Journal of the Korea Convergence Society (한국융합학회논문지)

Korea Convergence Society (한국융합학회)
권호 표지
DOI QR코드

DOI QR Code

Hash-based SSDP for IoT Device Security

IoT 기기 보안을 위한 해시 기반의 SSDP

  • Kim, Hyo-Jong (Dept. of Computers & Media Engineering, Tongmyong University) ;
  • Han, Kun-Hee (Division of Computer Engineering, Baekseok University) ;
  • Shin, Seung-Soo (Dept. of Software Convergence Security, Tongmyong University)
  • 김효종 (동명대학교 컴퓨터미디어공학과) ;
  • 한군희 (백석대학교 컴퓨터공학부) ;
  • 신승수 (동명대학교 소프트웨어융합보안학과)
  • Received : 2021.03.19
  • Accepted : 2021.05.20
  • Published : 2021.05.28
Download PDF
⟨ Previous Next ⟩

Abstract

Due to the prolonged infectious disease of COVID-19 worldwide, there are various security threats due to network attacks on Internet of Things devices that are vulnerable to telecommuting. Initially, users of Internet of Things devices were exploited for vulnerabilities in Remote Desktop Protocol, spear phishing and APT attacks. Since then, the technology of network attacks has gradually evolved, exploiting the simple service discovery protocol of Internet of Things devices, and DRDoS attacks have continued to increase. Existing SSDPs are accessible to unauthorized devices on the network, resulting in problems with information disclosure and amplification attacks on SSDP servers. To compensate for the problem with the authentication procedure of existing SSDPs, we propose a hash-based SSDP that encrypts server-specific information with hash and adds authentication fields to both Notify and M-Search message packets to determine whether an authorized IoT device is present.

전 세계적으로 COVID-19의 감염병이 장기화됨에 따라 재택근무 시 취약한 사물인터넷(IoT) 기기에 대한 네트워크 공격으로 인해 각종 보안 위협이 있다. 초기에는 사물인터넷(IoT) 기기의 사용자를 대상으로 RDP(Remote Desktop Protocol)의 취약점을 악용하고 스피어 피싱, APT 공격 등이 주로 이루어졌다. 이후 네트워크 공격의 기술이 점차 발전하여 사물인터넷 기기의 단순서비스검색프로토콜(SSDP)을 악용하여 DRDoS 공격이 지속적으로 증가하고 있다. SSDP의 인증절차의 문제점을 보완하기 위해 Notify 메시지와 M-Search 메시지 패킷에 서버 고유정보를 해시로 암호화하고 인증필드를 추가하여 인가된 IoT 기기의 여부를 판별하는 해시 기반의 SSDP을 제안한다. 해시 기반의 SSDP을 활용하면 추후 기하급수적으로 증가할 다양한 IoT 기기에 대한 정보 노출을 방지하고 증폭 공격을 사전에 차단할 것으로 기대된다.

Keywords

Acknowledgement

This work was supported by the BB21+ Project in 2020

References

  1. H. G. Moon & D. J Park. (2020). Edge-Centric Metamorphic IoT Device Platform for Efficient On-Demand Hardware Replacement in Large- Scale IoT Applications. Journal of the Korea Institute of Information and Communication Engineering, 24(12), 1688-1696. https://doi.org/10.6109/JKIICE.2020.24.12.1688
  2. S. C Lee & D. H Shin. (2020). TCP/IP Using Minimal Resources in IoT Systems. Journal of the Korea Society of Computer and Information, 25(10). 125-133. https://doi.org/10.9708/JKSCI.2020.25.10.125
  3. H. E Yang, Y. M Oh & Y. J Lee. (2020). The Mobile Anti-Virus Game Using IoT. Proceedings of KIIT Conference.
  4. J. H. Seol & K. Y Lee. (2008). Implementation of Middleware Security System for Home Networking. Journal of the Korea Institute of Information and Communication Engineering, 12(5), 863-869. https://doi.org/10.6109/JKIICE.2008.12.5.863
  5. K. O Park & J. K Lee. (2017). A Countermeasure Technique for Attack of Reflection SSDP in Home IoT. Convergence Society for SMB, 7(2). 1-9.
  6. J. H Oh & K. H Lee. (2016). Attack Scenarios and Countermeasures using CoAP in IoT Environment. Journal of the Korea Convergence Society, 7(4), 33-28. https://doi.org/10.15207/JKCS.2016.7.4.033
  7. J. W. Seo & S. J. Lee. (2015). A study on the detection of DDoS attack using the IP Spoofing. Journal of the Korea Institute of Information Security & Cryptology, 25(1). 147-153. https://doi.org/10.13089/JKIISC.2015.25.1.147
  8. Y. Liu, H. C. Baek, J. H. Park & S. B. Kim. (2017). An Improved Model Design for Traceback Analysis Time Based on Euclidean Distance to IP Spoofing Attack. Journal of convergence security, 17(5), 11-18.
  9. H. D. Lee, H. T. Ha, H.C. Baek, C. G. Kim & S. B. Kim. (2012). Efficient Detction and Defence Model against IP Spoofing Attack through Cooperation of Trusted Hosts. Journal of the Korea Institute of Information and Communication Engineering, 16(12), 2649-2656. https://doi.org/10.6109/jkiice.2012.16.12.2649
  10. J. S. Jeon, Y. S. Jeong & W. Y. Soh. (2005). Design of Packet Generator for TCP/UDP Protocols Using Packet Sniffing and IP Spoofing. In Proceedings of the Korean Information Science Society Conference. (pp. 649-651).
  11. B. T. Kang & H. K. Kim. (2011). A study on the vulnerability of OTP implementation by using MITM attack and reverse engineering. Journal of the Korea Institute of Information Security & Cryptology, 21(6), 83-99. https://doi.org/10.13089/JKIISC.2011.21.6.83
  12. C. S. Lim, W. K. Lee & T. C. Jo. (2010). An Effective Protection Mechanism for SSL Man-in-theMiddle Proxy Attacks. Journal of KIISE : Computing Practices and Letters, 16(6), 693-697.
  13. S. J. Bang et el. (2018). A Security Analysis of IoT Hub by manufacturer through MITM Attack. The Korean Institute of Information Scientists and Engineers.
  14. M. Kuhrer, T. Hupperich, C. Rossow & T. Holz. (2014). Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks. 8th {USENIX} Workshop on Offensive Technologies ({WOOT} 14).
  15. N. K. Baik. (2020). Multi-level detection method for DRDoS attack. Journal of the Korea Institute of Information and Communication Engineering, 24(12), 1670-1675. https://doi.org/10.6109/JKIICE.2020.24.12.1670
  16. Y. A. Hur & K. H. Lee. (2015). A Study on Countermeasures of Convergence for Big Data and Security Threats to Attack DRDoS in U-Healthcare Device. Journal of the Korea Convergence Society, 6(4), 243-248. https://doi.org/10.15207/JKCS.2015.6.4.243
  17. H. S. Choi, H. D. Park & H. J. Lee. (2015). A Study on Amplification DRDoS Attacks and Defenses. Journal of Korea Institute of Information, Electronics, and Communication Technology, 8(5), 429-437. https://doi.org/10.17661/jkiiect.2015.8.5.429
  18. H. J. Kim, S. Y. Cjoi & S. S Shin. (2021). Designing a Response Scheme to Prevent Distributed Reflection Dos. Proceedings of the Korean Society for Internet Information.