• Annual Conference of KIPS
• /
• 2016.04a
• /
• pp.307-310
• /
• 2016

최근 다양한 산업 분야에서 사물인터넷(Internet of Things; IoT)에 관련된 연구가 활발히 진행되고 있다. 기존 네트워크 환경에서와 같이 IoT 또한 DoS(Denial of Service), 도청, 변조, 중간자 공격 등의 여러 가지 공격으로부터의 공격 대상이 될 수 있으며, 이 외에도 다양한 보안 이슈가 존재한다. 본 논문에서는 이러한 보안 이슈들로부터 안전한 IoT 환경 구축을 위하여, 국내외 표준화 기구에서 제시하고 있는 IoT 보안 관련 표준 및 표준화 동향을 분석하여 문제점을 도출하고 개선 방안을 제안한다.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.121-127
• /
• 2016

Recently, the popularity of smart devices such as Wi-Fi and LTE has increased the use ratio of wireless dramatically. On the other hand, the use ratio of wired internet is decreasing. The IoT(Internet of Things) is not only for people but also for communication between people and things, and communication between things and things by connecting to a wireless without choosing a place. Along with the rapid spread of the IoT there is a growing concern about the threat of IoT security. In this paper, the proposed scheme is a efficiency group key agreement in IoT environment that guarantees secure communication among light-weight devices. The proposed scheme securely be able to communication with the group devices who share a group key, generated by own secret value and the public value. Such property is suitable to the environment which are required a local area and a group.

• Journal of Internet of Things and Convergence
• /
• v.5 no.2
• /
• pp.103-110
• /
• 2019

In this paper, we suggested how the Internet of Things (IoT) technology could be applied to an internet platform that is used for managing the customer's power grid efficiently. For an internet platform with efficient management, analysis is done by several sections; communication method, and its protocol, and also security element. From this analysis, with currently used sensors, we have presented a development method for the sensor to server data reliable communication solution and data management server with a security solution. Moreover, this paper suggests a communication module that could be used for a power grid management platform, protocol and security algorithm and also a way to build a server for managing those systems and modules.

• Journal of Digital Convergence
• /
• v.19 no.9
• /
• pp.463-468
• /
• 2021

Although the IoT is showing explosive growth due to the development of technology and the spread of IoT devices and activation of services, serious security risks and financial damage are occurring due to the activities of various botnets. Therefore, it is important to accurately and quickly detect the activities of these botnets. As security in the IoT environment has characteristics that require operation with minimum processing performance and memory, in this paper, the minimum characteristics for detection are selected, and KNN (K-Nearest Neighbor), Naïve Bayes, Decision Tree, Random A comparative study was conducted on the performance of machine learning algorithms such as Forest to detect botnet activity. Experimental results using the Bot-IoT dataset showed that KNN can detect DDoS, DoS, and Reconnaissance attacks most effectively and efficiently among the applied machine learning algorithms.

• Journal of Industrial Convergence
• /
• v.20 no.6
• /
• pp.37-45
• /
• 2022

With the development of the Internet of Things (IoT), related network infrastructures require new technologies to protect against threats such as external hacking. This study proposes an L-PBFT consensus algorithm that can protect IoT networks based on a blockchain consensus algorithm. We designed a blockchain (private) model suitable for small networks, tested processing performance for ultra-small/low-power IoT devices, and verified stability. As a result of performance analysis, L-PBFT proved that at least the number of nodes complies with the operation of the consensus algorithm(minimum 14%, maximum 29%) and establishes a trust network(separation of secure channels) different from existing security protocols. This study is a 4th industry convergence research and will be a foundation technology that will help develop IoT device security products in the future.

• Journal of Information Processing Systems
• /
• v.14 no.6
• /
• pp.1361-1384
• /
• 2018

Recently, Cyber Physical System (CPS) is one of the core technologies for realizing Internet of Things (IoT). The CPS is a new paradigm that seeks to converge the physical and cyber worlds in which we live. However, the CPS suffers from certain CPS issues that could directly threaten our lives, while the CPS environment, including its various layers, is related to on-the-spot threats, making it necessary to study CPS security. Therefore, a survey-based in-depth understanding of the vulnerabilities, threats, and attacks is required of CPS security and privacy for IoT. In this paper, we analyze security issues, threats, and solutions for IoT-CPS, and evaluate the existing researches. The CPS raises a number challenges through current security markets and security issues. The study also addresses the CPS vulnerabilities and attacks and derives challenges. Finally, we recommend solutions for each system of CPS security threats, and discuss ways of resolving potential future issues.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.449-456
• /
• 2015

Recently, information security of IoT(Internet of Things) have been increasing to interest and many research groups have been studying for cryptographic algorithms, which are suitable for IoT environment. LEA(Lightweight Encryption Algorithm) developed by NSRI(National Security Research Institute) is commensurate with IoT. In this paper, we propose two first-order Correlation Power Analysis(CPA) attacks for LEA and experimentally demonstrate our attacks. Additionally, we suggest the mask countermeasure for LEA defeating our attacks. In order to estimate efficiency for the masked LEA, its operation cost is compared to operation time of masked AES.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.3-10
• /
• 2018

The existing smart grid, which is centered on the power grid, is rapidly spreading to new energy and renewable energy such as heat and gas, which are expressed as smart energy. Smart Energy interacts with electric energy and is connected to wired / wireless network based on IoT sensor based on energy analysis using AI to rapidly expand ecosystem with various energy carriers and customers. However, smart energy based on IoT is lacking in technological and institutional preparation for security compared to efforts to activate the market according to the interests of government and business operators. In this study, we will present Smart Energy 's privacy policy in terms of value system(CPND) of convergence ICT.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.181-192
• /
• 2017

Internet of Things includes the whole process of collected information generated from a variety of objects, as well as analyzing and sharing it, and providing useful information services to people. This study seeks ways to improve security and safety in the areas of service security technology, ID management technology and service access control, all of which take place in the IoT environment. We have implemented the services that can design and issue C&C (Certificate and Capability) service token authentication, which is based on a public key, to improve the service security. In addition, we suggest LCRS (Left Child-Right Sibling) resource model management for the efficient control of resources when generating the resource services from the data collected from node devices. We also implemented an IoT services platform to manage URL security of the resource services and perform access control for services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.2
• /
• pp.513-528
• /
• 2018

In a smart home environment that integrates IoT technology into a residential environment, the smart home hub provides convenience functions to users by connecting various IoT devices to the network. The smart home hub plays a role as a gateway to and from various data in the process of connecting and using IoT devices. This data can be abused as personal information because it is closely related to the living environment of the user. Such abuse of personal information may cause damage such as exposure of the user's identity. Therefore, this thesis analyzed the threat by using LINDDUN, which is a threat modeling technique for personal information protection which was not used in domestic for Smart Home Hub. We present evaluation criteria for smart home hubs using the Common Criteria, which is an international standard, against threats analyzed and corresponding security requirements.