• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권3호
• /
• pp.1249-1272
• /
• 2016

In this paper, we propose a symmetric key establishment scheme for wireless sensor networks which tries to minimize the resource usage while satisfying the security requirements. This is accomplished by taking advantage of the communication pattern of wireless sensor networks and adopting heterogeneous wireless sensor networks. By considering the unique communication pattern of wireless sensor networks due to the nature of information gathering from the physical world, the number of keys to be established is minimized and, consequently, the overhead spent for establishing keys decreases. With heterogeneous wireless sensor networks, we can build a hybrid scheme where a small number of powerful nodes do more works than a large number of resource-constrained nodes to provide enhanced security service such as broadcast authentication and reduce the burden of resource-limited nodes. In addition, an on-demand key establishment scheme is introduced to support extra communications and optimize the resource usage. Our performance analysis shows that the proposed scheme is very efficient and highly scalable in terms of storage, communication and computation overhead. Furthermore, our proposed scheme not only satisfies the security requirements but also provides resilience to several attacks.

• Journal of Information Processing Systems
• /
• 제5권3호
• /
• pp.117-130
• /
• 2009

By providing ubiquitous Internet connectivity, wireless networks offer more convenient ways for users to surf the Internet. However, wireless networks encounter more technological challenges than wired networks, such as bandwidth, security problems, and handoff latency. Thus, this paper proposes new technologies to solve these problems. First, a Security Access Gateway (SAG) is proposed to solve the security issue. Originally, mobile terminals were unable to process high security calculations because of their low calculating power. SAG not only offers high calculating power to encrypt the encryption demand of SAG's domain, but also helps mobile terminals to establish a multiple safety tunnel to maintain a secure domain. Second, Robust Header Compression (RoHC) technology is adopted to increase the utilization of bandwidth. Instead of Access Point (AP), Access Gateway (AG) is used to deal with the packet header compression and de-compression from the wireless end. AG's high calculating power is able to reduce the load on AP. In the original architecture, AP has to deal with a large number of demands by header compression/de-compression from mobile terminals. Eventually, wireless networks must offer users "Mobility" and "Roaming". For wireless networks to achieve "Mobility" and "Roaming," we can use Mobile IPv6 (MIPv6) technology. Nevertheless, such technology might cause latency. Furthermore, how the security tunnel and header compression established before the handoff can be used by mobile terminals handoff will be another great challenge. Thus, this paper proposes to solve the problem by using Early Binding Updates (EBU) and Security Access Gateway (SAG) to offer a complete mechanism with low latency, low handoff mechanism calculation, and high security.

• 융합보안논문지
• /
• 제7권4호
• /
• pp.115-121
• /
• 2007

유/무선 망에서 통신 노드 간에 통신 실패로 이동 에이전트는 비록 망에서 일시적인 정보 서비스를 이용 할지 모르지만 모든 전송 정보가 블록되고 만다. 이러한 문제를 해결하기 위해 본 논문은 모바일 에이전트가 원할 한 전송을 보장받기 위한 경로 재순서 방법을 제안한다.

• 한국정보통신학회논문지
• /
• 제17권6호
• /
• pp.1348-1353
• /
• 2013

다음은 요약문 입니다. 여러 종류의 무선 통신망들에 대한 통합화된 서비스에 대한 수요가 요구되고 있다. 이러한 요구는 기존의 유선망과 무선 통신망의 통합 배치를 통하여 가능하게 되었다. 각각의 무선 통신망들은 기존이 망들에 비해 고유의 특징을 가지고 있다. 개방형 무선 통심 환경 하에서의 주요한 문제 중의 하나가 보안성에 관련된 문제이다. 개방형 환경 하에서 통합된 환경의 보안성을 실현하기 위해서는 현실에서 실제적으로 적용 가능한 통합 보안 구조를 개발하여야 한다. 따라서 본 논문에서는 이러한 요구조건을 만족하기 위해서 고려해야 하는 사항들을 분석하였다.

• International Journal of Computer Science & Network Security
• /
• 제21권11호
• /
• pp.105-110
• /
• 2021

Contact between Vehicle-to-vehicle and vehicle-to-infrastructural is becoming increasingly popular in recent years due to their crucial role in the field of intelligent transportation. Vehicular Ad-hoc networks (VANETs) security and privacy are of the highest value since a transparent wireless communication tool allows an intruder to intercept, tamper, reply and erase messages in plain text. The security of a VANET based intelligent transport system may therefore be compromised. There is a strong likelihood. Securing and maintaining message exchange in VANETs is currently the focal point of several security testing teams, as it is reflected in the number of authentication schemes. However, these systems have not fulfilled all aspects of security and privacy criteria. This study is an attempt to provide a detailed history of VANETs and their components; different kinds of attacks and all protection and privacy criteria for VANETs. This paper contributed to the existing literature by systematically analyzes and compares existing authentication and confidentiality systems based on all security needs, the cost of information and communication as well as the level of resistance to different types of attacks. This paper may be used as a guide and reference for any new VANET protection and privacy technologies in the design and development.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2008년도 추계종합학술대회 B
• /
• pp.744-747
• /
• 2008

Sensor networks will play an important role in the next generation pervasive computing. But its characteristic of wireless communication brings a peat challenge to the security measures used in the communication protocols. These measures are different from conventional security methods. In this paper, we proposed a security architecture for self-organizing mobile wireless sensor networks. It can prevent most of attacks based on intrusion detection.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제3권1호
• /
• pp.52-83
• /
• 2009

In this technical report, we have examined the basic building blocks of mobile ad-hoc networks. The paper discusses various security requirements of ad-hoc networks, attacks in ad-hoc networks, Security Implementation and Routing Protocols. The primary purpose of the paper is to address the Optimized Link State Routing (OLSR) protocol in detail, along with the various possible attacks. Finally, algorithms for securing OLSR are proposed, via the addition of digital signatures, as well as more advanced techniques such as cross checking of advertised routing control data with the node's geographical position. The main aim of this research work is the addition of security features to the existing OLSR protocol. In order to effectively design a secure routing protocol, we present a detailed literature survey of existing protocols, along with the various attacks. Based on the information gathered from the literature survey, a secure routing protocol for OLSR is proposed. The proposed secure routing protocol involves the addition of a digital signature as well as more advanced techniques such as the reuse of previous topology information to validate the actual link state. Thus, the main objective of this work is to provide secure routing and secure data transmission.

• 한국산업정보학회논문지
• /
• 제16권2호
• /
• pp.13-18
• /
• 2011

Security supports are a significant factor in mobile ad hoc networks. Especially in dynamic topologies, considering cluster, key management is essential to provide a secure system. Recently, Li-Liu proposed iD-based multiple key management scheme for cluster-based ad hoc networks. However, we found the security weakness of their scheme. In this paper, we analyze the security of Li-Liu's scheme and show that master secret key and fragment of the master secret key can be revealed to compromised CHs and nodes. Furthermore, we propose a solution to improve the scheme against disclosure of the share key and the master secret key even though system parameters are opened to compromised nodes and modify the Li-Liu's scheme fitted for a scalable networks. The improved IMKM scheme could be usefully applied in dynamic cluster-based MANETs such as the military battlefields, mobile marketplace and VANETs.

• 융합보안논문지
• /
• 제21권1호
• /
• pp.55-62
• /
• 2021

최근 센서를 이용한 장치들의 사용은 증가추세이다. 이런 센서 장치들은 이종무선 센서네트워크 환경에서 최신 기술들과 연관 지어 폭발적으로 증가하고 있다. 이런 환경에서 센서디바이스의 사용은 우리에게 편리함을 제공하기는 하나 여러 형태의 보안위협이 도사리고 있는 실정이다. 무선선서네트워크를 이용하여 원격으로 접속하여 제공받는 서비스에 존재하는 보안위협 중 대부분은 전송되는 정보의 유출과 사용자, 센서, 게이트웨이 사이의 인증에 대한 손실이 대부분이다. 2019년 Chen 등이 이종무선 센서 네트워크에 안전한 사용자 인증 프로토콜을 제안하였다. 그러나 Ryu 등이 제안한 논문에서 그들이 제안 프로토콜은 password guessing attack과 session key attack에 취약하다는 것을 주장하였다. 본 논문은 이전에 제안된 논문의 취약점을 개선하여 더욱 안전하고 효율적인 사용자 인증 프로토콜을 제안하였다.

• 한국통신학회논문지
• /
• 제35권9B호
• /
• pp.1342-1349
• /
• 2010

군용 환경에서 동적으로 변화하는 PT (Plain Text) 네트워크들이 Black (Blk) 네트워크를 통하여 서로 보안성있는 통신을 하기 위해서는 Blk 네트워크를 형성하는 완전 그물형 IPSec 터널이 필요하다. 이동성과 보안성이 요구되는 Blk 네트워크에서 IPSec 터널과 보안 방안, 즉 SPD (Security Policy Database)를 동적으로 재구성하는 것은 어려운 과제이다. 본 논문에서는 기존의 IPSec 터널 터널 모드 기술과 IPSec 비밀 키 관리 기술을 바탕으로 하여 군 네트워크에서 요구하는 이동성과 보안성 능력을 제공하기 위해서 구비해야 할 기술인 DMIDP(Dynamic Multicast-based IPSec Discovery Protocol) 기술과 관련된 핵심 기술을 체계적으로 제안한다. 또 제안된 DMIDP 기법에서 나타날 이동성 및 보안성과 관련된 성능에 영향을 미치는 주요 변수와 이들의 운영 방법을 도출하고 제안된 변수 상태에서의 DMIDP 운영 효율성을 분석한다.