• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.8
• /
• pp.329-342
• /
• 2017

Recently, interest and investment in the Internet of Things (IoT) have increased significantly, and security issues are constantly being raised. As a solution, the IETF ACE Working Group is establishing the ACE framework standard, which is a new security framework for various constrained IoT environments based on the existing OAuth 2.0. However, additional work is required to apply the ACE framework, which proposes a new lightweight security system, to the existing Internet environment, and this additional cost is a factor that hinders the application of OAuth 2.0 to the IOT environment. Therefore, we propose an IoT authentication framework based on OAuth 2.0's existing development motivation, and implement a proposal framework based on CoAPthon and analyze its performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.12 no.11
• /
• pp.2031-2038
• /
• 2008

A small-area and high-speed authentication/security processor (WUSB_Sec) IP is designed, which performs the 4-way handshake protocol for authentication between host and device, and data encryption/decryption of wireless USB system. The PRF-256 and PRF-64 are implemented by CCM (Counter mode with CBC-MAC) operation, and the CCM is designed with two AES (Advanced Encryption Standard) encryption coles working concurrently for parallel processing of CBC mode and CTR mode operations. The AES core that is an essential block of the WUSB_Sec processor is designed by applying composite field arithmetic on AF$(((2^2)^2)^2)$. Also, S-Box sharing between SubByte block and key scheduler block reduces the gate count by 10%. The designed WUSB_Sec processor has 25,000 gates and the estimated throughput rate is about 480Mbps at 120MHz clock frequency.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.11 no.1
• /
• pp.206-215
• /
• 2007

Ad-Hoc network technology is a mobile internet technology of the future that will be used widely not only in Mobile Network but also in Wireless Personal Area Network (WPAN) and Ubiquitous Network For this to occur, distributed routing protocol design, loop prevention for link information reduction in overhead for control messages and route restoration algorithm must be improved or complemented. Security techniques that can guarantee safe com-munication between Ad-Hot nodes net also be provided. This study proposes and evaluates a new authentication mechanism for MANET. The mechanism segregates the roles of certification authority to keep with the dynamic mobility of nodes and handle rapid and random topological changes with minimal over-head. That is, this model is characterized by its high expandability that allows the network to perform authentication service without the influence of joining and leaving nodes. The efficiency and security of this concept was evaluated through simulation.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.95-102
• /
• 2008

The next generation network preparation of stock computer network designated to facilities and goal facilities-based national main information communication certainly necessary for 'national competitiveness enhancement and national economic strength elevations'. This paper studies current government policy and network, security and securities computer network, and substitute for securities computer network-based the existing SONET/SDH, and next generation securities computer network designs so as to provide ALL-IP service-based MPLS for international GMG service. Set up stability, standardization, security, a basis of and compare is current next generation securities computer network by each bases in case of designs. Analyze an expected effect to have been improved at next generation stock computer network characteristics and merits and substitution width and QoS, communication instrument liquor, an information protection system etc. too. Result of research of this paper will contribute to national competitiveness enhancement and a national economic strength elevation to accomplish u-Korea.

• Journal of Convergence for Information Technology
• /
• v.9 no.1
• /
• pp.92-98
• /
• 2019

Due to the development of hologram display technology, various studies are being conducted to provide realistic contents for augmented reality. In the case of the HMD for hologram, since augmented reality objects must be rendered by a small processor, it is necessary to use a low-capacity content. To solve this problem, there is a need for a technique of rendering resources by providing resources through a network. In the case of the existing augmented reality system, there is no problem of contents modulation because the resources are loaded and rendered in the internal storage space. However, when providing resources through the network, security problems such as content tampering and malicious code insertion should be considered. Therefore, in this paper, we propose a network rendering technique applying security techniques to provide augmented reality contents in a holographic HMD device.

• Journal of Digital Convergence
• /
• v.16 no.11
• /
• pp.303-312
• /
• 2018

The purpose of this study is to design the easy payment service research model and to find the influencing effect on the intention for the reuse of easy payment service by analysing the factors such as the social influence, the promotion condition, the security and the convenience as UTAUT model has. Also the research model employs the trust and the user satisfaction as parameters. The result shows that even though people feel the trust due to the convenience by the social influence, it has a negative influence on the user satisfaction if the risk recognized in the easy payment service and the weakness in the security are anticipated. The results of this study are academically meaningful as they established the research model for the easy payment service and the theoretical basis of the easy payment service area; they have provided the various practical implications.

• Journal of Information Processing Systems
• /
• v.15 no.4
• /
• pp.865-889
• /
• 2019

The need for cyber resilience is increasingly important in our technology-dependent society where computing devices and data have been, and will continue to be, the target of cyber-attackers, particularly advanced persistent threat (APT) and nation-state/sponsored actors. APT and nation-state/sponsored actors tend to be more sophisticated, having access to significantly more resources and time to facilitate their attacks, which in most cases are not financially driven (unlike typical cyber-criminals). For example, such threat actors often utilize a broad range of attack vectors, cyber and/or physical, and constantly evolve their attack tactics. Thus, having up-to-date and detailed information of APT's tactics, techniques, and procedures (TTPs) facilitates the design of effective defense strategies as the focus of this paper. Specifically, we posit the importance of taxonomies in categorizing cyber-attacks. Note, however, that existing information about APT attack campaigns is fragmented across practitioner, government (including intelligence/classified), and academic publications, and existing taxonomies generally have a narrow scope (e.g., to a limited number of APT campaigns). Therefore, in this paper, we leverage the Cyber Kill Chain (CKC) model to "decompose" any complex attack and identify the relevant characteristics of such attacks. We then comprehensively analyze more than 40 APT campaigns disclosed before 2018 to build our taxonomy. Such taxonomy can facilitate incident response and cyber threat hunting by aiding in understanding of the potential attacks to organizations as well as which attacks may surface. In addition, the taxonomy can allow national security and intelligence agencies and businesses to share their analysis of ongoing, sensitive APT campaigns without the need to disclose detailed information about the campaigns. It can also notify future security policies and mitigation strategy formulation.

• Convergence Security Journal
• /
• v.21 no.2
• /
• pp.29-35
• /
• 2021

UART (Universal asynchronous receiver/transmitter) is a hardware device that converts data into serial format and transmits it, and is widely used for system diagnosis and debugging in most embedded systems. Hackers can access system memory or firmware by using the functions of UART, and can take over the system by acquiring administrator rights of the system. In this paper, we studied secure UART to protect against hacker attacks through UART. In the proposed scheme, only authorized users using the promised UART communication protocol are allowed to access UART and unauthorized access is not allowed. In addition, data is encrypted and transmitted to prevent protocol analysis through sniffing. The proposed UART technique was implemented in an embedded Linux system and performance evaluation was performed.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.741-744
• /
• 2009

In this paper, we design and implement an illegal entry detection system which efficiently can detect illegal intruders applying image processing technique on the perceived value of the infrared sensor and acquired image from two-way wireless camera(DRC) for prevention of damage caused by theft and the ratio of security in the security of the square such as livestock, agricultural products, and logistics warehouse. At first, the proposed system acquires the image from wireless camera when infrared sensor detect the location of illegal intruders. and then, the system process to determine movement by applying image process technique with acquired image. Finally, we send the detected and analyzed the results and the final image to security company and mobile device of owner.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.85-96
• /
• 2003

Wireless LAM in itself is vulnerable to eavesdropping and modification attack, and thus, IEEE 802.11i and IEEE 802. 1x/1aa have been defined to secure the wireless channel. These protocols accompanied by RADIUS and EAP-TLS provide users of wireless LAM with integrity and confidentiality services, and also they perform authentication and access control of wireless ports. In this paper, we suggest a method to implement accounting session using authentication session of IEEE 802. 1x and accounting state machine is designed with the accounting session. Also, we propose a key exchange mechanism to establish secure channel between stations and an access point. The mechanism is designed to be inter-operable with IEEE 802. 1aa.