• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.5
• /
• pp.1115-1122
• /
• 2012

VoIP service is steadily growing due to the spread of smartphones, enhanced network, and various VoIP applications. But, VoIP has many security vulnerabilities because it is based on IP network. This paper analyzes the important weight of VoIP security checklists for incident prevention and response using AHP. The results of AHP analysis showed that network security, incident response, and access control were the most important in technical, administrative, physical standpoint. This study proposes factor analysis of VoIP security checklist at first time. By doing this, it will be used helpfully when VoIP service providers establish their own security policies and inspect their VoIP environment according to their security policies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1103-1113
• /
• 2020

Hospitals store and manage personal and health information through the electronic medical record (EMR). However, vulnerabilities and threats are increasing with the provision of various services for information sharing in hospitals. Therefore, in this paper, we propose a model to prevent personal information leakage due to the transmission of patient information in EMR. A method for granting permission to securely receive and transmit patient information from hospitals where patient medical records are stored is proposed using OAuth authorization tokens. A protocol was proposed to enable secure information delivery by applying and delivering the record access restrictions desired by the patient to the OAuth Token. OAuth Delegation Token can be delivered by writing the authority, scope, and time of destruction to view patient information.This prevents the illegal collection of patient information and prevents the leakage of personal information that may occur during the delivery process.

• Journal of Internet of Things and Convergence
• /
• v.8 no.5
• /
• pp.127-132
• /
• 2022

As the IoT technology is more developed, it is more important for the accuracy of IoT data. Since the IoT data supports a different formats and protocols, it is often happened that the IoT system is failed or the incorrect data is generated with the unreliable IoT devices(sensor, actuator). Because the abnormality of IoT device or the user situation is not detected correctly, this problem makes the user to be unsatisfied with the IoT system. This study proposes the decision methodology of IoT data consistency whether the IoT data is generated in normal range or not by using the mathematical functions('gradient descent function' and 'linear regression function'). It may be concluded that the gradient function method is suitable for the IoT data which the 'increasing velocity' is related with the next generated pattern(eg. sensor devices), the linear regression function method is suitable for the IoT data which the 'the difference from linear regression function' is related with the next generated pattern in case the data has a linear pattern(eg. water meter, electric meter).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.6
• /
• pp.1157-1169
• /
• 2021

The disaster recovery refers to policies and procedures to ensure continuity of services and minimize loss of resources and finances in case of emergency situations such as natural disasters. In particular, the disaster recovery method by the cloud service provider has advantages such as management flexibility, high availability, and cost effectiveness. However, this method has a dependency on a service provider and has a structural limitation in which a user cannot be involved in personal data. In this paper, we propose a protocol using proxy re-encryption for data confidentiality by removing dependency on service providers by backing up user data using blockchain and distributed storage. The proposed method is implemented in Ethereum and IPFS environments, and presents the performance and cost required for backup and recovery operations.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.22 no.6
• /
• pp.7-12
• /
• 2022

This paper introduces the implementation of the AWS IoT service and MQTT based smart home system. The smart home system implemented in this study can monitor temperature and humidity, and can manually adjust the air conditioner heating, and can check the visitors with the camera and remotely control the door lock. The implemented smart home system controls door locks, heating and air conditioners using Arduino, and manages the collected data and control information using the AWS IoT service. In this study, the Android app has been developed to allow users to control IoT devices remotely, and the MQTT protocol was used for data communication and control between the app and the AWS IoT server and Arduino. The implemented smart home system has been implemented based on AWS IoT service, which has scalability to add sensors and devices.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.6
• /
• pp.871-880
• /
• 2017

Recently, service based on internet is inter-connected and integrated with a variety of connection. This kind of internet of things consist of heterogenous devices such as sensor node, devices and end-to end equipment which used in conventional protocols and services. The representative system is healthcare system. From healthcare appliance used by IoT, patient and doctor can utilize healthcare information with safety and high speed management. It is very convenient management to operate mobility. But it induced security and vulnerability issues because it has small memory capacity, low power supply and low computing power. This made impossible to implement security algorithm with embedded engine based on hardware. Nowdays, we can't realize conventional standard algorithm due to these kinds of reasons. From the critical issues, it occurred security and vulnerability issues. Therefore, we analysed and compared with conventional method and proposed techniques. Finally, we evaluated security issues and requirement for end-to-end point healthcare system based on internet of things.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.4
• /
• pp.699-706
• /
• 2023

Recently, the 4 generation industry revolution is developed with advanced and combined with a variety of new technologies. Conventional healthcare system is applied with IoT application. It provides many advantages with mobility and swift data transfers to patient and doctor. In despite of these kinds of advantages, it occurred security issues between basic devices and protocols in their applications. Especially, internet of things have restricted and limited resources such as small memory capacity, low capability of computing power, etc. Therefore, we can not utilize conventional mechanism. In this paper, we analyzed attacks and vulnerability in terms of security issues. To analyze security structure, features, demands and requirements, we solve the methods to be reduced security issues.

• Journal of Internet of Things and Convergence
• /
• v.10 no.2
• /
• pp.77-84
• /
• 2024

Over the past few years, IoT edges have begun to emerge based on new low-latency communication protocols such as 5G. However, IoT edges, despite their enormous advantages, pose new complementary threats, requiring new security solutions to address them. In this paper, we propose a cloud environment-based IoT edge architecture model that complements IoT systems. The proposed model acts on machine learning to prevent security threats in advance with network traffic data extracted from IoT edge devices. In addition, the proposed model ensures load and security in the access network (edge) by allocating some of the security data at the local node. The proposed model further reduces the load on the access network (edge) and secures the vulnerable part by allocating some functions of data processing and management to the local node among IoT edge environments. The proposed model virtualizes various IoT functions as a name service, and deploys hardware functions and sufficient computational resources to local nodes as needed.

• Korean Journal of Remote Sensing
• /
• v.40 no.2
• /
• pp.151-166
• /
• 2024

Coastal debris presents a significant environmental threat globally. This research sought to improve the monitoring methods for coastal debris by employing deep learning and remote sensing technologies. To achieve this, an object detection approach utilizing the You Only Look Once (YOLO)v8 model was implemented to develop a comprehensive image dataset for 11 primary types of coastal debris in our country, proposing a protocol for the real-time detection and analysis of debris. Drone imagery was collected over Sinja Island, situated at the estuary of the Nakdong River, and analyzed using our custom YOLOv8-based analysis program to identify type-specific hotspots of coastal debris. The deployment of these mapping and analysis methodologies is anticipated to be effectively utilized in managing coastal debris.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.4
• /
• pp.681-691
• /
• 2024

In recent decades, research and development in the field of industrial robotics, such as an unmanned ground vehicle (UGV) and an unmanned aerial vehicle (UAV), has been significant progress. In these advancements, it is important to use middleware, which facilitates communication and data management between different applications, and various industrial communication middleware protocols have been released. The robot operating system (ROS) is the most widely adopted as the main platform for robot system development among the communication middleware protocols. However, the ROS is known to be vulnerable to various cyber attacks, such as eavesdropping on communications and injecting malicious messages, because it was initially designed without security considerations. In response, numerous studies have proposed countermeasures to ROS vulnerabilities. In particular, some work has been proposed on generating ROS datasets for intrusion detection systems (IDS), but there is a lack of research in this area. In this paper, in order to contribute to improving the performance of ROS IDSs, we propose a new type of attack scenario that can occur in the ROS and build ROS attack datasets collected from a real robot system and make it available as an open dataset.