• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.3
• /
• pp.231-242
• /
• 2004

Remote control and monitoring of information appliances require RTOS and TCP/IP network module to communicate each other. Traditional TCP/IP protocol stacks, however, require relatively large resources to be useful in small 8 or 16-bit systems both in terms of code size and memory usage. It motivates design and implementation of micro TCP/IP that is lightweight for embedded systems. Micro embedded web server is also required to control and monitor information appliances through the Web. In this paper, we design and implement micro TCP/IP and Web server for information appliances. For this goal, we investigate requirements for the interoperability of embedded systems with the Internet and the Web-based control of embedded systems. Next, we compare our micro TCP/IP protocol stack with that of RTIP and QPlus in terms of object code size and performance. The size of micro TCP/IP protocol stack can be reduced by 3/2 and 1/4, respectively, comparing with that of RTIP and QPlus. We also show that the performance of our micro TCP/IP is similar to that of RTIP and QPlus since it handles 2.9Mbps when delayed ACK is not adapted.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1243-1257
• /
• 2019

With the emergence of the IoT environment, various smart devices provide consumers with the convenience and various services. However, as security threats such as invasion of privacy have been reported, the importance of security issues in the IoT environment has emerged, and in particular, the security problem of key management has been discussed, and the PUF has been discussed as a countermeasure. In relation to the key management problem, a protocol using MIPUF has been proposed for the security problem of the group key management system. The system can be applied to lightweight IoT environments and the safety of the PUF ensures the safety of the entire system. However, in some processes, it shows vulnerabilities in terms of safety and efficiency of operation. This paper improves the existing protocol by adding authentication for members, ensuring data independence, reducing unnecessary operations, and increasing the efficiency of database searches. Safety analysis is performed for a specific attack and efficiency analysis results are presented by comparing the computational quantities. Through this, this paper shows that the reliability of data can be improved and our proposed method is lighter than existing protocol.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.5
• /
• pp.394-400
• /
• 2013

WoT (Web of Things) was proposed to realize intelligent thing to thing communications using WEB standard technology. It is difficult to adapt security protocols suited for existing Internet communications into WoT directly because WoT includes LLN(Low-power, Lossy Network) and resource constrained sensor devices. Recently, IETF standard group propose to use DTLS protocol for supporting security services in WoT environments. However, DTLS protocol is not an efficient solution for supporting end to end security in WoT since it introduces complex handshaking procedures and high communication overheads. We, therefore, divide WoT environment into two areas- one is DTLS enabled area and the other is an area using lightweight security scheme in order to improve them. Then we propose a mutual authentication scheme and a session key distribution scheme for the second area. The proposed system utilizes a smart device as a mobile gateway and WoT proxy. In the proposed authentication scheme, we modify the ISO 9798 standard to reduce both communication overhead and computing time of cryptographic primitives. In addition, our scheme is able to defend against replay attacks, spoofing attacks, select plaintext/ciphertext attacks, and DoS attacks, etc.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.3
• /
• pp.789-795
• /
• 2023

Digital-Twin are recognized as an important core technology for the realization of Smart Factories by simulating and optimizing the monitoring and predictive maintenance of manufacturing equipment and the operation of production lines in a digital space. To implement this system, we adopt the IEC62541-based OPC-UA (Open Platform Communications Unified-Architecture) Protocol, which has strengths in interoperability and connectivity between heterogeneous platforms. Therefore, In this paper, We designed and implemented an IIoT(Industry Internet of Things) system that connects heterogeneous platforms, and developed an OPC-UA simulator based on IEC 62541. We will present whether the data will be applied to the Digital-Twin Platform and whether it will work, and proceed with performance tests and evaluations. We evaluate the operation performance and OPC-UA performance of the Digital-Twin platform lightened by the proposed device, and present the optimal IEC62514-based simulator system. We proceeded with the performance evaluation of sending and receiving data with OPC-UA wrapping with the proposed simulator, and found that a lightweight Digital-Twin platform can be operated. This research can apply the OPC-UA protocol for implementing smart factory and meta-factory in the manufacturing shop floor with limited resources, avoiding the waste of time and space on the shop floor through the OPC-UA simulator. We expect that this will contribute to a significant improvement in efficiency by minimizing.

• Journal of Digital Convergence
• /
• v.13 no.10
• /
• pp.343-351
• /
• 2015

With the diverse services of the current M2M environment being expanded to the organizations, the corporations, and the daily lives, the possibility of the occurrence of the vulnerabilities of the security of the related technologies have become an issue. In order to solve such a problem of the vulnerability of the security, this thesis proposes the technique for applying the cryptography algorithm for the protection of the device key of the M2M environment. The proposed technique was based on the elliptic curve cryptography Through the key exchange and the signature exchange in the beginning, the security session was created. And the white box cipher was applied to the encryption that creates the white box table using the security session key. Application results cipher algorithm, Elliptic Curve Cryptography provides a lightweight mutual authentication, a session key for protecting the communication session and a conventional white-box cipher algorithm and was guaranteed the session key used to encrypt protected in different ways. The proposed protocol has secure advantages against Data modulation and exposure, MITM(Man-in-the-middle attack), Data forgery and Manipulation attack.

• The KIPS Transactions:PartC
• /
• v.18C no.1
• /
• pp.15-22
• /
• 2011

Usually time synchronization is performed after routing tree is constructed. This thesis proposes a time synchronization algorithm combined with single-flooding routing tree construction algorithm in a single path. TSRA (Time Synchronization Routing Algorithm) uses routing packets to construct a routing tree. Two types of time information are added to the routing packet: one is the packet receiving time, and the other is the packet sending time. Time offset and transmission time-delay between parent node and child node could be retrieved from the added time information using LTS (Lightweight Time Synchronization) algorithm. Then parent node sends the time offset and transmission time to children nodes and children nodes can synchronize their time to the parent node time along the routing tree. The performance of proposed algorithm is compared to the TPSN (Timing-sync Protocol for Sensor Networks) which is known to have high accuracy using NS2 simulation tool. The simulation result shows that the accuracy of time synchronization is comparable to TPSN, the synchronization time of all sensor nodes is faster than TPSN, and the energy consumption is less than TPSN.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.4
• /
• pp.2276-2291
• /
• 2017

Data protection of removable storage devices is an important issue in information security. Unfortunately, most existing data protection mechanisms are aimed at protecting computer platform which is not suitable for ultra-low-power devices. To protect the flash disk appropriately and efficiently, we propose a trust based USB flash disk, named UTrustDisk. The data protection technologies in UTrustDisk include data authentication protocol, data confidentiality protection and data leakage prevention. Usually, the data integrity protection scheme is the bottleneck in the whole system and we accelerate it by WH universal hash function and speculative caching. The speculative caching will cache the potential hot chunks for reducing the memory bandwidth pollution. We adopt the symmetric encryption algorithm to protect data confidentiality. Before mounting the UTrustDisk, we will run a trusted virtual domain based lightweight virtual machine for preventing information leakage. Besides, we prove formally that UTrustDisk can prevent sensitive data from leaking out. Experimental results show that our scheme's average writing throughput is 44.8% higher than that of NH scheme, and 316% higher than that of SHA-1 scheme. And the success rate of speculative caching mechanism is up to 94.5% since the access pattern is usually sequential.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.05a
• /
• pp.581-584
• /
• 2005

에이전트 시스템(agent system) 관련 기술은 이질적이고 분산된 환경에서 상호 운용성(interoperability)을 확보하기 위한 방법이 될 수 있다. 이런 에이전트 시스템의 국제 표준화를 진행해 나가고 있는 단체인 FIPA(Foundation for Intelligent Physical Agents)는 1996년 에 형성되었고, 이질적인 시스템간의 상호 운용성을 최대화하기 위해서 국제적으로 인정된 명세서를 정기적으로 발표하고 있다. 하지만 최근까지 FIPA 표준안은 모바일 ad-hoc네트워크와 같은 환경을 고려하지 못하고 있다. 이러한 환경에서 에이전트는 이질적인 네트워크들에서 제공하는 서비스들을 이용할 수 없다. 이러한 문제점에 초점을 맞추어 본 논문에서는 FIPA 표준을 참고하여 만든 FIPA-OS(Foundation for Intelligent Physical Agents Open Source) 를 수정한 에이전트 플랫폼을 제공한다. 우리는 이러한 에이전트 플랫폼을 이용하여 이질적인 환경에서 제공하는 서비스들에 대한 상호운용성과 에이전트 플랫폼 안에 DM(Discovery Middleware)을 추가하여 확장성을 보장한다. DM은 에이전트가 ad-hoc 네트워크 안에서 동작하는 서비스 디스커버리 기법들을 사용하여 서비스들을 찾고 생성할 수 있게 도와준다. 우리는 다양한 서비스 디스커버리 기법 중 UPnP (Universal Plug and Play)와 LSD (Lightweight Service Discovery Protocol)를 이용하여 DM을 구현하였다. UPnP는 UPnP 포럼에서 개발된 서비스 디스커버리를 위한 프로토콜의 집합이며 LSD는 우리가 만든 모바일 ad-hoc 네트워크에서 동작하는 새로운 서비스 디스커버리 프로토콜로 캐쉬 관리를 강조하여 개발하였다. 우리가 제안하는 DM을 이용하여 수정된 에이전트 플랫폼에서 UPnP와 LSD의 장비에서 제공되는 서비스들을 상호간 이용 할 수 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.6
• /
• pp.1311-1326
• /
• 2010

Peer-to-peer (P2P) networks consume the most bandwidth in the current Internet and file sharing accounts for the majority of the P2P traffic. Thus it is important for a P2P file sharing application to be efficient in bandwidth consumption. Bandwidth consumption as much as downloaded file sizes is inevitable, but those in file search and bad downloads, e.g. wrong, corrupted, or malicious file downloads, are overheads. In this paper, we target to reduce these overheads even in the presence of high volume of malicious users and their bad files. Sybil attacks are the example of such hostile environment. Sybil attacker creates a large number of identities (Sybil nodes) and unfairly influences the system. When a large portion of the system is subverted, either in terms of the number of users or the number of files shared in the system, the overheads due to the bad downloads rapidly increase. We propose ELiSyR, a file search protocol that can tolerate such a hostile environment. ELiSyR uses social networks for P2P file search and finds benign files in 71% of searches even when more than half of the users are malicious. Furthermore, ELiSyR provides similar success with less bandwidth than other general efforts against Sybil attacks. We compare our algorithm to SybilGuard, SybilLimit and EigenTrust in terms of bandwidth consumption and the likelihood of bad downloads. Our algorithm shows lower bandwidth consumption, similar chances of bad downloads and fairer distribution of computation loads than these general efforts. In return, our algorithm takes more rounds of search than them. However the time required for search is usually much less than the time required for downloads, so the delay in search is justifiable compared to the cost of bad downloads and subsequent re-search and downloads.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.661-666
• /
• 2016

The Internet of Things (IoT) is an infrastructure of physical objects that could be connected to the Internet. Most of these are low performance to ensure a reasonable cost for the smart physical objects. Thus, these devices usually use a lightweight messaging protocol: message queue telemetry transport with SSL/TLS. Cipher suites in device are fixed by default and selected based on preference in SSL/TLS. However, the selected cipher suite provides high security level more than expected. This limitation causes energy waste and overhead of devices. In order to counter this problem, we proposed fuzzy logic based cipher suite decision method to improve energy efficiency. Our proposed method saved 36.03% energy.