• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.5
• /
• pp.1037-1046
• /
• 2024

The widespread adoption of the Internet of Things (IoT) has enhanced efficiency and convenience across various fields, but it has also led to a surge in security threats. Among these, IoT botnets are particularly concerning as they can rapidly infect a large number of devices and launch various types of attacks, making them a significant security threat. In IoT environments where implementing security measures on individual devices is challenging, establishing a security monitoring system for real-time detection and response is essential to mitigate the risks posed by botnets. In the field of security monitoring, it is crucial not only to detect botnets but also to analyze their detailed behaviors to devise effective countermeasures. Security experts devote considerable effort to analyzing the payloads of detected threats to understand botnet behavior and develop appropriate responses. However, analyzing all threats manually is time-consuming and costly. To address this, our study proposes an XAI-based network feature extraction methodology to enhance the effectiveness of IoT botnet behavior analysis. This study proposes a practical security monitoring methodology for IoT botnet behavior analysis and response, consisting of three steps: 1) BPE and TF-IDF based payload feature extraction, 2) XAI-based feature importance analysis, and 3) visualization of decision rationale based on feature importance. This approach provides security experts with intuitive visual evidence of IoT attacks and reduces analysis time, contributing to faster decision-making and response strategy development in security monitoring.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.21 no.10
• /
• pp.602-608
• /
• 2020

Development of Internet technology and the spread of various smart devices provide a convenient computing environment for people, which is becoming common thanks to the Internet of Things (IoT). However, attacks by hackers have caused various problems, such as leaking personal information or violating privacy. In the IoT environment, various smart devices are connected, and network attacks that are used in the PC environment are occurring frequently in the IoT. In fact, security incidents such as conducting DDoS attacks by hacking IP cameras, leaking personal information, and monitoring unspecified numbers of personal files without consent are occurring. Although attacks in the existing Internet environment are PC-oriented, we can now confirm that smart devices such as IP cameras and tablets can be targets of network attacks. Through performance evaluation, the proposed protocol shows 11% more energy efficiency on servers than RSA, eight times greater energy efficiency on clients than Kerberos, and increased efficiency as the number of devices increases. In addition, it is possible to respond to a variety of security threats that might occur against the network. It is expected that efficient operations will be possible if the proposed protocol is applied to the IoT environment.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.76-82
• /
• 2019

The development of Internet technology and the deployment of smart devices provide a convenient environment for people, and this is becoming common with the technology called the Internet of Things (IoT). But the development of, and demand for, IoT technology is causing various problems, such as personal information leaks due to the attacks of hackers who exploit it. A number of devices are connected to a network, and network attacks that have been exploited in the existing PC environment are occurring in the IoT environment. When it comes to IP cameras, security incidents (such as distributed denial of service [DDoS] attacks, hacking someone's personal information, and monitoring without consent) are occurring. However, it is difficult to install and implement existing security solutions because memory space and power are limited owing to the characteristics of small devices in the IoT environment. Therefore, this paper proposes a security protocol that can look at and prevent IoT security threats. A security assessment verified that the proposed protocol is able to respond to various security threats that could arise in a network. Therefore, it is expected that efficient operation of this protocol will be possible if it is applied to the IoT environment.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.7
• /
• pp.183-194
• /
• 2018

With the rapid development of IoT(Internet of Things) technology, various convenient services such as smart home and smart city have been realized. However, IoT devices in unmanned environments are exposed to various security threats including eavesdropping and data forgery, information leakage due to unauthorized access. To build a secure IoT environment, it is necessary to use proper cryptographic technologies to IoT devices. But, it is impossible to apply the technologies applied in the existing IT environment, due to the limited resources of the IoT devices. In this paper, we survey the classification of IoT devices according to the performance and analyze the security requirements for IoT devices. Also we survey and analyze the use of cryptographic technologies in the current status of IoT open standard platform such as AllJoyn, oneM2M, IoTivity. Based on the research of cryptographic usage, we examine whether each platform satisfies security requirements. Each IoT open platform provides cryptographic technology for supporting security services such as confidentiality, integrity, authentication an authorization. However, resource constrained IoT devices such as blood pressure monitoring sensors are difficult to apply existing cryptographic techniques. Thus, it is necessary to study cryptographic technologies for power-limited and resource constrained IoT devices in unattended environments.

• Proceedings of the Korea Contents Association Conference
• /
• 2008.05a
• /
• pp.228-235
• /
• 2008

Terror for airplane, airport and passengers of the problems is being threat over the world. and since 9.11 terror of 2001 year, many countries have endeavored to prevent terror and have manipulate airport security part as important field. Especially, The U.S.A made Transportation security Administration in Homeland security adminstration and strongly execute for policies related anti-terror. many countries over the world enforce airport and airplane security facilities with science-technology contents. and with security exploitation for the passengers and freight security inspection level enforcement, many countries also make effort to interupt aviation terror threat. In this process, in the center of developed countries that need science-technology contents adaption, much budget and personals are invested and exploited a security inspection instrument and complimented of many facilities As a result, according to the development of science-technology, prevention of Terror have much developed. The contents using intelligence-communication technology inevitably needed on the goal of terror prevention and safty. From simple monitoring for the people who come in and out airport to boarding process and inspection for the freight, security inspection process for the passengers, bio information input, confirmation, of the level that there is no cases of adaption of contents, The reality have generalized of using contents. The study is going to research contents application situation.

• The Journal of the Korea Contents Association
• /
• v.12 no.4
• /
• pp.60-68
• /
• 2012

In recent years, the requirements on the high quality environment monitoring by using the sensor nodes which can handle the multimedia data in WSN have been increased. However, because the volume of multimedia data is tremendous, the limited bandwidth of a wireless channel may incur the bottleneck of a system. To solve such a problem, most of the existing distributed multi-path routing protocols based on multimedia data just focused on overcoming the limited bandwidth in order to enhance the energy efficiency and the transmission rate. However, because the existing methods can not apply a key-based technique to encrypt the multimedia data, they are very weak for the security. In this paper, we propose a secure disjointed multipath routing scheme for multimedia data transmission. Since our proposed scheme divides multimedia data(eg. image) into pixels and sends them through disjointed multipath routing, it can provide security to the whole network without using the key-based method. Our experimental results show that our proposed scheme reduces about 10% the amount of the energy consumption and about 65% the amount of the missed data packets caused by malicious nodes over the existing methods on average.

• Journal of Digital Convergence
• /
• v.10 no.8
• /
• pp.225-231
• /
• 2012

In this paper, we implement a wireless home monitoring system using physical computing platform with the open source type for house environment management. Sensors for temperature, optics and ultrasonic waves are used for home environment elements detection and control for the home safety. To obtain information related with home and transmit it to RIA Windows server system, XBee wireless communication system is used and the transmitted information is saved in mySQL database for history management. The possibility of prevention against fire disaster of a house situated in a dense buildings area and highly populated environments is suggested by adopting the proposed system.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.10
• /
• pp.1139-1144
• /
• 2015

The internet of things(: IoT) which could produce new information as well as service through connecting small devices with internet interface becomes reality and could be utilized in home, office and plant. Especially the IoT can provide our home for safety, security, convenience, and power saving since all devices form a small internet. This paper proposes an IoT prototype for home with Raspberry Pi which has various sensors and monitors environment. This Raspberry Pi sensor node is small and inexpensive but can provide powerful service. The implemented node goes beyond simple role of sensor node and features a kind of sensor web node which performs various functions to outer network. So the proposed IoT prototype can provide flexibility as well as extensibility since it does not need expensive server.

• Journal of Korea Multimedia Society
• /
• v.19 no.12
• /
• pp.1981-1991
• /
• 2016

In recent, the advancement of wearable devices and wireless body area networking technologies motivate researchers to pay attention to remote healthcare system for monitoring patients health and disease progression effectively. However, in order to implement a practical remote healthcare system, we must consider the security and privacy of patient's personal health information transmitted to healthcare servers through the network. Hence, in this paper, we propose a secure health data transmission protocol in remote healthcare monitoring system to protect patient's health information and prevent privacy from eavesdropping on the network. To achieve our security goals, we design an efficient secure protocol based on the identity-based cryptography with key evolution technique, and then confirm the superiority and the efficiency of the proposed protocol as compared with the existing protocol of Yang et al.

• Annual Conference of KIPS
• /
• 2017.04a
• /
• pp.837-840
• /
• 2017

각종 사이버 범죄가 증가함에 따라 실시간 모니터링을 통한 사전 탐지 기술뿐만 아니라, 사후 원인 분석을 통한 사고 재발 방지 기술의 중요성이 증가하고 있다. 사후 분석은 시스템에서 생산된 다양한 유형의 대용량 로그를 기반으로 분석가가 보안 위협 과정을 규명하는 것으로 이를 지원하는 다양한 상용 및 오픈 소스 SW 존재하나, 대부분 단일 분석가 PC에서 운용되는 파일 기반 SW로 대용량 데이터에 대한 분석 성능 저하, 다수 분석가 간의 데이터 공유 불가, 통계 연관 분석 한계 및 대화형 점진적 내용 분석 불가 등의 문제점을 해결하지 못하고 있다. 이러한 문제점을 해결하기 위하여 고성능 인메모리 관계형 데이터베이스 시스템을 로그 스토리지로 활용하는 대용량 로그 분석 SW 개발하였다. 특히, 기 확보된 공격자 프로파일을 활용하여 공격의 유무를 확인하는 텍스트 패턴 매칭 연산은 전통적인 관계형 데이터베이스 시스템의 FTS(Full-Text Search) 기능 활용이 가능하나, 대용량 전용 색인 생성에 따른 비현실적인 DB 구축 소요 시간과 최소 3배 이상의 DB 용량 증가로 인한 시스템 리소스 추가 요구 등의 단점이 있다. 본 논문에서는 인메모리 관계형 데이터베이스 시스템 기반 효율적인 텍스트 패턴 매칭 연산을 위하여, 고성능의 대용량 로그 DB 적재 방법과 새로운 유형의 패턴 매칭 방법을 제안하였다.