• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.598-599
• /
• 2016

Today, embedded, mobile, and cyber-physical systems are ubiquitous and used in many applications, from industrial control systems, modern vehicles, to critical infrastructure. Current trends and initiatives, such as "Industry 4.0" and Internet of Things (IoT), promise innovative business models and novel user experiences through strong connectivity and effective use of next generation of embedded devices. We survey an introduction to Industrial IoT systems, the related security and privacy challenges, and an outlook on possible solutions towards a holistic security framework for Industrial IoT systems in this paper.

• Convergence Security Journal
• /
• v.15 no.7
• /
• pp.103-110
• /
• 2015

The security of the data exchanged between sensor nodes in IoT (Internet of Things) environment becomes increasing. In the conventional IEEE 802.15.4, the key for secure communication between the sensor node and the sensor node and the PAN Coordinator or the sensor node is assumed to be pre-shared in advance. Especially, there is another problem in that sensor node authentication is not considered during the association process. In this paper, we propose a security scheme that solves the problems of previously proposed protocols with the pre-shared key for all devices.

• Journal of Digital Convergence
• /
• v.14 no.10
• /
• pp.295-302
• /
• 2016

Many countries, especially ICT powers, are supporting IoT-based technology at a national level and this technology is actively being researched in the businesses and research institutes in an aim to develop technology and create an ecosystem. Roads in the Seoul city are building public facilities based on IoT to provide various services and conveniences for the users. However, for the full-fledged introduction and development of IoT, there are many cases where infringement on security and privacy and threat for life and safety happen. Also, as the IoT environment includes various environment technologies such as the existing sensor network, heterogeneous communication network, and devices optimized for the IoT environment, it inherits the existing security threat and various attack techniques. This paper researches the attribute based encryption technology for safe communication in the IoT environment. The data collected from the device is transmitted utilizing the attribute based encryption and by designing the key generation protocol, grades and authorities for the device and users are identified to transmit safe messages.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.267-280
• /
• 2023

With development of computing and communications technologies, IoT environments based on high-speed networks have been extending rapidly. Especially, from home to an office or a factory, applications of IoT devices with sensing environment and performing computations are increasing. Unfortunately, IoT devices which have limited hardware resources can be vulnerable to cyber attacks. Hence, there is a concern that an IoT botnet can give rise to information leakage as a national cyber security crisis arising from abuse as a malicious waypoint or propagation through connected networks. In order to response in advance from unknown cyber threats in IoT networks, in this paper, We firstly define four types of We firstly define four types of characteristics by analyzing darknet traffic accessed from an IoT botnet. Using the characteristic, a suspicious IP address is filtered quickly. Secondly, the filtered address is identified by Cyber Threat Intelligence (CTI) or Open Source INTelligence (OSINT) in terms of an unknown suspicious host. The identified IP address is finally fingerprinted to determine whether the IP is a malicious host or not. To verify a validation of the proposed method, we apply to a Darknet on real-world SOC. As a result, about 1,000 hosts who are detected and blocked preemptively by the proposed method are confirmed as real IoT botnets.

• Annual Conference of KIPS
• /
• 2023.11a
• /
• pp.196-199
• /
• 2023

다양한 산업과 환경에서 IoT 기술이 사용되는 만큼 보안에 대한 위협도 증가하고 있다. IoT 서비스를 제공하는 디바이스와 시스템이 보안 공격을 당해 중단되는 경우 그에 따른 피해가 막대하기 때문에 IoT 의 보안 중요성은 날로 커지고 있다. IoT 디바이스 보안을 강화하기 위한 방법으로 FOTA 시스템를 통한 펌웨어 업데이트를 하는 것이 필요하다. 본 고에서는 IoT 디바이스 펌웨어 업데이트를 위해 필요한 FOTA 시스템에 대한 아키텍처와 구성 등을 제언한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.10
• /
• pp.602-608
• /
• 2020

Development of Internet technology and the spread of various smart devices provide a convenient computing environment for people, which is becoming common thanks to the Internet of Things (IoT). However, attacks by hackers have caused various problems, such as leaking personal information or violating privacy. In the IoT environment, various smart devices are connected, and network attacks that are used in the PC environment are occurring frequently in the IoT. In fact, security incidents such as conducting DDoS attacks by hacking IP cameras, leaking personal information, and monitoring unspecified numbers of personal files without consent are occurring. Although attacks in the existing Internet environment are PC-oriented, we can now confirm that smart devices such as IP cameras and tablets can be targets of network attacks. Through performance evaluation, the proposed protocol shows 11% more energy efficiency on servers than RSA, eight times greater energy efficiency on clients than Kerberos, and increased efficiency as the number of devices increases. In addition, it is possible to respond to a variety of security threats that might occur against the network. It is expected that efficient operations will be possible if the proposed protocol is applied to the IoT environment.

• International Journal of Computer Science & Network Security
• /
• v.24 no.2
• /
• pp.155-157
• /
• 2024

Internet of Things (IoT) integrated with the Blockchain is the state of the art for keen cultivation and agriculture. Recently the interest in agribusiness information is enlarging owing to the fact of commercializing the smart farming technology. Agribusiness information are known to be untidy, and experts are worried about the legitimacy of information. The blockchain can be a potential answer for the expert's concern on the uncertainty of the agriculture data. This paper proposes an Agri-Banana plant system using Blockchain integrated with IoT. The system is designed by employing IoT sensors incorporated with Hyperledger fabric network, aims to provide farmers with secure storage for preserving the large amounts of IoT and agriculture data that cannot be tampered with. A banana smart contract is implemented between farmer peer and buyer peer of two different organizations under the Hyperledger fabric network setup aids in secure transaction of transferring banana from farmer to buyer.

• Journal of Korea Multimedia Society
• /
• v.18 no.12
• /
• pp.1483-1491
• /
• 2015

Applications of Internet of Things (IoT) supply various conveniences, however unsolved security problems such as personal privacy, data manipulation cause harm to persons, even nations and an limit the applicable areas of Internet of IoT technology. Therefore, study about secure and efficient security system on IoT are required. This paper proposes ID-based remote user authentication scheme in IoT environments. Proposed scheme provides untraceability of users by using different pseudonym identities in every session and reduces the number of variables. Our proposal is secure against inside attack, smart card loss attack, user impersonation attack, server masquerading attack, online/offline password guessing attack, and so on. Therefore, this can be applied to the lightweight IoT environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1184-1198
• /
• 2019

This study aims to use ISM to identify the enablers affecting the acceptance of IoT services. For this purpose, this study conducted an ISM analysis and a MICMAC analysis, extracted the enablers from Internet of Things - An Action Plan for Europe published by the EU for the research, and conducted interviews and surveys. The study found that it would be preferentially necessary to prepare the base for successful IoT services through international cooperation and the security of objective data. In addition, it turned out that it would be necessary to make efforts to spread and develop IoT services by conducting R&D and implementing projects through public-private partnerships and the organization of a consultative group. Lastly, since information security and standardization are the desired objects of the IoT industry, it was found that both the government and the industrial world should focus on them. This study has significance in that it can provide practical implications for the effective acceptance of IoT services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1449-1453
• /
• 2015

Constrained IoT devices cannot achieve full coverage of software attestation even though the integrity of software is critical. The limited modification attacks on control flow of software aim at the shadow area uncovered in software attestation processes. In this paper, we propose a light-weight protection system that detects modification by injecting markers to program code.