• Journal of Internet of Things and Convergence
• /
• v.2 no.2
• /
• pp.15-20
• /
• 2016

MicroSoft Windows 10 IoT version, released in August 2015, successfully drew consumer interest by introducing the familiar Windows into the IoT market, and enabled an easier system construction of IoT web servers. Meanwhile, overdiagnosis has recently emerged as a controversy in medical society. Establishment of communication between IoT servers and medical devices will send treatment results to users and activate communication between hospitals, greatly reducing this problem. The IoT server, with its limited resources, utilizes lightweight protocols that do not generate traffic and are easy to use. This paper proposes IoT networks which will enable medical devices to easily provide ubiquitous environments to their users, through utilization of the lightweight Simple Service Discovery Protocol (SSDP) and the secure Extensible Messaging and Presence Protocol (XMPP).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.955-963
• /
• 2022

The Internet of Things (IoT), combined with various technologies, is rapidly becoming an integral part of our daily life. While it is rapidly taking root in society, security considerations are relatively insufficient, making it a major target for cyber attacks. Since all devices in the IoT environment are connected to the Internet and are closely used in daily life, the damage caused by cyber attacks is also serious. Therefore, encryption communication using a network security protocol must be considered for a service in a more secure IoT environment. A representative network security protocol includes TLS (Transport Layer Protocol) defined by the IETF. This paper analyzes the performance measurement results for TLS version 1.2 and version 1.3 in an IoT device open platform environment to predict the load of TLS, a representative network security protocol, in IoT devices with limited resource characteristics. In addition, by analyzing the performance of each major cryptographic algorithm in version 1.3, we intend to present a standard for setting appropriate network security protocol properties according to IoT device specifications.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.975-990
• /
• 2020

Nowadays, the Internet of Things (IoT) network, is increasingly becoming a ubiquitous connectivity between different advanced applications such as smart cities, smart homes, smart grids, and many others. The emerging network of smart devices and objects enables people to make smart decisions through machine to machine (M2M) communication. Most real-world security and IoT-related challenges are vulnerable to various attacks that pose numerous security and privacy challenges. Therefore, IoT offers efficient and effective solutions. intrusion detection system (IDS) is a solution to address security and privacy challenges with detecting different IoT attacks. To develop an attack detection and a stable network, this paper's main objective is to provide a comprehensive overview of existing intrusion detections system for IoT environment, cyber-security threats challenges, and transparent problems and concerns are analyzed and discussed. In this paper, we propose software-defined IDS based distributed cloud architecture, that provides a secure IoT environment. Experimental evaluation of proposed architecture shows that it has better detection and accuracy than traditional methods.

• Journal of Convergence for Information Technology
• /
• v.10 no.7
• /
• pp.7-13
• /
• 2020

IoT which is the core IT of the 4^th industrial revolution, is providing various services from users in the conversion with other industries. The IoT convergence technology is leading the communication paradigm of communication environment in accordance with the increase of convenience for users. However, it is urgently needed to establish the security measures for the rapidly-developing IoT convergence technology. As IoT is closely related to digital ethics and personal information protection, other industries should establish the measures for coping with threatening elements in accordance with the introduction of IoT. In case when security incidents occur, there could be diverse problems such as information leakage, damage to image, monetary loss, and casualty. Thus, this paper suggests a certificate management technique for safe control over access in IoT-based Cloud convergence environment. This thesis designed the device/user registration, message communication protocol, and device renewal/management technique. On top of performing the analysis on safety in accordance with attack technique and vulnerability, in the results of conducting the evaluation of efficiency compared to the existing PKI-based certificate management technique, it showed about 32% decreased value.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.7
• /
• pp.183-194
• /
• 2018

With the rapid development of IoT(Internet of Things) technology, various convenient services such as smart home and smart city have been realized. However, IoT devices in unmanned environments are exposed to various security threats including eavesdropping and data forgery, information leakage due to unauthorized access. To build a secure IoT environment, it is necessary to use proper cryptographic technologies to IoT devices. But, it is impossible to apply the technologies applied in the existing IT environment, due to the limited resources of the IoT devices. In this paper, we survey the classification of IoT devices according to the performance and analyze the security requirements for IoT devices. Also we survey and analyze the use of cryptographic technologies in the current status of IoT open standard platform such as AllJoyn, oneM2M, IoTivity. Based on the research of cryptographic usage, we examine whether each platform satisfies security requirements. Each IoT open platform provides cryptographic technology for supporting security services such as confidentiality, integrity, authentication an authorization. However, resource constrained IoT devices such as blood pressure monitoring sensors are difficult to apply existing cryptographic techniques. Thus, it is necessary to study cryptographic technologies for power-limited and resource constrained IoT devices in unattended environments.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5692-5716
• /
• 2019

One of the best means to safeguard the confidentiality, security, and privacy of an image within the IoT-Cloud is through encryption. However, looking through encrypted data is a difficult process. Several techniques for searching encrypted data have been devised, but certain security solutions may not be used in IoT-Cloud because such solutions are not lightweight. We propose a lightweight scheme that can perform a content-based search of encrypted images, namely EEIRI. In this scheme, the images are represented using local features. We develop and validate a secure scheme for measuring the Euclidean distance between two descriptor sets. To improve the search efficiency, we employ the k-means clustering technique to construct a searchable tree-based index. Our index construction process ensures the privacy of the stored data and search requests. When compared with more familiar techniques of searching images over plaintexts, EEIRI is considered to be more efficient, demonstrating a higher search cost of 7% and a decrease in search accuracy of 1.7%. Numerous empirical investigations are carried out in relation to real image collections so as to evidence our work.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.262-265
• /
• 2017

IoT 환경에서 사용되는 프로토콜 중 IETF의 CoRE 워킹 그룹에서 채택한 IoT 프로토콜 CoAP가 표준으로 사용되고 있으며 IoT 인증 프로토콜에 대한 연구도 활발하게 이루어지고 있다. CoAP 프로토콜은 저전력, 저용량 메모리 등의 제한된 환경에서 IoT 센서 디바이스들 간의 통신을 지원한다. CoAP 프로토콜은 안전성을 제공하기 위해 DTLS와 함께 사용되는데, 점점 경량화 되어가는 IoT 환경에서 오버헤드가 존재하는 DTLS에 대해 개선되어야 할 사항들이 존재한다. 이를 개선하기 위해 DTLS의 문제점을 해결하기 위한 여러 연구들이 진행되고 있으며, 본 논문에서는 LESS 인증기법을 분석하고 이를 기반으로 보다 향상된 효율성을 제공하는 기법을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.855-858
• /
• 2015

최근 IoT에 대한 관심이 증가되면서 IoT 환경에서 다양한 서비스가 개발되고 있다. IoT를 통해 사물에 센서 혹은 액츄에이터 등 다양한 IT기술을 적용하여 사람과 사물, 공간이 통신을 하게 된다. IoT는 다양한 산업 분야에 적용되고 있으며 우리 생활과 밀접한 영역인 스마트 홈 분야에서도 시장 활성화가 진행되고 있다. 하지만 스마트 홈 환경에서는 인증되지 않은 사용자와 스마트 디바이스를 통한 해킹 및 악성코드 감염 등 다양한 보안 위협이 발생하게 된다. 이를 해결하기 위해 본 논문에서는 IoT 환경에 적합하도록 효율적이며 사용자, 스마트 홈을 연결하는 홈 게이트웨이, 스마트 홈 내의 스마트 디바이스 간 상호 인증을 제공하는 안전하고 효율적인 상호 인증 기법을 제안한다.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.1-7
• /
• 2021

An amazing growth in the field of Internet of Things (IoT) and Blockchain based smart cities from both industry and academia has been witnessed in the recent years. There are many smart applications such as intelligent transportation, smart banking, improving the life style of citizen, energy consumption and managing the waste in the city, handling home needs are supporting the Smart city concept. These applications are profoundly supported by the advanced technologies like Blockchain as well as IoT in the recent past. Smart cities can be supported by the Blockchain core concepts such as secure, transparent, decentralized and immutable nature. Still, Blockchain and IoT technologies implementation in smart cities are in their early stages and significant research efforts are desirable to integrate them. This review article explores the roles and responsibilities of Blockchain and IoT in building smart cities.

• International Journal of Computer Science & Network Security
• /
• v.23 no.11
• /
• pp.110-116
• /
• 2023

Data confidentiality refers to the characteristic that information kept undisclosed or hidden from unauthorized parties. It considered a key security requirement in current supply chain management (SCM) systems. Currently, academia and industry tend to adopt blockchain and IoT technologies in order to develop efficient and secure SCM systems. However, providing confidential data sharing among these technologies is quite challenging due to the limitations associated with blockchain and IoT devices. This review paper illustrates the importance of preserving data confidentiality in SCM systems by highlighting the state of the art on confidentiality-preserving methodologies in the context of blockchain based IoT-SCM systems and the challenges associated with it.