DOI QR코드

DOI QR Code

A study on BLE-based ZEP System Attack Techniques and Countermeasures Utilizing the Convergence of Big data Platform and Monitoring System

빅데이터 플랫폼과 모니터링 시스템의 융합을 이용한 BLE기반의 ZEP시스템 공격 기법에 대한 대응방안 연구

  • Ahn, Ye-Chan (Dept. of Information and Communication, Baekseok University) ;
  • Shin, Young-Hyun (Dept. of Information and Communication, Baekseok University) ;
  • Lee, Keun-Ho (Dept. of Information and Communication, Baekseok University)
  • 안예찬 (백석대학교 정보통신학부) ;
  • 신영현 (백석대학교 정보통신학부) ;
  • 이근호 (백석대학교 정보통신학부)
  • Received : 2015.06.26
  • Accepted : 2015.08.20
  • Published : 2015.08.28

Abstract

Lately, the development and utilization of technology of the Internet of Things(IoT), and Fintech have been on the rise and amid the emerging convergence of system and service, mobile payment system and location based service technology have received much attention. Considering the fact that smartphone users are currently utilizing mobile payment frequently, many corporations are introducing various methods to the market for easy payment process of consumers by grafting various technologies, and by utilizing the technology based on BLE technology and location based technology, it is emerging as new method applied to payment service such as ZEP, for easy payment process. And by checking the existence of security threats and studying the attack techniques in these payment services, we strive to suggest a method of response based on big data platform.

최근 사물인터넷(IoT), 핀테크(Fintech) 기술의 발전과 활용이 늘어나고 있고, 시스템과 서비스의 융합이 떠오르고 있는 가운데 무선결제 시스템과 위치기반서비스 기술이 관심을 받고 있다. 스마트폰의 사용자들이 현재 무선결제를 많이 이용하고 있는 상황을 고려하여 많은 기업들에서 소비자들의 간편한 결재를 위하여 다양한 기술들을 접목하여 시장에 내놓고 있으며, BLE 기술과 위치기반을 바탕으로 한 기술을 활용하여 간편 결제가 이루어질 수 있도록 ZEP과 같은 결제서비스의 새로운 방식으로 적용되어 나타나고 있다. 이러한 결제 서비스에서 보안의 위협이 존재하는 여부를 확인하고 발생할 수 있는 공격기법을 연구하여 그에 대한 빅데이터 플랫폼 기반의 대응방안을 제시하고자 한다.

Keywords

References

  1. Seong-Hoon Lee, Dong-Woo, "A Study on Internet of Things in IT Convergence Period", The Journal of Digital Convergence, Vol. 12, No. 07.6, pp. 267-272, 2014. https://doi.org/10.14400/JDC.2014.12.7.267
  2. Kwang-Jae Lee, Keun-Ho Lee, "A Study of Security Threats in Bluetooth v4.1 Beacon based Coupon Convergence Service", The Journal of Digital Convergence, Vol 6, No. 2, p65, 2015
  3. Joo-Hyeon Park, Chang Geun Song, "The design of an external Bluetooth device and its library based on WIPI for the short-range wireless communication between cellular phone and smart phone", Korean Society of Computer Game, Vol. 24, No. 1, pp. 53-61, 2011.
  4. JongHyun Kim, Kwangsue Chung, "An Efficient Beacon Management Technique for Senor Network-Based Indoor Location Systems", 2009.8
  5. David Molnary, Stefan Saroi, AlecWolmany, "Zero-Effort Payments: Design, Deployment, and Lessons", 2014.
  6. Jun Young Park, Huy Kang Kim, "A Study on the Implementation of outdoor type Virtual Private Network Gateway for Smart Grid", 2011
  7. Lee Hyeonjong, "Use of Bug Data Hadoop platform", J-KICS, Vol. 29, No.11, pp. 43-47, 2012
  8. http://ko.wikipedia.org/wiki/hadoop
  9. J. W. Lee, S.K. Kim, "Complementary research and Analysis for hadoop" in The Korea Society of Computer and Information Winter Conference 2012, vol. 20, no. 2, pp.3-6, 2012
  10. Kim Byung-moon"Design and Implementation of Hadoop-Based Mobile Streaming Application for Personalized Multimedia Service" Ph. M.S dissertation, Sejong University, 2014
  11. Hyun-wook Kim, Sung-eun Park, Seong-yul Euh "The Distributed Encryption Processing System for Large Capacity Personal Information based on MapReduce", Vol. 18, No. 3, 2014.
  12. Bae Jeong-min "Detection of Keywords in malicious packets using Hadoop MapReduce", 2015
  13. ]http://view.asiae.co.kr/news/view.htm?idxno=2014120208403506820
  14. Byung-chul Kim, "A study on Utilization of Big Data Based on the Personal Information Protection Act ", Journal of Digital Convergence, Vol.12, no.12 pp. 87-92, 2014 https://doi.org/10.14400/JDC.2014.12.12.87
  15. Sung-kyu Cho, Moon-seog Jun, "Privacy Leakage Monitoring System Design for Privacy Protection", Journal of Korea Institute of Information Security and Cryptology, Vol 22, No. 1, pp99-106, 2012