• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.99-107
• /
• 2022

The use of smart home appliances and Internet of Things (IoT) devices is growing, enabling new interactions and automation in the home. This technology relies heavily on mobile services which leaves it vulnerable to the increasing threat of hacking, identity theft, information leakage, serious infringement of personal privacy, abnormal access, and erroneous operation. Confirming or proving such security breaches have occurred is also currently insufficient. Furthermore, due to the restricted nature of IoT devices, such as their specifications and operating environments, it is difficult to provide the same level of internet security as personal computers. Therefore, to increase the security on smart home IoT devices, attention is needed on (1) preventing hacking and user authority theft; (2) disabling abnormal manipulation; and (3) strengthening audit records for device operation. In response to this, we present a plan to build a cloud security authentication platform which features security authentication management functionality between mobile terminals and IoT devices.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.313-317
• /
• 2014

Smart-phone, PC or tablet platforms, such as smart terminals spread to the masses trying to capitalize. Smart TV also is increasing. In Korea, market size of TV is growing fast with growth of risk of hacking. In this paper, several kinds of Smart TV hacking cases are presented with the possibility of attacks against the vulnerability analysis and countermeasures. Most of the Linux operating system is open. Thus, it is vulnerable for latest hacking techniques. Most are based on the Linux OS to enhance security mount Sand-Box. However, bypass procedure using the technique, or APT attacks can avoid San-Box technique. New hacking techniques and a variety of ways will occur in the future. Therefore, this paper will develop Smart TV, and it analysis of a security threat and establishes better prepared in the future because new hacking attacks are expected to prepare more.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.355-359
• /
• 2008

와이브로(WiBro), 3G 무선인터넷(HSDPA), 3G LTE 등과 같은 와이어리스 브로드밴드(Wireless Broand) 기술이 점차 성숙됨에 따라 이들 망을 활용한 다양한 무선인터넷 서비스를 제공하려는 사업자들이 증가하고 있다. 기존의 WLAN, 2G/3G 회선망에서의 제한된 이동성 및 네트워크 전송 속도를 개선한 와이어리스 브로드밴드 서비스 시장은 국내에서도 2006년부터 WiBro 및 HSDPA가 사용됨에 따라 사업자간의 경쟁도 본격화되고 있다. 이러한 환경 속에서 사업자들은 신속하고 편리한 서비스 개통과 스마트폰, USB모뎀, 노트북, UMPC, PMP등 다양한 단말들의 펌웨어 업그레이드, A/S 처리 방안에 대해 고심을 하고 있으며, 이들 문제점은 막대한 비용과 고객 민원을 야기시키는 요인이기도 하다. 따라서 경제적인 관리비용으로 동적인 서비스/펌웨어 업그레이드 및 A/S에 대한 고객 만족도를 높이기 위한 단말 원격 관리 필요성이 절실히 요구된다. WiBro 단말의 안전하고 효율적으로 관리하기 위해서는 단말과 기지국사이의 무선구간에 대한 보안(security)을 강화시켜 줄 수 있으면서 이동성(mobility)을 고려한 OMA DM프로토콜을 이용하는 것이 적합하다. 또한, WiBro에서 가입자 인증을 채택하고 있는 UICC의 관리를 위해서 3GPP에서 정의하는 SMS/MMS기반의 또는 BIP(Bear Independent Protocol)기반의 OTA기술을 병행하여 사용하여야 한다. 본 논문에서는 Wi-MAX단말 관리를 위한 OTA Provisioning 규격으로 OMA DM과 TR069이 WiMAX 단말을 위하여 어떻게 적용하도록 규정하고 있는지를 살펴본다. 특히, WiBro 가입자 인증뿐만 아니라 폰북, DRM, 금융서비스 등 다양한 부가 서비스를 위하여 사용되는 UICC의 원격관리를 위한 관리 요소들을 정의, 설계하고 이를 바탕으로 구현된 KTUICC OTA Provisioning시스템을 소개한다.

• Journal of Advanced Navigation Technology
• /
• v.17 no.6
• /
• pp.712-719
• /
• 2013

This paper studies the security module for the reliable transmission of the meter reading and the control data between the remote terminals and the upper server-side in smart water grid. The proposed security module was implemented to make it attachable to the remote terminal without security function. In particular, unlike the smart grid of electric field, the low power is considered due to the use of battery power in the smart water grid, and the ARIA-GCM-128 symmetric key method is adopted taking into the account that the damp and constrictive environments by the installed meter location in the underground occur a communication obstacle on building of the large-scale network system. The encryption module of this paper was devised to ensure the safety between the reading data on the terminal and the control data from the upper server, and secure the stability of the remote meter reading system by taking protection against an arbitrary alteration or modification.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.632-640
• /
• 2013

In this paper, we proposed a system in a wireless LAN environment in case of security threats, the mobile terminal and the remote server-based WLAN security. The security of the wireless LAN environment in the recent technology in a variety of ways have been proposed and many products are being launched such as WIPS and DLP. However, these products are expensive and difficult to manage so very difficult to use in small businesses. Therefore, in this paper, we propose a security system, wireless LAN-based terminal and a remote server using whitelist according to development BYOD market and smartphone hardware. The proposed system that AP and personal device information to be stored on the server by an administrator and Application installed on a personal device alone, it has the advantage that can be Applicationlied to a variety of wireless network environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.343-345
• /
• 2017

With the development of IoT technology, terminals connected with IoT are being used. However, security incidents are occurring as IoT is applied to society as a whole. IoT security incidents can be linked to personal risk and social disruption. In this study, we extract the evidence of security breach in IoT device. Analyze IoT security breach environment and extract Hashing function to secure original integrity and integrity. Then, the Forensic evidence is extracted from the IoT security device to verify the integrity of the original and Forensic reports should be written and studied to be used as legal evidence.

• Convergence Security Journal
• /
• v.24 no.2
• /
• pp.55-61
• /
• 2024

With the development of IoT technology, wearable services have also developed rapidly. Wearable devices required for this service are used as sensors and controllers in the form of smart bands. Wearable devices implement very concise SWlogic for possible long-term use and use wireless communication protocols to improve convenience. However, because this wearable device aims to be lightweight, it is more vulnerable to security than terminals used for other information services. Many smart healthcare or smart medical services are passive or do not apply security technology. By exploiting this security environment, attackers can obtain or modify important information through access to wearable devices. In this study, we analyzed the technical operating environment of wearable services and identified authentication information reuse attacks, BIAS attacks, battery drain attacks and firmware attacks on wearable devices. And we analyzed the mechanism of each security threat and confirmed the attack effect. In this study, we presented a response plan to respond to the identified security threats. When developing wearable services, it is expected that safer services can be built if the response plan proposed in this study is considered.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.05a
• /
• pp.291-293
• /
• 2017

Security services that support electric energy service gateway require relatively high reliability. In particular, the application services that accompany communications and data are run organically. Each of the security services should support a secure service platform that supports a secure, scalable life cycle for existing services which should be extends security layer of Universal Middleware such as OSGi platform. In this convergence platform, it is the study of security transfer modular services that allow independent life cycle management of systems through Universal middleware. First, It is modular in terms of energy consumption service and data, enabling real-time operation, communications, remote management and applications. Second, the life cycle of the secure module to support the life cycle of secure, delete, start and updating of the security module by applying the security policy module layer concept. It is modular in terms of power generation and accountability, enabling us to distinguish between reliability and accountability in a large volume of data models in the smart grid, the service was intended to be standardized and applied to the security service platform.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.11
• /
• pp.2656-2664
• /
• 2015

IoT management hub has to request the WLAN AP list of the accessible areas in a place that is installed, or choose a specific WLAN AP you want to connect in order to be connected to the Internet. the specific method also is required to input the password when the security key was set. As that way, IoT management hub needs both the display device and the input device to see the list of WLAN AP and to input the security key. If the IoT management hub is consist of them, It is difficult to achieve the objective of the miniaturization and cost reduction. In this paper, we propose a method to connect to a WLAN AP network using a smart-phone without the display device and the input device.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.103-106
• /
• 2012

클라우드 컴퓨팅 기술이 컴퓨팅 자원의 사용 방식에 대한 새로운 패러다임을 이끌어가고 있는 가운데 이미 PC 가상화를 통한 클라우드 서비스가 선을 보이고 있다. 또한 스마트 디바이스 이용이 급증함에 따라 모바일 클라우드 서비스에도 관심이 집중되고 있으며 기존의 클라우드 서비스를 스마트 디바이스에서도 사용하는 형태의 서비스가 이미 출시되고 있다. 하지만 진정한 의미의 모바일 클라우드를 위해서는 스마트 디바이스 자원 가상화를 통한 클라우드 자원 활용의 극대화가 이루어져야 한다. 본 논문에서는 클라우드 내 가상 단말에 접속하여 서비스를 받을 수 있는 실질적인 모바일 클라우드 서비스 구현을 위한 모바일 클라우드 아키텍처를 소개하고 이의 구성요소 중 하나인 모바일 클라우드 서비스 커넥터의 설계 방안을 제시하였다. 설계 시 주요 고려사항은 제한된 모바일 네트워크 환경에서 실시간 서비스를 제공하면서 보안을 강화하는 것이며 이에 대한 연구는 모바일 클라우드가 실질적인 서비스로서 자리매김하는데 필수적인 요소라 확신한다.