• Journal of the Korea Convergence Society
• /
• v.8 no.11
• /
• pp.21-27
• /
• 2017

Internet of Things(IoT), which is developing for the hyper connection society, is based on OSHW (Open Source Hardware) such as Arduino and various small products are emerging. Because of the limitation of low performance and low memory, the IoT is causing serious information security problem that it is difficult to apply strong security technology. In this paper, we analyze the vulnerability that can occur as a result of compiling and loading the application program of Arduino on the host computer. And we propose a new attack method that allows an attacker to arbitrarily change the value input from the sensor of the arduino board. Such as a proposed attack method may cause the arduino board to misinterpret environmental information and render it inoperable. By understanding these attack techniques, it is possible to consider how to build a secure development environment and cope with these attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.5
• /
• pp.9-17
• /
• 2019

As the IoT environment becomes more popular, the safety of the M2M environment, which establishes the communication environment between objects and objects without human intervention, becomes important. Due to the nature of the wireless communication environment, there is a possibility of exposure to security threats in various aspects such as data exposure, falsification, tampering, deletion and privacy, and secure communication security technology is considered as an important requirement. In this paper, we propose a new method for group key generation and exchange using trap hash collision hash in existing 'M2M communication environment' using hash collision, And a mechanism for confirming the authentication of the device and the gateway after the group key is generated. The proposed method has attack resistance such as spoofing attack, meson attack, and retransmission attack in the group communication section by using the specificity of the collision message and collision hash, and is a technique for proving safety against vulnerability of hash collision.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.10
• /
• pp.1353-1358
• /
• 2021

IoT (Internet of Things) emerges from various technologies such as communications, micro processors and embedded system and so on. The IoT has also been used to UAV (Unmanned Aerial Vehicle) system. In manned aircraft, a pilot and co-pilot should control FCS (Flight Control System) with FBW(Fly By Wire) system for flight operation. In contrast, the flight operation in UAV system is remotely and fully managed by GCS (Ground Control System) almost in real time. To make it possible the communication channel should be necessary between the UAV and the GCS. There are many protocols between two systems. Amongst them, MAVLink (Macro Air Vehicle Link) protocol is representatively used due to its open architecture. MAVLink does not define any securities itself, which results in high vulnerability from external attacks. This paper proposes the method to enhance data security in GCS network by applying cryptographic methods to the MAVLink messages in order to support safe UAV operations.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.23 no.6
• /
• pp.163-170
• /
• 2023

With the introduction of the law regarding severe penalties for major accidents, employers, management executives, and corporations have significantly increased the number of safety managers and invested extensively in acquiring ISO certifications to prevent accidents in industrial sites. Moreover, the implementation of the Smart Safety Management System (SSMS) has facilitated the management of personnel and safety equipment. While IoT-based management systems have been applied to safety gear such as helmets, safety harnesses, and protective clothing, the responsibility for safety shoes still primarily lies with on-site managers and individuals, leaving a vulnerability to accidents. In this study, we aim to implement a Raspberry Pi-based sensor device to proactively detect workers' safety shoe usage upon entering the site. The goal is to confirm the usage of safety shoes and prevent accidents that may occur due to non-compliance with safety shoes regulations.

• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.11-20
• /
• 2024

Recently, smart buildings that can efficiently manage energy using ICT technology and operate and control through the building automation system by collecting data from a large number of IoT sensors in real time are attracting attention. However, as data management is carried out through an open environment, the safety of smart buildings is threatened by the security vulnerability of the existing building automation protocol. Therefore, in this paper, we analyze the major data link technology of BACnet, which is used universally, and propose OWE-based efficient BACnet/SC that can ensure the reliability of data in a wireless environment. The proposed protocol enables safe communication even in an open network by applying OWE and provides the same level of security as BACnet/SC in a TLS environment. As a result, it reduces the connection process twice and reduces the average time required by 40%, enabling more efficient communication than before.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.7 no.6
• /
• pp.871-880
• /
• 2017

Recently, service based on internet is inter-connected and integrated with a variety of connection. This kind of internet of things consist of heterogenous devices such as sensor node, devices and end-to end equipment which used in conventional protocols and services. The representative system is healthcare system. From healthcare appliance used by IoT, patient and doctor can utilize healthcare information with safety and high speed management. It is very convenient management to operate mobility. But it induced security and vulnerability issues because it has small memory capacity, low power supply and low computing power. This made impossible to implement security algorithm with embedded engine based on hardware. Nowdays, we can't realize conventional standard algorithm due to these kinds of reasons. From the critical issues, it occurred security and vulnerability issues. Therefore, we analysed and compared with conventional method and proposed techniques. Finally, we evaluated security issues and requirement for end-to-end point healthcare system based on internet of things.

• Journal of Korea Multimedia Society
• /
• v.18 no.4
• /
• pp.506-523
• /
• 2015

The intent is to determine whether or not the custody transfer is helpful for data transmission in challenging underwater communications when running Bundle protocol or underwater protocols. From the point of view defending side, Underwater Acoustic Network (UAN) will be a serious threat for its strong functionality long rang and high precision of surveillance and detection. Therefore, countermeasures must be taken to weaken its effect. Our purpose is analyzed that how to benefit from the UIoT to learn from, exploit and preserve the natural underwater resources. Delay/Disruption Tolerant Network (DTN) is essential part of the network heterogeneity communication network. The vulnerability and potential security factors of UIoT are studied thereafter. Security mechanisms for an underwater environment are difficult to apply owing to the limited bandwidth. Therefore, for underwater security, appropriate security mechanisms and security requirements must be defined simultaneously. The paper consists of mathematical and security model. Most important point of view in the security challenges of effective Buffer and Storage management in DTN.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.4
• /
• pp.699-706
• /
• 2023

Recently, the 4 generation industry revolution is developed with advanced and combined with a variety of new technologies. Conventional healthcare system is applied with IoT application. It provides many advantages with mobility and swift data transfers to patient and doctor. In despite of these kinds of advantages, it occurred security issues between basic devices and protocols in their applications. Especially, internet of things have restricted and limited resources such as small memory capacity, low capability of computing power, etc. Therefore, we can not utilize conventional mechanism. In this paper, we analyzed attacks and vulnerability in terms of security issues. To analyze security structure, features, demands and requirements, we solve the methods to be reduced security issues.

• Proceedings of the Korean Society of Disaster Information Conference
• /
• 2017.11a
• /
• pp.69-70
• /
• 2017

국내외에서 CCTV, IoT(Internet of Things)를 활용한 재난 재해 감지 기술이 활발히 연구되고 활용되고 있다. 그러나 재난 감지 시스템은 전기와 같은 기반 시설이 구축되어야 활용이 가능하기에 지역적으로 시스템 구축에 어려움이 있는 재난 취약 지역(Disaster Vulnerability area)이 발생하게 된다. 이를 해결하기 위한 방안으로 소형 자가발전시스템을 구축하여 CCTV를 활용한 실시간 재난 감시 방안을 마련하고자 하며, 이에 일환으로 울산시 기상관측 자료와 소형 자가발전시스템 발전량간의 상관관계를 분석하여 기후 요소가 발전량에 미치는 영향을 살펴보고 추가적인 연구 방향에 대해 논의하고자 한다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.17 no.4
• /
• pp.43-48
• /
• 2017

Today our society is approaching new intelligence information society, which has been caused by the Fourth Industrial Revolution along with the development of information and communication technology(ICT). And this has just opened a new era of Internet of Things(IoT) that connects between human and objects and between objects through network, allowing transmission and reception of information beyond the limits of space. However, many crises occurred in the existing communication environment may threaten the security of Internet of Things, by violating the three components of information security. In this paper, this study aims to analyze security technology to achieve advanced security by dividing IoT security technology for coping with security vulnerability found in different components into three groups.