Seo Yeon Moon

An enhanced security framework for home appliances in smart home

Since the end of 2000, smartphones have explosively spread and have made people’s lives plentiful. With the start of smartphones, new smart devices, including tablet PCs, smart TVs, smart refrigerators, and smart air conditioners, have emerged, expanding their areas from individuals to business and home. These days, smart home service has drawn a lot of attention as a human-centric service. It is the environment where home appliances and other smart devices are connected to internet in order for user service and experience. The current smart home service is simply based on wireless home network to execute the function of connected home. The service has no smart home security so that it is possible for users to suffer a financial loss caused by information leakage or home appliance hacking. Therefore, to apply smart home service to surroundings, it is necessary to take into account security of smart devices. In this paper, we propose an enhanced security framework for smart devices in a smart home environment. The security framework provides the integrity system using the self-signing and access control techniques for preventing the security threats such as data modification, leakage and code fabrication.

CloudRPS: a cloud analysis based enhanced ransomware prevention system

Recently, indiscriminate ransomware attacks targeting a wide range of victims for monetary gains have become a worldwide social issue. In the early years, ransomware has used e-mails as attack method. The most common spreading method was through spam mail or harmful websites. In addition, social networking sites or smartphone messages are used. Ransomware can encrypt the user’s files and issues a warning message to the user and requests payment through bitcoin, which is a virtual currency that is hard to trace. It is possible to analyze ransomware but this has its limitations as new ransomware is being continuously created and disseminated. In this paper, we propose an enhanced ransomware prevention system based on abnormal behavior analysis and detection in cloud analysis system—CloudRPS. This proposed system can defend against ransomware through more in-depth prevention. It can monitors the network, file, and server in real time. Furthermore, it installs a cloud system to collect and analyze various information from the device and log information to defend against attacks. Finally, the goal of the system is to minimize the possibility of the early intrusion. And it can detect the attack quickly more to prevent at the user’s system in case of the ransomware compromises.

A comprehensive study on APT attacks and countermeasures for future networks and communications: challenges and solutions

Recently in the connected digital world, targeted attack has become one of the most serious threats to conventional computing systems. Advanced persistent threat (APT) is currently one of the most important threats considering the information security concept. APT persistently collects data from a specific target by exploiting vulnerabilities using diverse attack techniques. Many researchers have contributed to find approaches and solutions to fight against network intrusion and malicious software. However, only a few of these solutions are particularly focused on APT. In this paper, we introduce a structured study on semantic-aware work to find potential contributions that analyze and detect APT in details. We propose modeling phase that discusses the typical steps in APT attacks to collect the desired information by attackers. Our research explores social network and web infrastructure exploitation as well as communication protocols and much more for future networks and communications. The paper also includes some recent Zero-day attacks, use case scenarios and cyber trends in southeastern countries. To overcome these challenges and attacks, we introduce a detailed comprehensive literature evaluation scheme that classifies and provides countermeasures of APT attack behavior. Furthermore, we discuss future research direction of APT defense framework of next-generation threat life cycle.

S-Detector: an enhanced security model for detecting Smishing attack for mobile computing

Recently the mobile computing technology has been generally used to people with the development of the IT technology. The mobile computing environment has provided a convenient environment via the intelligent devices such as tablet PC, smartphone, etc. However, many security threats in the mobile computing environment exist. Therefore, secure elements to protect against security threats are needed. In particular, Short Message Service phishing (Smishing) damage has continued to increase with the normalization of mobile computing environment. We discuss and analyze the security considerations about Smishing in mobile computing environments. In addition, we propose an enhanced security model for detecting Smishing attack (we called “S-Detector”). The proposed model is applied to a Naive Bayes classifier to improve the Smishing attack detection in smart devices. This model distinguishes normal text message and Smishing message. And this is mainly used to filter by using statistical learning method. As a result, it is possible to analyze a text message and effectively detect SMS phishing. Finally, we demonstrate the efficiency of our model through the evaluation and analysis of our proposed model.

DFA-AD: a distributed framework architecture for the detection of advanced persistent threats

Advanced persistent threats (APTs) are target-oriented and advanced cyber-attacks which often leverage the bot control and customized malware techniques in order to control and remotely access valuable information. APTs generally use various attack techniques to gain access to the unauthorized system and then progressively spread throughout the network. The prime objectives of APT attacks are to steal intellectual property, legal documents, sensitive internal business and other data. If an attack is successfully launched on a system, the timely detection of attack is extremely important to stop APTs from further spreading and for mitigating its impact. On the other hand, internet of things (IoT) devices quickly become ubiquitous while IoT services become pervasive. Their prosperity has not gone unnoticed, and the number of attacks and threats against IoT devices and services are also increasing. Cyber-attacks are not new to IoT, but as the IoT will be deeply intertwined in our societies and lives, it becomes essential to take cyber defense seriously. In this paper, we propose a novel distributed framework architecture for the detection of APTs named as distributed framework architecture for APTs detection (DFA-AD), which is a promising basis for modern intrusion detection systems. In contrast to other approaches, the DFA-AD technique for detecting APT attack is based on multiple parallel classifiers, which classify the events in a distributed environment and event correlation among those events. Each classifier method is focused on detecting the APT’s attack technique independently. The evaluation results show that the proposed approach achieves greater effectiveness and accuracy.

The Study on Data of Smart Home System as Digital Evidence

The Internet of Things (IoT) presents many possibilities, including security and privacy issues. The Digital Forensics has long been studied in academia and industry, but forensics for smart home device has never been attempted. Smart home forensics deals with tools and techniques for recovering data and evidence from mobile devices. This paper describes a data acquisition, classification and analysis process of smart home devices using the IoT. It also includes analysis based on attack scenarios of collected data and smart home device forensic models suitable for such scenarios.

Telling Computer and Human Apart: Image-Sound Based CAPTCHA System

The Internet is one of important thing in an individual’s life and it has made a big changes. As many activities are performed by the Internet, we need specific system to prevent malicious Internet bot programs that take advantage of this convenience. Among them, security technology applying ‘Turing Test’ to distinguish whether a subject using a specific service is a human or machine is an important thing of security technology of computer science. A representative example is the CAPTCHA. However, the vulnerability was revealed by various studies and cases. For this reason, we propose a new user authentication method using sound and image.

i-SHSS: An IoT Based Smart Home Security System

Smart homes are increasing their popularity as the most promising application of Internet of Things (IoT). Security has becoming an important issue in smart home. There are many security threats and challenges present in smart home. To overcome these security issues, we proposed security system architecture for home automation system. The architecture is divided into three parts: management platform, secure home gateway, and home controller. The proposed system fulfills the security goals such as user and device authentication, protecting communication, and different attacks.

Safe-Driving Aid System Using Bi-directional Cameras

An accident occurs if you are driving drowsy on a highway or if you are not looking ahead in the school zone. In this paper, we propose ‘safe driving aid system. To do this, two cameras are used. One camera recognizes the driver’s face and eyes, and the other camera recognizes the Pedestrian in front of the driver. This makes it possible to prevent pedestrian accidents and sleepy driving accidents in advance.

Security Requirements and Countermeasures for Secure Home Network in Internet of Things

The home network share the data with each other to configure a network after connecting many devices that wired or wireless in the home. Recently the home network has increased as internet of things service extension. But this is not achieved strong security because due to this, each device has the function deterioration problem in home network. Therefore it is necessary to determine the wired or wireless network security vulnerabilities and countermeasures to prevention for cybercrime privacy leakage. In this paper analyzes the factors of home network vulnerabilities and middleware security in internet of things. Also it presents a security vulnerability improvement.