• Journal of information and communication convergence engineering
• /
• v.16 no.2
• /
• pp.93-98
• /
• 2018

The Internet of Things (IoT) is a form of the emerging 4th industry in the 5G era. IoT is expected to develop naturally in our daily life in the 5G era in which high-speed communication will be completed. Along with the rise of IoT, concerns about security and malicious attacks are also increasing. This paper examines DoS attacks, which are one of the representative security threats of IoT and proposes a local detection and blocking system that are suitable for response to such attacks. First, systems of the LoRaWAN type, which are most actively researched in the IoT system field and DoS attacks that can occur in such systems were examined. Then, the inverse order tree algorithm using regional characteristics was designed as a cluster analysis form. Finally, a system capable of defending denial-of-service attacks in the 5G IoT system using local detection and blocking with the Euclidean distance was designed.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.1-8
• /
• 2019

Internet of Things (IoT) is proliferating to provide more intelligent services by interconnecting various Internet devices, and TCP based MQTT is being used as a standard communication protocol of the IoT. Although it is recommended to use TLS/SSL security protocol for TCP with MQTT-based IoT devices, encryption and decryption performance degenerates when applied to low-specification / low-capacity IoT devices. In this paper, we propose an end-to-end message security protocol using elliptic curve cryptosystem, a lightweight encryption algorithm, which improves performance on both sides of the client and server, based on the simulation of TLS/SSL and the proposed protocol.

• International Journal of Computer Science & Network Security
• /
• v.22 no.1
• /
• pp.189-198
• /
• 2022

As the number of people using the Internet increases, a new application known as the Internet of Things (IoT) has been emerged. Internet of Things makes it easier for machines and objects to exchange, compute, and coordinate information autonomously without human interference. It is a tool for attaching intelligence to a variety of contemporary objects in houses, hospitals, buildings, vehicles, and even cities. As a new emerging technology, the focus in current IoT surveys does not shed the light on deep understanding for IoT fundamentals, architectures, challenges, and solutions. For this reason, the objective of this paper is to introduce specifications for IoT definitions, characteristics, functional blocks, and different architectures as a cement for better understanding. Additionally, we present current documented IoT challenges, with the existing available solution for each challenge.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.859-870
• /
• 2020

The MQTT-SN (Message Queuing Telemetry Transport-Sensor Network) protocol is a message transmission protocol used in a sensor-based Internet of Things (IoT) environment. This MQTT-SN protocol is a publish-subscribe model with a broker in the middle of message transmission, and each IoT device sends and receives messages through an intermediary when delivering messages. However, the MQTT-SN protocol does not provide security-related functions such as message security, mutual authentication, access control, and broker security. Accordingly, various security problems have recently occurred, and a situation in which security is required has emerged. In this paper, we review the security requirements of MQTT-SN once again, and propose a modified protocol that improves security while satisfying the constraints in the environment where the resource of IoT to which this protocol is applied is limited. Unlike the existing protocol, the security field and authentication server have been added to satisfy the security requirements. In addition, the proposed protocol is actually implemented and tested, and the proposed protocol is evaluated for practical use in terms of energy consumption.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.103-109
• /
• 2019

Due to the development of ICT technology, the IoT environment for connecting objects in the vicinity to networks and utilizing information about objects in various fields is getting attention, and security threats are also increasing. In order to solve the increasing security problem in IoT environment, we are studying methods that use certificate, encryption, hash calculation and block chain in the private sector. However, the security authentication method which overcomes the performance gap between devices and has compatibility with various devices It has not been proposed yet. In this paper, we propose an authentication method that can achieve wide compatibility by minimizing the influence of IoT device environment.

• Journal of Institute of Control, Robotics and Systems
• /
• v.22 no.9
• /
• pp.766-772
• /
• 2016

Recent advances in networking and computers, especially internet of things (IoT) technologies, have improved the quality of home life and industrial sites. However, the security vulnerability of IoT technologies causes life-threatening issues and information leakage concerns. Studies regarding security algorithms are being conducted. In this paper, we proposed SEED algorithms based on one time passwords (OTPs). The specified server sent time data to the client every 10 seconds. The client changed the security key using time data and generated a ciphertext by combining the changed security key and the matrix. We applied the SEED algorithms with enhanced security to Linux-based embedded boards and android smart phones, then conducted a door lock control experiment (door lock & unlock). In this process, the power consumed for decryption was measured. The power consumption of the OTP-based algorithm was measured as 0.405-0.465W. The OTP-based algorithm didn't show any difference from the existing SEED algorithms, but showed a better performance than the existing algorithms.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.121-132
• /
• 2019

As the 4th industrial age enters, the number of IoT devices is exploding. Accordingly, the importance of security is also increasing in proportion to the increasing number of security incidents of IoT devices. However, due to the limited performance of IoT devices, there are limitations to applying existing security solutions. Therefore, a new automatic firmware distribution solution is needed to solve this problem. To solve this problem, we propose a new automatic firmware update system that uses a hybrid blockchain that combines a public blockchain and a private blockchain. The public blockchain allows various firmware providers to distribute firmware using a common system. Private blockchain solves the transaction overload problem of the public blockchain and facilitates the management of IoT devices. It also uses distributed file storage to ensure high availability without failing. Therefore, this system is expected to be very effective for improving the security of IoT devices.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.229-239
• /
• 2022

Today's Internet of Things (IoT) has had a dramatic increase in the use of various daily aspects. As a consequence, many homes adopt IoT technology to move towards the smart home. So, the home can be called smart when it has a range of smart devices that are united into one network, such as cameras, sensors, etc. While IoT smart home devices bring numerous benefits to human life, there are many security concerns associated with these devices. These security concerns, such as user privacy, can result in an insecure application. In this research, we focused on analyzing the vulnerabilities of IoT smart home cameras. This will be done by designing a new model that follows the STRIDE approach to identify these threats in order to afford an efficient and secure IoT device. Then, apply a number of test cases on a smart home camera in order to verify the usage of the proposed model. Lastly, we present a scheme for mitigation techniques to prevent any vulnerabilities that might occur in IoT devices.

• International Journal of Computer Science & Network Security
• /
• v.22 no.12
• /
• pp.1-12
• /
• 2022

Besides unexpected growth perceived by IoT's, the variety and volume of threats have increased tremendously, making it a necessity to introduce intrusion detections systems for prevention and detection of such threats. But Intrusion Detection and Prevention System (IDPS) inside the IoT network yet introduces some unique challenges due to their unique characteristics, such as privacy inference, performance, and detection rate and their frequency in the dynamic networks. Our research is focused on the privacy inferences of existing intrusion prevention and detection system approaches. We also tackle the problem of providing unified a solution to implement the open-source IDPS in the IoT architecture for assessing the performance of IDS by calculating; usage consumption and detection rate. The proposed scheme is considered to help implement the human health monitoring system in IoT networks

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.4
• /
• pp.199-206
• /
• 2015

In this paper, we present the implementation of a secure OTP(One Time Password) generator for IoT(Internet of Things) devices. Basically, MTM(Mobile Trusted Module) is used and expanded considering secure IoT services. We combine the MTM architecture with a new hardware-based OTP generation engine. The new architecture is more secure, offering not only the security of devices but also that of the OTP service. We have implemented and verified the MTM-based OTP generator on a real mobile platform embedded with the MTM chip. The proposed method can be used as a solution for enhancing security of IoT devices and services.