• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.303-311
• /
• 2022

The tremendous growth of the Internet of things is unbelievable. Many IoT devices have emerged on the market over the last decade. This has made our everyday life easier inside our homes. The technology used at home has changed significantly over the past several decades, leading to what is known today as the smart home. However, this growth has also brought new challenges to our home security and privacy. With the smart home becoming more mainstream, cybersecurity issues have become a fundamental concern. The smart home is an environment where heterogeneous devices and appliances are interconnected through the Internet of Things (IoT) to provide smart services to residents. These services include home climate control, energy management, video on demand, music on-demand, remote healthcare, remote control, and other similar services in a ubiquitous manner. Smart home devices can be controlled via the Internet using smartphones. However, connecting smart home appliances to wireless networks and the Internet makes individuals vulnerable to malicious attacks. Remote access within the same environment or over the Internet requires an effective access control mechanism. This paper intends to shed light on how smart home devices are working as well as the type of security and privacy threats of the smart home. It also illustrated the types of authentication methods that can be used with smart home devices. In addition, a comparison of Smart home IoT-based security protocols was presented along with a security countermeasure that can be used in a smart home environment. Finally, a few open problems were mentioned as future research directions for researchers.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.119-126
• /
• 2021

The Internet of Things (IoT) applications are quickly spread in many fields. Blockchain methods (BC), defined as a distributed sharing mechanism, offer excellent support for IoT evolution. The BC provides a secure way for communication between IoT devices. However, the IoT environments are threatened by hacker attacks and malicious intrusions. The IoT applications security are faced with three challenges: intrusions and attacks detection, secure communication, and compressed storage information. This paper proposed a system based on double-blockchain to improve the communication transactions' safety and enhance the information compression method for the stored data. Information security is enhanced by using an Ellipse Curve Cryptography (ECC) considered in a double-blockchain case. The data compression is ensured by the Compressed Sensing (CS) method. The conducted experimentation reveals that the proposed method is more accurate in security and storage performance than previous related works.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1122-1125
• /
• 2010

최근 봇넷은 금전적 이득을 원하는 범죄 집단에 의해 사이버 공격의 수단으로서 크게 확산되고 있다. 봇넷의 탐지는 이전부터 꾸준히 연구되었지만, 구성과 기능이 점차 진화되고 있는 봇넷을 탐지하기에는 큰 어려움이 따르고 있다. 봇넷의 탐지는 호스트 기반의 정적인 악성 코드 분석이나 네트워크 트래픽 분석등 어떠한 특정 시스템에 의존해서는 효율적인 탐지를 기대하기 어렵기 때문에 다양한 정보를 종합하여 탐지하여야 한다. 본 연구에서는 기존에 알려진 봇넷 정보와 악성 봇 바이너리 분석을 통해 알려진 정보와 네트워크 기반의 탐지 정보를 분석하여 전체적인 봇넷의 구성을 탐지할 수 있는 네트워크 기반의 경량 봇넷 탐지 시스템을 제안한다. 제안된 탐지 시스템은 대규모의 네트워크 환경에서도 단편적으로 알려진 봇넷의 부분 정보를 기반으로 전체적인 봇넷의 구성을 탐지할 수 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.879-882
• /
• 2011

최근 변종 악성코드가 크게 증가하고 하나 이상의 악성코드로 이루어진 그룹 형태의 악성코드들이 빠르게 유포되고 있다. 이러한 그룹 형태의 악성코드와 변종 악성코드에 대한 효과적인 대응을 위해서는 악성코드 그룹 및 변종을 관리하고 안티바이러스 업체와 정보를 공유할 수 있는 시스템이 필요하다. 본 논문에서는 대용량 악성코드 분석 정보로부터 악성코드 그룹 및 변종 정보를 효율적으로 관리하고 공유하는 시스템을 제안하다. 악성코드 그룹 정보는 악성코드 행위를 기반으로 연계된 악성코드 정보들로 생성되고, 악성코드 변종 정보는 CFG 분석을 통한 악성코드간 유사도 정보로 생성된다. 본 논문에서 제안하는 시스템은 악성코드 그룹 및 변종 정보를 쉽게 검색하고 공유할 수 있기 때문에 다양한 악성코드 대응 시스템과 쉽게 연계될 수 있는 장점을 가지고 있다.

• International Journal of Internet, Broadcasting and Communication
• /
• v.13 no.4
• /
• pp.1-10
• /
• 2021

The purpose of the study is to contribute to the positive development of blockchain technology by providing data to examine security vulnerabilities and threats to blockchain-based services and review countermeasures. The findings of this study are as follows. Threats to the security of blockchain-based services can be classified into application security threats, smart contract security threats, and network (P2P) security threats. First, application security threats include wallet theft (e-wallet stealing), double spending (double payment attack), and cryptojacking (mining malware infection). Second, smart contract security threats are divided into reentrancy attacks, replay attacks, and balance increasing attacks. Third, network (P2P) security threats are divided into the 51% control attack, Sybil attack, balance attack, eclipse attack (spread false information attack), selfish mining (selfish mining monopoly), block withholding attack, DDoS attack (distributed service denial attack) and DNS/BGP hijacks. Through this study, it is possible to discuss the future plans of the blockchain technology-based ecosystem through understanding the functional characteristics of transparency or some privacy that can be obtained within the blockchain. It also supports effective coping with various security threats.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2221-2235
• /
• 2020

Compared to the past infrastructure networks, the current smart grid network can improve productivity and management efficiency. However, as the Industrial Internet of Things (IIoT) and Internet-based standard communication protocol is used, external network contacts are created, which is accompanied by security vulnerabilities from various perspectives. Accordingly, it is necessary to develop an appropriate cybersecurity guideline that enables effective reactions to cybersecurity threats caused by the abuse of such defects. Unfortunately, it is not easy for each organization to develop an adequate cybersecurity guideline. Thus, the cybersecurity checklist proposed by a government organization is used. The checklist does not fully reflect the characteristics of each infrastructure network. In this study, we proposed a cybersecurity framework that reflects the characteristics of a microgrid network in the IIoT environment, and performed an analysis to validate the proposed framework.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.11
• /
• pp.4122-4144
• /
• 2021

In this fast-paced technological world, the Internet of Things is a ground breaking technology which finds an immense role in the present electronic world which includes different embedded sensors, devices and most other things which are connected to the Internet. The IoT devices are designed in a way that it helps to collect various forms of data from varied sources and transmit them in digitalized form. In modern era of IoT technology data security is a trending issue which greatly affects the confidentiality of important information. Keeping the issue in mind a novel light encryption strategy known as LCB is designed for IoT devices for optimal security. LCB exploits the benefits of Feistel structure and the architectural benefits of substitution permutation network both to give more security. Moreover, this newly designed technique is tested on (Virtex-7) XC7VX330T FPGA board and it takes much little area of 224 GE (Gate Equivalent) and is extremely fast with very less combinational path delay of 0.877 ns. An in-depth screening confirms the proposed work to promise more security to counter cryptographic attacks. Lastly the Avalanche Effect (AE) of LCB showed as 63.125% and 63.875% when key and plaintext (PT) are taken into consideration respectively.

• Proceedings of the Korean Information Science Society Conference
• /
• 2007.10a
• /
• pp.118-119
• /
• 2007

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2002.11a
• /
• pp.219-224
• /
• 2002

In this paper, after designing an efficient and secure Internet voting protocol (called as “votopia”) based on modified Ohkubo et. al.'s scheme [8] under Public Key Infrastructure (PKI), we have implemented this system and served via the Internet to select the Most Valuable Players and Best Goal Keepers of 2002 FIFA World Cup Korea/Japan$\^$TM/. The sketch of voting protocol, practical implementation and voting result arc described.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.234-235
• /
• 2016

With the development of the Internet, the popularization of internet has become the new trend and enormously changed the way of human communication. There is a strong need for security. The following research will provide the definition and purpose of IoT and examine its security concerns, In this paper, we surveyed at energy consumption of lightweight block ciphers implemented in reconfigurable devices, and we analyze d the effects that round unrolling might have on the energy consumed during the encryption.