• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.227-230
• /
• 2018

자동차는 현대사회에서 보편화한 편리한 운송수단으로써 사람이 생활하는 어느 곳에서나 활용되고 있다. 최근 ICT와 차량을 융합한 커넥티드 카는 운전자에 의해 모든 동작이 결정되는 특징을 가지고 있어 도난 및 오용되니 않게 적합한 사용자 인증이 필요하다. 운전자가 음주를 하게 되면 정상적인 차량 운행이 불가능하여 교통사고가 발생할 수 있다. 이를 방지하기 위해 운전자의 현재 상태를 파악하여 차량을 운전하는데 이상이 없는지를 파악하고 부적합할 경우 차량 운행을 제어할 수 있는 수단이 필요하다. 스마트키, 지문 인식 등 차량에 대한 사용자 인증의 방식이 존재하지만, 인증과 동시에 사용자의 현재 상태를 파악하는 방법은 없는 상황이다. 본 논문에서는 고유한 생체 정보인 ECG 파형의 특징을 이용하여 사용자 인증과 동시에 운전자의 현 상태를 파악하는 안전한 차량 제어 시스템을 제안하고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.672-675
• /
• 2012

SMART Highway 사업은 첨단 IT통신과 자동차 및 도로 기술이 접목된 세계 최고수준의 빠르고 편안한 지능형 녹색도로 실현을 목표로 하고 있다. SMART Highway의 도로-자동차 기반 교통운영에서 핵심기술인 VANET(Vehicular Ad-hoc Network)은 다수의 차량들이 무선통신을 이용하여 차량 간 통신 또는 차량과 RSU(Road Side Unit)사이의 통신을 제공하는 차세대 네트워킹 기술이다. 특히, 운전자의 안전에 직접적인 영향을 끼칠 수 있는 V2V 통신의 경우 차량 간의 안전한 통신을 위해 차량 간 상호인증이 반드시 고려되어야 한다. 이처럼 빠른 속도로 이동하는 차량 간 인증이 원활이 이루어지기 위해서는 기존의 네트워크에서 사용된 인증방식은 그대로 적용시키기 어렵다. 따라서 본 논문에서는 다수의 차량 간 통신 시에 보다 효율적인 차량 인증을 위해 카운팅 블룸필터를 이용한 차량 인증 기법을 제안한다.

• Journal of Korea Multimedia Society
• /
• v.21 no.12
• /
• pp.1448-1458
• /
• 2018

Vehicular Ad-Hoc Networks (VANETs) have become one of the active areas of research, standardization, and development because they have tremendous potentials to improve vehicle and road safety, traffic efficiency, and convenience as well as comfort to both drivers and passengers. However, message trustfulness is a challenge because the propagation of false message by malicious vehicles induces unreliable and ineffectiveness of VANETs, Therefore, we need a reliable reputation method to ensure message trustfulness. In this paper, we consider a vulnerability against the Sybil attack of the previous reputation systems based on blockchain and suggest a new reputation system which resists against Sybil attack on the previous system. We propose an initial authentication process as a countermeasure against a Sybil attack and provide a reliable reputation with a cooperative message delivery to cope with message omission. In addition, we use Homomorphic Commitment to protect the privacy breaches in VANETs environment.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.12
• /
• pp.131-139
• /
• 2022

In this paper, to verify the authenticity of UxNB that assists terrestrial base stations, the solutions for SI (System Information) security presented in 3GPP TR 33.809 are analyzed from the perspective of UxNB. According to the definition of 3GPP (Third Generation Partnership Project), UxNB is a base station mounted on a UAV (Unmanned Aerial Vehicle), is carried in the air by the UAV, and is a radio access node that provides a connection to the UE (User Equipment). Such solutions for SI security can be classified into hash based, MAC (Message Authentication Codes) based, and digital signature based, and a representative solution for each category is introduced one by one. From the perspective of verifying the authenticity of UxNB for each solution, we compare and analyze the solutions in terms of provisioning information and update, security information leakage of UxNB, and additionally required amount of computation and transmission. As a result of the analysis, the solution for verifying the authenticity of the UxNB should minimize the secret information to be stored in the UxNB, be stored in a secure place, and apply encryption when it is updated over the air. In addition, due to the properties of the low computing power of UxNB and the lack of power, it is necessary to minimize the amount of computation and transmission.

• Journal of the Korea Convergence Society
• /
• v.5 no.3
• /
• pp.23-27
• /
• 2014

In recent times, there is an increasing interest in wireless charge of smartphones and devices, and many companies are developing wireless charges. The range of application of wireless charge would be expanded to almost all electronics, including not only mobile devices, but also notebook computers and vacuum cleaners. On-line electric vehicles are to be launched in the market this year in a massive scale. As such wireless charge-related markets are inexhaustible. Wireless charge is included in the world's top 10 promising technologies, and its rapid growth is expected to have annual growth by more than 100%. However, there's a need to establish a safe environment, by analyzing security threats to technical limitations and harmfulness to human body, and arrange institutional compliments. The development of communication method for a variety of wireless charging are delivering comfortable and safe information. This paper aims to examine the factors to threaten electric vehicle, which are usually intruded through network system and analyzes security threats to and security requirements for magnetic resonance mode-based wireless charge in mobile devices, and suggests security requirements.

• Convergence Security Journal
• /
• v.18 no.3
• /
• pp.69-76
• /
• 2018

One of the most remarkable technologies in the era of the 4th industrial revolution is the interest in the field of smart cars. In the near future, it will not only be possible to move to a place where you want to ride a smart car, but smart cars, including artificial intelligence elements, can avoid sudden car accidents. However, as the field of smart automobiles develops, the risks are expected to increase. Therefore, based on the understanding of security vulnerabilities that may occur in smart car networks, we can apply safe information security technology using FIDO and attribute-based authorization delegation technique to provide smart car control technology that is safe and secure. I want to. In this paper, we show that the proposed method can solve security vulnerabilities by using secure smart car control technology. We will further study various proposals to solve security vulnerabilities in the field of smart car networks through future research.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.10
• /
• pp.309-318
• /
• 2023

Recently, each country has been moving to introduce an LCA (Life Cycle Assessment) to regulate greenhouse gas emissions. The LCA is a mean of measuring and evaluating greenhouse gas emissions generated over the entire life cycle of a vehicle. Reliable data for each electric vehicle component is needed to increase the reliability of the LCA results. To this end, studies on life cycle evaluation models using blockchain technology have been conducted. However, in the existing model, key product information is exposed to other participants. And each time parts data information is updated, it must be recorded in the blockchain ledger in the form of a transaction, which is inefficient. In this paper, we proposed a DID(Decentralized Identity)-based data collection model for LCA to collect vehicle component data and verify its validity effectively. The proposed model increases the reliability of the LCA by ensuring the validity and integrity of the collected data and verifying the source of the data. The proposed model guarantees the validity and integrity of collected data. As only user authentication information is shared on the blockchain ledger, the model prevents indiscriminate exposure of data and efficiently verifies and updates the source of data.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.3
• /
• pp.1691-1699
• /
• 2014

IEEE developing WAVE specifications are able to support V2V and V2I wireless communications, and these functionalities can be used to enhance vehicle operational safety. To overcome any security weaknesses that are inherent in wireless communications, WAVE specification should support message encryption and authentication functions. In this study, we have implemented WAVE security algorithms in IEEE P1609.2 with openssl library and C language. We have verified the normal operation of implemented software, using the test vectors of related specifications, and measured their performance. Our software is platform independent, and can be used for the full implementation of WAVE specification.

• International Journal of Computer Science & Network Security
• /
• v.23 no.5
• /
• pp.13-20
• /
• 2023

In connected vehicles, drivers are exposed to attacks when they communicate with unauthenticated peers. This occurs when a vehicle relies on outdated information resulting in interactions with vehicles that have expired or revoked certificates claiming to be legitimate nodes. Vehicles must frequently receive or query an updated revoked certificate list to avoid communicating with suspicious vehicles to protect themselves. In this paper, we propose a scheme that works on a highway divided into clusters and managed by roadside units (RSUs) to ensure authenticity and preserve hidden identities of vehicles. The proposed scheme includes four main components each of which plays a major role. In the top hierarchy, we have the authority that is responsible for issuing long-term certificates and managing and controlling all descending intermediate authorities, which cover specific regions (e.g., RSUs) and provide vehicles with short-term pseudonyms certificates to hide their identity and avoid traceability. Every certificate-related operation is recorded in a blockchain storage to ensure integrity and transparency. To regulate communication among nodes, security managers were introduced to enable authorization and access right during communications. Together, these components provide vehicles with an immediately revoked certificate list through RSUs, which are provided with publish/subscribe brokers that enable a controlled messaging infrastructure. We validate our work in a simulated smart highway environment comprising interconnected RSUs to demonstrate our technique's effectiveness.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1115-1130
• /
• 2020

Modern vehicles are equipped with a number of ECUs(Electronic Control Units), and ECUs can control vehicles efficiently by communicating each other through CAN(Controller Area Network). However, CAN bus is known to be vulnerable to cyber attacks because of the lack of message authentication and message encryption, and access control. To find these security issues related to vehicle hacking, CAN Fuzzing methods, that analyze the vulnerabilities of ECUs, have been studied. In the existing CAN Fuzzing methods, fuzzing inputs are randomly generated without considering the structure of CAN messages transmitted by ECUs, which results in the non-negligible fuzzing time. In addition, the existing fuzzing solutions have limitations in how to monitor fuzzing results. To deal with the limitations of CAN Fuzzing, in this paper, we propose a Non-Random CAN Fuzzing, which consider the structure of CAN messages and systematically generates fuzzing input values that can cause malfunctions to ECUs. The proposed Non-Random CAN Fuzzing takes less time than the existing CAN Fuzzing solutions, so it can quickly find CAN messages related to malfunctions of ECUs that could be originated from SW implementation errors or CAN DBC(Database CAN) design errors. We evaluated the performance of Non-Random CAN Fuzzing by conducting an experiment in a real vehicle, and proved that the proposed method can find CAN messages related to malfunctions faster than the existing fuzzing solutions.