• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.05a
• /
• pp.654-656
• /
• 2016

MACsec is a cryptographic function that operates on Layer 2. As industries such as IoT(Internet of Things) devices are receiving attention recently are connected to the network and Internet traffic is increasing rapidly. Because of today, Becoming the increase in traffic and complex situations to protect the overall traffic, not just certain parts. The MACsec technology has received attention. In this paper, Layer 2 security technology to MACsec. Design the technology MACsec adapter that can easily and readily added to existing Layer 2 network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.949-960
• /
• 2019

Due to miniaturization of electronic devices and development of IoT(Internet of Things), embedded system have been used in various field. Meanwhile, there is a potential vulnerability by the insufficient of system's security. In this paper, we implement secure boot using TPM to protect the integrity of embedded system environment. The Suggestion considers the required availability in the embedded system and detects the system's tampering at secure boot process via TPM. In addition, we have reinforced the confidentiality through AES encryption of the kernel at secure boot.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5654-5668
• /
• 2018

Driven by security and real-time demands of Internet of Things (IoT), the timing of fog computing and edge computing have gradually come into place. Gateways bear more nearby computing, storage, analysis and as an intelligent broker of the whole computing lifecycle in between local devices and the remote cloud. In fog computing, the edge broker requires X-aware capabilities that combines software programmability, stream processing, hardware optimization and various connectivity to deal with such as security, data abstraction, network latency, service classification and workload allocation strategy. The prosperous of Field Programmable Gate Array (FPGA) pushes the possibility of gateway capabilities further landed. In this paper, we propose a software-defined gateway (SDG) scheme for fog computing paradigm termed as Fog Computing Zero-Knowledge Gateway that strengthens data protection and resilience merits designed for industrial internet of things or highly privacy concerned hybrid cloud scenarios. It is a proxy for fog nodes and able to integrate with existing commodity gateways. The contribution is that it converts Privacy-Enhancing Technologies rules into provable statements without knowing original sensitive data and guarantees privacy rules applied to the sensitive data before being propagated while preventing potential leakage threats. Some logical functions can be offloaded to any programmable micro-controller embedded to achieve higher computing efficiency.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.101-103
• /
• 2022

Elliptic curve cryptography (ECC) is widely used in hardware implementations of public-key crypto-systems for IoT devices and V2X communication because it is suitable for efficient hardware implementation and has high security strength. However, ECC-based public-key cryptography is known to have security vulnerabilities against side-channel attacks, so it is necessary to apply countermeasures against security attacks in designing ECC processor. This paper describes a survey on the side-channel attacks and countermeasures applicable to ECC processor design.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.7
• /
• pp.613-621
• /
• 2019

Recently, with the development of the Internet of Things (IoT) and cloud computing technologies, security threats have increased as malicious codes infect IoT devices, and new malware spreads ransomware to cloud servers. In this study, we propose a threat-detection technique that checks obfuscated script patterns to compensate for the shortcomings of conventional signature-based and behavior-based detection methods. Proposed is a malicious code-detection technique that is based on malicious script-pattern analysis that can detect zero-day attacks while maintaining the existing detection rate by registering and checking derived distribution patterns after analyzing the types of malicious scripts distributed through websites. To verify the performance of the proposed technique, a prototype system was developed to collect a total of 390 malicious websites and experiment with 10 major malicious script-distribution patterns derived from analysis. The technique showed an average detection rate of about 86% of all items, while maintaining the existing detection speed based on the detection rule and also detecting zero-day attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2019.05a
• /
• pp.290-292
• /
• 2019

Since the advent of blockchain and bitcoin, decentralization has been accelerating around the world as a public blockchain ethereum with smartcontract has begun. Developers can use Ethereum's blockchain development platform to develop "distributed applications" (DApp) running on a decentralized P2P network, and various types of devices from IoT to mobile can participate in a block-chain distributed environment have. Using Ethereum's blockchain development platform, developers can develop "Decentralized Application (DApp)" that run on a decentralized P2P network and various types of devices from IOT to mobile can participate in distributed blockchain environments. There are many ways to interact with the blockchain and the smart contract, but users tend to prefer the mobile methods due to their convenience and accessibility advantages. Therefore, the author developed an Android based voting DApp and researched related issues. Since the current development methods of DApp are not adequately researched and standardized, efficient methods for developing user-friendly DApp were studied. Because DApp has to spend a certain amount of fees to interact with blockchain, it has intensively investigated the gas problem of Smart Contract code and the security problem of code, and author would like to introduce it in this paper.

• Convergence Security Journal
• /
• v.23 no.1
• /
• pp.45-54
• /
• 2023

Recently, with the development of the Internet of Things, research on protocols that can easily connect devices without a UI to the network has been steadily conducted. To this end, the Wi-Fi Alliance announced Wi-Fi Easy Connect, which can connect to a network using a QR code. However, since Wi-Fi Easy Connect requires a large amount of computation for safety, it is difficult to apply to low-power and miniaturized IoT devices. In addition, Wi-Fi Easy Connect considering scalability is designed to operate in a wired environment, but problems such as duplicate encryption occur because it does not consider a security environment like TLS. Therefore, in this paper, we analyze the Wi-Fi Easy Connect protocol and propose a protocol that can operate efficiently in the TLS environment. It was confirmed that the proposed protocol satisfies the existing security requirements and at the same time reduces about 67% of ECC scalar multiplication operations with a large amount of computation.

• KIPS Transactions on Software and Data Engineering
• /
• v.11 no.5
• /
• pp.197-202
• /
• 2022

IoT (Internet of Things) devices are being attacked by malware due to many security vulnerabilities, such as the use of weak IDs/passwords and unauthenticated firmware updates. However, due to the diversity of CPU architectures, it is difficult to set up a malware analysis environment and design features. In this paper, we design time series features using the byte sequence of executable files to represent independent features of CPU architectures, and analyze them using recurrent neural networks. The proposed feature is a fixed-length time series pattern extracted from the byte sequence by calculating partial entropy and applying linear interpolation. Temporary changes in the extracted feature are analyzed by RNN and LSTM. In the experiment, the IoT malware detection showed high performance, while low performance was analyzed in the malware family classification. When the entropy patterns for each malware family were compared visually, the Tsunami and Gafgyt families showed similar patterns, resulting in low performance. LSTM is more suitable than RNN for learning temporal changes in the proposed malware features.

• Journal of Software Assessment and Valuation
• /
• v.16 no.2
• /
• pp.53-62
• /
• 2020

In the end-user domain of an IoT environment, there are more and more intelligent M2M devices that provide resources to create and share application services. Therefore, it can be very useful to manage trust by transferring the role of the existing centralized service provider to end users in a P2P environment. However, in a decentralized M2M computing environment where end users independently provide or consume services, mutual trust building is the most important factor. This is because malicious users trying to build malfunctioning services can cause security problems in M2M computing environments such as IoT. In this paper, we provide an integrated analysis and approach for trust evaluation of M2M application services, and an optimized trust evaluation model that can guarantee reliability among users of the M2M community.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.34 no.3
• /
• pp.393-401
• /
• 2024

Recently, the Internet of Things (IoT) has been widely used in industries and daily life that directly affect human safety, life, and assets. However, IoT devices, which need to meet low-cost, lightweight, and low-power requirements, face a significant problem of shortened battery lifetime due to battery draining attacks and interference. To solve this problem, the 802.11ba standard for the Wake-up Receiver (WuR) has emerged, this feature is playing a crucial role in minimizing energy consumption. However, the WuR protocol did not consider security mechanisms in order to reduce latency and overhead. Therefore, in this study, anAdaptive Power Saving Mechanism (APSM) is proposed for low-power WuR to counter battery draining attacks. APSM can minimize abnormally occurring power consumption by exponentially increasing power-saving time in environments prone to attacks. According to experimental results, the proposed APSM improved energy consumption efficiency by a minimum of 13.77% compared to the traditional Legacy Power Saving Mechanism (LPSM) when attack traffic ratio is 10% or more of the total traffic.