• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

• International Journal of Computer Science & Network Security
• /
• v.22 no.7
• /
• pp.229-239
• /
• 2022

Today's Internet of Things (IoT) has had a dramatic increase in the use of various daily aspects. As a consequence, many homes adopt IoT technology to move towards the smart home. So, the home can be called smart when it has a range of smart devices that are united into one network, such as cameras, sensors, etc. While IoT smart home devices bring numerous benefits to human life, there are many security concerns associated with these devices. These security concerns, such as user privacy, can result in an insecure application. In this research, we focused on analyzing the vulnerabilities of IoT smart home cameras. This will be done by designing a new model that follows the STRIDE approach to identify these threats in order to afford an efficient and secure IoT device. Then, apply a number of test cases on a smart home camera in order to verify the usage of the proposed model. Lastly, we present a scheme for mitigation techniques to prevent any vulnerabilities that might occur in IoT devices.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.1
• /
• pp.51-58
• /
• 2015

Internet of Thing is a collection of various technical components, and the interworking among heterogeneous devices, networks, applications is expected to be accelerated through the openness of IoT platform. For this reason, many technical and administrative security threats will occur in IoT environments. In this paper, authentication methods of recent researches are analyzed for safe IoT services, and new mutual authentication protocol is proposed to provide more secure communication. The proposed protocol prevents an impersonation as malicious gateway or illegal device providing mutual authentication between gateway and IoT device. The performance analysis and evaluation of proposed authentication protocol are performed.

• Journal of Digital Contents Society
• /
• v.17 no.6
• /
• pp.499-507
• /
• 2016

The era of IoT, which figures exchanging data from the internet between things is coming. Recently, former electric power energy policy paradigm, namely Supply side paradigm, is changing, because electric power energy consumption is rapidly increasing. As new paradigm for this limit, convergence of existing electric power grid and ICT(Information and Communication Technology) will accelerate intellectualization of electric power device, its operation system. This change brought opened electric power grid. Consequently, attacks to the national electric power grid are increasing. On this paper, we will analyze security threats of existing IoT, discuss security weakness on electric power industry IoT and suggest needed security requirements, security technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.31-49
• /
• 2021

IoT devices refer to embedded devices that can communicate with networks. Since there are various types of IoT devices and they are widely used around us, in the event of an attack, damages such as personal information leakage can occur depending on the type of device. While the security team analyzes IoT devices, they should target firmware as well as software interfaces since IoT devices are operated by both of them. However, the problem is that it is not easy to extract and analyze firmware and that it is not easy to manage product quality at a certain level even if the same target is analyzed according to the analyst's expertise within the security team. Therefore, in this paper, we intend to establish a vulnerability analysis process for the firmware of IoT devices and present available tools for each step. Besides, we organized the process from firmware acquisition to analysis of IoT devices produced by various commercial manufacturers, and we wanted to prove their validity by applying it directly to drone analysis by various manufacturers.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.12
• /
• pp.76-82
• /
• 2019

The development of Internet technology and the deployment of smart devices provide a convenient environment for people, and this is becoming common with the technology called the Internet of Things (IoT). But the development of, and demand for, IoT technology is causing various problems, such as personal information leaks due to the attacks of hackers who exploit it. A number of devices are connected to a network, and network attacks that have been exploited in the existing PC environment are occurring in the IoT environment. When it comes to IP cameras, security incidents (such as distributed denial of service [DDoS] attacks, hacking someone's personal information, and monitoring without consent) are occurring. However, it is difficult to install and implement existing security solutions because memory space and power are limited owing to the characteristics of small devices in the IoT environment. Therefore, this paper proposes a security protocol that can look at and prevent IoT security threats. A security assessment verified that the proposed protocol is able to respond to various security threats that could arise in a network. Therefore, it is expected that efficient operation of this protocol will be possible if it is applied to the IoT environment.

• International Journal of Computer Science & Network Security
• /
• v.24 no.4
• /
• pp.11-25
• /
• 2024

The proliferation of IoT devices has presented an unprecedented challenge in managing device identities securely and efficiently. In this paper, we introduce an innovative Hybrid Blockchain-Based Approach for IoT Identity Management that prioritizes both security and efficiency. Our hybrid solution, strategically combines the advantages of direct and indirect connections, yielding exceptional performance. This approach delivers reduced latency, optimized network utilization, and energy efficiency by leveraging local cluster interactions for routine tasks while resorting to indirect blockchain connections for critical processes. This paper presents a comprehensive solution to the complex challenges associated with IoT identity management. Our Hybrid Blockchain-Based Approach sets a new benchmark for secure and efficient identity management within IoT ecosystems, arising from the synergy between direct and indirect connections. This serves as a foundational framework for future endeavors, including optimization strategies, scalability enhancements, and the integration of advanced encryption methodologies. In conclusion, this paper underscores the importance of tailored strategies in shaping the future of IoT identity management through innovative blockchain integration.

• Journal of the Korea Convergence Society
• /
• v.6 no.2
• /
• pp.65-70
• /
• 2015

As the new technologies like IoT and Fintech appear which have not existed before, security threat ranges in existing system are increasing. Especially, IoT has increasing ranges to cause malicious behaviors in specific systems because related IT infrastructure ranges are increasing. Fintech also requires the innovation of traditional security system because it has new structure which didn't exist in the past. As IoT and Fintech technologies are commercialized and related markets are developing in the future, structural security threats could be connected to actual attacks and secondary attacks by the attackers' imbedding of back door in IoT internet devices through remote access. Customer's device cannot be compulsively controlled for security in new system where these various security threats exist. Therefore, these services should minimize the collected information, and now is the time to politically control the utilizing methods of the collected information. In this thesis, security threats are to be suggested which could occur in newly appearing mobile services like IoT and Fintech.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.10 no.4
• /
• pp.221-231
• /
• 2015

This paper provides the trend of Internet of Things (IoT) for smart healthcare services and applications. IoT has provided a promising opportunity to build intelligent healthcare system and smart wearable applications by using the growing capability of wireless mobile devices, interactive sensors/actuators, and RFID technologies. For analysis of state-of-art technology of smart healthcare system, this paper includes comparative analysis and investigation of existing standard, network protocol, and devices, etc. In this paper, we examine the market trend of IoT healthcare. In particular, we examine the variety of IoT based healthcare type such as mobile, wearable device. After that, we examine the technologies of IoT healthcare such as standard, sensor, network and security. This survey contributes to better understanding of the challenges in existing IoT healthcare and further new light on future research directions.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.2
• /
• pp.113-122
• /
• 2020

In this paper, we propose the terminal authentication system using blockchain and TOTP(Time-based One-time Password Algorithm) to sustain a continuous authentication between user device and service device. And we experiment this system by using door-lock as a terminal of IoT(Internet of Things). In the future, we can apply this result to several devices of IoT for convenience and security. Although IoT devices frequently used everyday require convenience and security at the same time, it is difficult for IoT devices having features of the low-capacity and light-weight to apply the existing authentication technology requiring a high amount of computation. Blockchain technology having security and integrity have been used as a storage platform, but its authentication cannot be performed when the terminal cannot access any network. We show the method to solve this problem using Blockchain and TOPT.