• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.581-584
• /
• 2004

Currently, there are many subscriber access networks: PSTN, ADSL, Cellular Network, IMT200 and so on. To these service providers that provide above network service, it is important that they authenticate and authorize legal subscribers and account for their usage. At present, There exist the several protocols that Support AAA(Authentication, Authorization and Accounting) service : RADIUS, Diameter, TACACS+. Nowadays, RADIUS has used for AAA service widely. It has been extended to support other access network environment. So, we extend RADIUS to support environment of Mobile IPv6. Mobile IPv6 uses IPsec as a security mechanism, basically. But, IPsec is a heavy security technology for small, portable, mobile device. Especially, it is serious at IKE, the subset of IPsec. IKE is a key distribution protocol that distributes the key to the endpoints of IPsec. In t:lis paper, we extend RADIUS to support environment of Mobile IPv6 and simplify the IKE phase of IPsec by AAA system distributing the keys by using its security communication channel. Namely, we propose the key distribution method for IPsec SA establishment between mobile node and home agent. The suggested method was anticipated to be effective at low-power, low computing deyice. Finally, end users feel the faster authentication.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.10
• /
• pp.101-110
• /
• 2009

The 6LoWPAN(IPv6 Low-power Wireless Personal Area Network) performs IPv6 header compression, TCP/UDP/IGMP header compression, packet fragmentation and re-assemble to transmit IPv6 packet over IEEE 802,15.4 MAC/PHY. However, from the point of view of security. It has the existing security threats issued by IP packet fragmenting and reassembling, and new security threats issued by 6LoWPAN packet fragmenting and reassembling would be introduced additionally. If fragmented packets are retransmitted by replay attacks frequently, sensor nodes will be confronted with the communication disruption. This paper analysis security threats introduced by 6LoWPAN fragmenting and reassembling, and proposes a re-transmission mechanism that could minimize re-transmission to be issued by replay attacks. Re-transmission procedure and fragmented packet structure based on the 6LoWPAN standard(RFC4944) are designed. We estimate also re-transmission delay of the proposed mechanism. The mechanism utilizes timestamp, nonce, and checksum to protect replay attacks. It could minimize reassemble buffer overflow, waste of computing resource, node rebooting etc., by removing packet fragmentation and reassemble unnecessary.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.7
• /
• pp.181-188
• /
• 2008

Nowadays, WiMAX which provides internet service with a middle and low speed serves more function and is wider than Wi-Fi. While they solve the security risks as subscribers do handover by subscriber's re-certification procedure as the Network range is getting wider, there are more security problems making the problems of electric-power consumption and delay. This paper suggests a handover mechanism which simplify the subscriber's re-certification procedure and prevents a security problem as doing handover for solving the problem of delay and the rate of processing. The mechanism can cooperate with PKI structure to increase flexibility and security and minimize network re-entry procedure or re-certification procedure by providing continual service. As a result. the mechanism's throughput as the number of subscribers is lower than IEEE 802.16e and the mechanism proves that it is secure from the attack of man-in-the-middle and reply as doing handover.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.2B
• /
• pp.184-194
• /
• 2011

Security is critically important for smart grid networks that are usually used for the electric power network and IT environments that are opened to attacks, such as, eavesdropping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for smart grid networks. ZigBee is used for low data rate and low power wireless network applications. To deploy smart grid networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• Journal of the Korea Society of Computer and Information
• /
• v.16 no.4
• /
• pp.101-110
• /
• 2011

A smart grid networks delivers electricity from suppliers to consumers using digital technology with two-way communications to control appliances at consumers' homes to save energy, reduce cost and increase reliability and transparency. Security is critically important for smart grid networks that are usually used for the electric power network and IT environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for smart grid networks. ZigBee is used for low data rate and low power wireless network applications. To deploy smart grid networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• Journal of Communications and Networks
• /
• v.16 no.4
• /
• pp.363-370
• /
• 2014

Despite several years of intense research, the security and cryptography in wireless sensor networks still have a number of ongoing problems. This paper describes how identification (ID)-based node authentication can be used to solve the key agreement problem in a three-layer interaction. The scheme uses a novel security mechanism that considers the characteristics, architecture, and vulnerability of the sensors, and provides an ID-based node authentication that does not require expensive certificates. The scheme describes the routing process using a simple ID suitable for low power and ID exposure, and proposes an ID-based node authentication. This method achieves low-cost communications with an efficient protocol. Results from this study demonstrates that it improves routing performance under different node densities, and reduces the computational cost of key encryption and decryption.

• Journal of Information Processing Systems
• /
• v.18 no.1
• /
• pp.59-74
• /
• 2022

During the last decade, the security of digital images has received considerable attention in various multimedia transmission schemes. However, many current cryptosystems tend to adopt a single-layer permutation or diffusion algorithm, resulting in inadequate security. A hierarchical bilateral diffusion architecture for color image encryption is proposed in response to this issue, based on a hyperchaotic system and DNA sequence operation. Primarily, two hyperchaotic systems are adopted and combined with cipher matrixes generation algorithm to overcome exhaustive attacks. Further, the proposed architecture involves designing pixelpermutation, pixel-diffusion, and DNA (deoxyribonucleic acid) based block-diffusion algorithm, considering system security and transmission efficiency. The pixel-permutation aims to reduce the correlation of adjacent pixels and provide excellent initial conditions for subsequent diffusion procedures, while the diffusion architecture confuses the image matrix in a bilateral direction with ultra-low power consumption. The proposed system achieves preferable number of pixel change rate (NPCR) and unified average changing intensity (UACI) of 99.61% and 33.46%, and a lower encryption time of 3.30 seconds, which performs better than some current image encryption algorithms. The simulated results and security analysis demonstrate that the proposed mechanism can resist various potential attacks with comparatively low computational time consumption.

• Journal of Internet Computing and Services
• /
• v.23 no.4
• /
• pp.95-107
• /
• 2022

With the rapid development of Internet of Things sensor devices and big data processing techniques, Internet of Things sensor-based information systems have been applied in various industries. Depending on the industry in which the information systems are applied, the accuracy of the information derived can affect the industry's efficiency and safety. Therefore, security techniques that protect sensing data from security attacks and enable information systems to derive accurate information are essential. In this paper, we examine security threats targeting each processing step of an Internet of Things sensor-based information system and propose security mechanisms for each security threat. Furthermore, we present an Internet of Things sensor-based information system structure that is robust to security attacks by integrating the proposed security mechanisms. In the proposed system, by applying lightweight security techniques such as a lightweight encryption algorithm and obfuscation-based data validation, security can be secured with minimal processing delay even in low-power and low-performance IoT sensor devices. Finally, we demonstrate the feasibility of the proposed system by implementing and performance evaluating each security mechanism.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.6
• /
• pp.33-41
• /
• 2018

The idea of the Internet of Things as a platform on the Smart Campus has become increasingly popular. It requires an infrastructure consisting of communication networks, sensor nodes and gateways to connect to the Internet. Each sensor node is responsible for gathering data from the environment. This document outlines a network of wireless sensors on the Internet for the application of Smart Campus monitoring. Wireless sensor network Monitoring have become a complete solution to using a low power implementation and integrated systems. The numerous restrictions however result from the low communication range, the limited computing power, the lack of availability of the network protocol, the lack of programming security and the security failures in the areas of confidentiality, integrity and availability. A new security technique and its functionality for WSNM nodes developed. Development in the research of a secure network and suggestions for avoiding denial of service (DOS) and complexity attacks. These systems if properly implemented can provide an energy efficiency mechanism through pre-allocation and a new key from key management models with a secure routine algorithm.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.6
• /
• pp.2739-2742
• /
• 2012

6LoWPAN is a standard to enable IPv6 packets to be carried on top of low power wireless networks. It needs to achieve security in 6LoWPAN, which is being defined at the 6LoWPAN working group of the IETF. IPSec is already part of IPv6, which makes it a candidate to be directly employed or adapted for WSNs. Some results showed that the adoption of IPSec is viable, and also point towards the successful design and deployment of security architecture for WSNs. IPSec requires two communicating entities to share a secret key that is typically established dynamically with the IKE. However, there are some limitations to use IKE on wireless networks. In this article, we show requirements for being Efficient Key management Mechanism for IPSec on 6LoWPAN and analyze candidate protocols.