot to control the tankrobot. Tankrobot are robots with new ICT technology, capable of hacking attacks, and if there is an abnormality in control, it can pose a threat to manipulation and control. A Bluetooth sniffing attack was performed on the communication section of the tankrobot and the controller to introduce a vulnerability to Bluetooth, and a countermeasure using MAC address exposure prevention and communication section encryption was proposed as a security measure. This paper first presented the vulnerability of tankrobot to be operated in future military operations, and will be the basic data that can be used for defense dronebot units.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.793-801
• /
• 2022

Most Bluetooth devices are commonly used in various ways these days, but they can be often lost due to small-size devices. However, most Bluetooth protocol do not provide authentication functions to legitimate owners, and thus someone who obtains the lost Bluetooth device can easily connect to their smart devices to use it. In this paper, we propose NBAS can authenticates legitimate owners using NFT on lossy Bluetooth devices.NBAS generates a digital wallet on the blockchain using the decentralized network Ethereum blockchain and facilitating the MAC address of the Bluetooth device in the digital wallet. The owner of the wallet uses a private key to certify the Bluetooth device using NFT. The initial pairing time of NBAS was 10.25 sec, but the reconnection time was 0.007 sec similar to the conventional method, and the pairing rejection time for unapproved users was 1.58 sec on average. Therefore, the proposed NBAS effectively shows the device authentication over the conventional Bluetooth.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.15 no.4
• /
• pp.283-290
• /
• 2022

In this study, an IoT inspection system that can be linked with a server was developed using a gas timer and ESP-01 Wi-Fi module installed on a gas valve in the home. The server environment of the gas leak IoT inspection system was installed with APM (Apache, PHP, MySQL) to collect gas pressure data by generation so that leakage checks could be performed. In order to control the gas leak IoT inspection system, the app inventory was used to manage the gas leak check value in real time. In addition, user convenience has been enhanced so that membership management, WiFi settings, and leakage check values can be checked through mobile apps. In order to manage subscribers by region, the user list was checked by logging in in in the administrator mode so that the information on whether or not the leak test was conducted and the results could be provided. In addition, when the user presses the gas leak check button, the pressure is automatically checked, and the measured value is stored in the server, and when a gas leak occurs, the leakage check is performed after alarm and repair so that it can be used if normal. In addition, in order to prevent overlapping membership, membership management can be performed based on MAC addresses.

• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.453-458
• /
• 2013

In a wireless LAN environment, security is the most important. Security of 802.11 standard has many vulnerabilities of the network attack. IEEE has created mechanisms to security for this vulnerability. But the vulnerabilities is characteristic of broadcast in the air in wireless LAN, it is more disclosure then other network environments. In a wireless LAN environment, it can be accessed to the wireless LAN after authentication. Authentication process is one of most important because of the first security step. However, in the authentication process is not mentioned in the method of reducing the disclosure maximum fundamental. Therefore, in this research, the vulnerability of 802.11 are presented and how to do de-authentication in 802.11.

• ETRI Journal
• /
• v.32 no.2
• /
• pp.184-194
• /
• 2010

Ethernet ring protection (ERP) technology, which is defined in ITU-T Recommendation G.8032, has been developed to provide carrier grade recovery for Ethernet ring networks. However, the filtering database (FDB) flush method adopted in the current ERP standard has the drawback of introducing a large amount of transient traffic overshoot caused by flooded Ethernet frames right after protection switching. This traffic overshooting is especially critical when a ring provides services to a large number of clients. According to our experimental results, the traditional FDB flush requires a link capacity about sixteen times greater than the steady state traffic bandwidth. This paper introduces four flush optimization schemes to resolve this issue and investigates how the proposed schemes deal with the transient traffic overshoot on a multi-ring network under failure conditions. With a network simulator, we evaluate the performance of the proposed schemes and compare them to the conventional FDB flush scheme. Among the proposed methods, the extended FDB advertisement method shows the fastest and most stable protection switching performance.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.575-577
• /
• 2013

Recently most of the hand-held smart devices have WiFi communication facility. This makes WiFi AP(access point) popular and cheaper than before. These circumstance launches some services with AP providing location based services and device control services. In this paper, we propose a AP based control system. The control system consists of AP's, AP controller and Android application program. The AP can collect MAC address information of the associated smart devices and control connected devices. The AP controller maintains DB for smart device position information and device control information. Finally Android application program provides users location based service and device control service.

• Journal of the Korea Society of Computer and Information
• /
• v.10 no.3 s.35
• /
• pp.259-265
• /
• 2005

The purpose of this study is for designing a illegal query detection system using Winpcap library for unauthorized access by internal person. The illegal query detection can be possible detecting the data in out of access control or searching illegal data by plagiarizing other user ID. The system used in this paper collects packets and analyzes the data related to SQL phrase among them, and selects the user's basic information by comparing the dispatch of MAC address and user's hardware information constructed previously. If the extracted information and user's one are different, it is considered as an illegal query. It is expected that the results of this study can be applied to reducing the snaking off unprotected data, and also contributed to leaving the audit records using user's access log which can be applied to the pattern analysis.

• Journal of Information Processing Systems
• /
• v.16 no.3
• /
• pp.541-556
• /
• 2020

Wireless networks have become integral to society as they provide mobility and scalability advantages. However, their disadvantage is that they cannot control the media, which makes them vulnerable to various types of attacks. One example of such attacks is the evil twin access point (AP) attack, in which an authorized AP is impersonated by mimicking its service set identifier (SSID) and media access control (MAC) address. Evil twin APs are a major source of deception in wireless networks, facilitating message forgery and eavesdropping. Hence, it is necessary to detect them rapidly. To this end, numerous methods using clock skew have been proposed for evil twin AP detection. However, clock skew is difficult to calculate precisely because wireless networks are vulnerable to noise. This paper proposes an evil twin AP detection method that uses a multiple-feature-based machine learning classification algorithm. The features used in the proposed method are clock skew, channel, received signal strength, and duration. The results of experiments conducted indicate that the proposed method has an evil twin AP detection accuracy of 100% using the random forest algorithm.