• Title/Summary/Keyword: Security of IoT

Search Result 927, Processing Time 0.029 seconds

IoT Edge Architecture Model to Prevent Blockchain-Based Security Threats (블록체인 기반의 보안 위협을 예방할 수 있는 IoT 엣지 아키텍처 모델)

  • Yoon-Su Jeong
    • Journal of Internet of Things and Convergence
    • /
    • v.10 no.2
    • /
    • pp.77-84
    • /
    • 2024
  • Over the past few years, IoT edges have begun to emerge based on new low-latency communication protocols such as 5G. However, IoT edges, despite their enormous advantages, pose new complementary threats, requiring new security solutions to address them. In this paper, we propose a cloud environment-based IoT edge architecture model that complements IoT systems. The proposed model acts on machine learning to prevent security threats in advance with network traffic data extracted from IoT edge devices. In addition, the proposed model ensures load and security in the access network (edge) by allocating some of the security data at the local node. The proposed model further reduces the load on the access network (edge) and secures the vulnerable part by allocating some functions of data processing and management to the local node among IoT edge environments. The proposed model virtualizes various IoT functions as a name service, and deploys hardware functions and sufficient computational resources to local nodes as needed.

An Vulnerability Analysis and Countermeasures for Security in Outdoor Risk Management System based on IoT Technology

  • Jee, Sung-Hyun
    • Journal of the Korea Society of Computer and Information
    • /
    • v.25 no.7
    • /
    • pp.85-92
    • /
    • 2020
  • Following the development of Internet of Things (IoT) technology, the scope of application of IoT technology is expanding to industrial safety areas that detect and prevent possible risks in outdoor environments in advance, away from improving the convenience of living in indoor environments. Although this expansion of IoT service provides many advantages, it also causes security problems such as data leakage and modulation, so research on security response strategies is being actively carried out. In this paper, the IoT-based road construction risk management system in outdoor environment is proposed as a research subject. As a result of investigating the security vulnerabilities of the low-power wide-area (LPWA, BLE) communication protocol applied to the research targets, the security vulnerabilities were identified in terms of confidentiality, integrity, and availability, which are the three major elements of information security, and countermeasures for each vulnerability were proposed. This study is meaningful in investigating and analyzing possible vulnerabilities in the operation of the IoT-based risk management system and proposing practical security guidelines for each vulnerability.

An Intelligent Machine Learning Inspired Optimization Algorithm to Enhance Secured Data Transmission in IoT Cloud Ecosystem

  • Ankam, Sreejyothsna;Reddy, N.Sudhakar
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.6
    • /
    • pp.83-90
    • /
    • 2022
  • Traditional Cloud Computing would be unable to safely host IoT data due to its high latency as the number of IoT sensors and physical devices accommodated on the Internet grows by the day. Because of the difficulty of processing all IoT large data on Cloud facilities, there hasn't been enough research done on automating the security of all components in the IoT-Cloud ecosystem that deal with big data and real-time jobs. It's difficult, for example, to build an automatic, secure data transfer from the IoT layer to the cloud layer, which incorporates a large number of scattered devices. Addressing this issue this article presents an intelligent algorithm that deals with enhancing security aspects in IoT cloud ecosystem using butterfly optimization algorithm.

Message Security Level Integration with IoTES: A Design Dependent Encryption Selection Model for IoT Devices

  • Saleh, Matasem;Jhanjhi, NZ;Abdullah, Azween;Saher, Raazia
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.8
    • /
    • pp.328-342
    • /
    • 2022
  • The Internet of Things (IoT) is a technology that offers lucrative services in various industries to facilitate human communities. Important information on people and their surroundings has been gathered to ensure the availability of these services. This data is vulnerable to cybersecurity since it is sent over the internet and kept in third-party databases. Implementation of data encryption is an integral approach for IoT device designers to protect IoT data. For a variety of reasons, IoT device designers have been unable to discover appropriate encryption to use. The static support provided by research and concerned organizations to assist designers in picking appropriate encryption costs a significant amount of time and effort. IoTES is a web app that uses machine language to address a lack of support from researchers and organizations, as ML has been shown to improve data-driven human decision-making. IoTES still has some weaknesses, which are highlighted in this research. To improve the support, these shortcomings must be addressed. This study proposes the "IoTES with Security" model by adding support for the security level provided by the encryption algorithm to the traditional IoTES model. We evaluated our technique for encryption algorithms with available security levels and compared the accuracy of our model with traditional IoTES. Our model improves IoTES by helping users make security-oriented decisions while choosing the appropriate algorithm for their IoT data.

A Study on the Security Threats of IoT Devices Exposed in Search Engine (검색엔진에 노출된 IoT 장치의 보안 위협에 대한 연구)

  • Han, Kyong-Ho;Lee, Seong-Ho
    • The Transactions of The Korean Institute of Electrical Engineers
    • /
    • v.65 no.1
    • /
    • pp.128-134
    • /
    • 2016
  • IoT devices including smart devices are connected with internet, thus they have security threats everytime. Particularly, IoT devices are composed of low performance MCU and small-capacity memory because they are miniaturized, so they are likely to be exposed to various security threats like DoS attacks. In addition, in case of IoT devices installed for a remote place, it's not easy for users to control continuously them and to install immediately security patch for them. For most of IoT devices connected directly with internet under user's intention, devices exposed to outside by setting IoT gateway, and devices exposed to outside by the DMZ function or Port Forwarding function of router, specific protocol for IoT services was used and the devices show a response when services about related protocol are required from outside. From internet search engine for IoT devices, IP addresses are inspected on the basis of protocol mainly used for IoT devices and then IP addresses showing a response are maintained as database, so that users can utilize related information. Specially, IoT devices using HTTP and HTTPS protocol, which are used at usual web server, are easily searched at usual search engines like Google as well as search engine for the sole IoT devices. Ill-intentioned attackers get the IP addresses of vulnerable devices from search engine and try to attack the devices. The purpose of this study is to find the problems arisen when HTTP, HTTPS, CoAP, SOAP, and RestFUL protocols used for IoT devices are detected by search engine and are maintained as database, and to seek the solution for the problems. In particular, when the user ID and password of IoT devices set by manufacturing factory are still same or the already known vulnerabilities of IoT devices are not patched, the dangerousness of the IoT devices and its related solution were found in this study.

Analysis of IoT Open-Platform Cryptographic Technology and Security Requirements (IoT 오픈 플랫폼 암호기술 현황 및 보안 요구사항 분석)

  • Choi, Jung-In;Oh, Yoon-Seok;Kim, Do-won;Choi, Eun Young;Seo, Seung-Hyun
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.7 no.7
    • /
    • pp.183-194
    • /
    • 2018
  • With the rapid development of IoT(Internet of Things) technology, various convenient services such as smart home and smart city have been realized. However, IoT devices in unmanned environments are exposed to various security threats including eavesdropping and data forgery, information leakage due to unauthorized access. To build a secure IoT environment, it is necessary to use proper cryptographic technologies to IoT devices. But, it is impossible to apply the technologies applied in the existing IT environment, due to the limited resources of the IoT devices. In this paper, we survey the classification of IoT devices according to the performance and analyze the security requirements for IoT devices. Also we survey and analyze the use of cryptographic technologies in the current status of IoT open standard platform such as AllJoyn, oneM2M, IoTivity. Based on the research of cryptographic usage, we examine whether each platform satisfies security requirements. Each IoT open platform provides cryptographic technology for supporting security services such as confidentiality, integrity, authentication an authorization. However, resource constrained IoT devices such as blood pressure monitoring sensors are difficult to apply existing cryptographic techniques. Thus, it is necessary to study cryptographic technologies for power-limited and resource constrained IoT devices in unattended environments.

A study on detection methodology of threat on cars from the viewpoint of IoT (IoT 관점에서의 차량 위협 탐지 방안)

  • Kwak, Byung Il;Han, Mi Ran;Kang, Ah Reum;Kim, Huy Kang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.2
    • /
    • pp.411-421
    • /
    • 2015
  • These days, a conversion of the fast-advancing ICT (Information and Communications Technologies) and the IoT (Internet of Things) has been in progress. However, these conversion Technology could lead to many of the security threat existing in the ICT environment. The security threats of car in the IoT environment could cause the property damage and casualty. There are the inadequate preparations for the car security and the difficulty of detection for the security threats by itself. In this paper, we proposed the decision-making framework for the anomaly detection and found out what are the threats of car in the IoT environment. The discrimination of the factor, path and type of threats from the attack against the car should take priority over the self-inspection and the swift handling of the attack on control system.

Analyses of Requirement of Security based on Gateway Architecture for Secure Internet (사물인터넷망의 보안 및 프라이버시 문제 해결을 위한 게이트웨이 보안 구조 분석)

  • Kim, Jung Tae
    • Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
    • /
    • v.6 no.3
    • /
    • pp.461-470
    • /
    • 2016
  • As IoT is broadly used in many fields, the security of IoT is becoming especially important and critical issues. Security and privacy are the key issues for IoT applications, and still faced with some enormous challenges. Sensor has limited resources such as computing power, memory, battery. By means of deeply analyzing the security architecture and features in security framework. While a number of researchers have explored such security challenges and open problems in IoT, there is an unfortunate lack of a systematic study of the security challenges in the IoT landscape. This special issue features recent and emerging advances IoT architecture, protocols, services and applications. The alternative method is IoT security gateway. In this paper, we surveyed the demands and requirements. By means of deeply analyzing the security architecture and features, we analyzed the demands and requirements for security based on gateway application.

Cloud security authentication platform design to prevent user authority theft and abnormal operation during remote control of smart home Internet of Things (IoT) devices (스마트 홈 사물인터넷 기기(IoT)의 원격제어 시 사용자 권한 탈취 및 이상조작 방지를 위한 클라우드 보안인증 플랫폼 설계)

  • Yoo Young Hwan
    • Convergence Security Journal
    • /
    • v.22 no.4
    • /
    • pp.99-107
    • /
    • 2022
  • The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

Implementation of crypto key-based IoT network security system (암호키 기반 IoT 네트워크 보안 시스템 구현)

  • Jeon, Ji-Soo;Kang, Dong-Yeon;Han, Sung-Hwa
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2022.10a
    • /
    • pp.349-350
    • /
    • 2022
  • As research on IT convergence continues, the scope of IoT (Internet of Things) services continues to expand. The IoT service uses a device suitable for the purpose. These IoT devices require an authentication function. In addition, in IoT services that handle important information such as personal information, security of transmission data is required. In this study, we implement a crypto key-based IoT network security system that can authenticate devices for IoT services and securely transmit data between devices. Through this study, IoT service can authenticate the device itself and maintain the confidentiality of transmitted data. However, since it is an IoT service, additional research on the application efficiency of the encryption algorithm is required.

  • PDF