Seoung-Hyeon Lee

Secure firmware validation and update for consumer devices in home networking

Embedded systems are more than ever present in consumer electronics devices such as home routers, personal computers, smartphones, smartcards, various sensors to name a few. Firmware, which is embedded software specifically designed for monitoring and control in resource constrained conditions, was not a major attack target. However, recent serious cyber attacks focus on firmware rather than application or operating system levels, because exploiting the firmware level offers stealth capabilities, e.g., anti-virus software and operating system cannot reveal such a firmware level exploit. A firmware validation that ensures firmware integrity is thus required to detect firmware tempering attacks. A remote firmware update is also required for consumer devices connected to the Internet. In this paper, a secure firmware validation and update scheme is introduced for consumer devices in a home networking environment. The proposed scheme utilizes an IDbased mutual authentication and key derivation to securely distribute a firmware image. A firmware fragmentation with hash chaining is also applied to guarantee authenticity of the fragmented firmware image. Security analysis results are presented while considerations are discussed.

Protection Method for Data Communication between ADS-B Sensor and Next-Generation Air Traffic Control Systems

Communications, Navigation, Surveillance/Air Traffic Management (CNS/ATM) systems utilize digital technologies, satellite systems, and various levels of automation to facilitate seamless global air traffic management. Automatic Dependent Surveillance-Broadcast (ADS-B), the core component of CNS/ATM, broadcasts important monitoring information, such as the location, altitude, and direction of aircraft, to the ground. However, ADS-B data are transmitted in an unencrypted (or unprotected) communication channel between ADS-B sensors and Air Traffic Control (ATC). Consequently, these data are vulnerable to security threats, such as spoofing, eavesdropping, and data modification. In this paper, we propose a method that protects the ADS-B data transmitted between ADS-B sensors and ATC using Simple Public Key Infrastructure (SPKI) certificates and symmetric cryptography. The SPKI certificates are used to grant transmission authorization to the ADS-B sensors, while symmetric cryptography is used to encrypt/decrypt the ADS-B data transmitted between the ADS-B sensors and ATC. The proposed security framework comprises an ADS-B sensor authentication module, an encrypted data processing module, and an ADS-B sensor information management module. We believe that application of the proposed security framework to CNS/ATM will enable it to effectively obviate security threats, such as ground station flood denial, ground station target ghost injection, and ADS-B data modification.

The ADS-B Protection Method for Next-Generation Air Traffic Management System

ADS-B data is an important data to effectively utilize limited airspace as it contains main flight information including the location, altitude, speed, and others of plane but it is very vulnerable to hacking attack such as Ground Station Flood Denial, Ground Station Target Ghost Injection, etc. Therefore, the purpose of this study lies in proposing ground-to-ground security framework using SPKI certificate to protect ADS-B data received from the plane. In security framework proposed in this study, each ADS-B sensor connected to ATC is authenticated using SPKI certificate and creates encrypted ADS-B data using the authenticated data. Also, the verification on validity of transmission delayed ADS-B is conducted using timer information.

Indoor positioning method using BITON and linear Kalman filter

This study proposes an indoor positioning system using the BITON algorithm, a linear Kalman filter (LKF), and beacons. A beacon is an indoor positioning device that uses Bluetooth low-energy technology. Indoor location-based services that use existing beacons provide information to adjacent devices in specific areas, such as shopping and sightseeing locations. When indoor location-based services are active, and beacons are installed in many areas, space-based services become important. In space-based services, it is important to improve the accuracy of user locations, which are calculated using information from the beacon. In this paper, we propose a method for improving user positioning accuracy indoors using BITON and LKF. First, we analyze the characteristics of a beacon signal (with fading) and calculate a correction value for the received signal strength indication, from the predicted range. Because the beacon signal has nonlinear properties, the BITON algorithm is used to translate user movements into linear motion. The LKF algorithm uses the predicted user location and beacon coordinates to calculate the exact indoor location coordinates of a user. Additionally, when the proposed method is applied, indoor positioning results with mean errors of 0.504 and 0.6251 from the x- and y-coordinates can be confirmed.

The Traceback Method about DoS Attack in Open Grid Computing Environment

DoS attack is a critical threat to Grid Web service. Recently too many technologies of the detection and prevention have developed, but it is difficult that the IDS distinguishes normal traffic from the DoS attack. Therefore, when the DoS attack is detected by IDS, the firewall just discards all over-bounded traffic for a victim of absolutely decreases the threshold of the router. Also, attacker use spoofing IP address. So we introduce DoS vulnerability of SSO and SAML in Web service. To solve DoS vulnerability in Web service, we analyze DoS in SAML and introduce agent to prevent DoS attacks.

VO authentication framework in grid environment using digital signature

We suggest authentication scheme of resource group and protection scheme of RSL or resource information in Grid environment based on web services. At present, resource group composed of job request in Grid middleware has no scheme of itself to be authenticated what it is a set of legal resources. Because of using SSL, it also breaks out heavy overload on each process as the aspects of protection for RSL or resource information towards and away between each resource groups and users. In particular, implementation of Grid service based on web services works out no plan on an above essential point. This paper provides the efficient protection scheme of RSL or resource information transmitted through network and authentication scheme of resource group in web-service based Grid environment with relating XML-Signature and resource management system.

Fulltext-Image watermarking using improved DWT and HVS based on JPEG compression

As multimedia data and their applications are rapidly distributed on the Web, the research on watermark insertion and integrity vigorously increases. In this paper, discrete wavelet transformation dissolves an original image into the 3-levels of low, middle, and high bandwidths. Human visual system with the significant coefficients extracted from the middle obtains enhanced image quality and robustness using watermark insertion. In the end, experimental results show that various attacks cannot destroy pre-inserted watermark and recovered image is of good quality by measuring PSNR.

Design of the Model for Indoor Location Prediction Using IMU of Smartphone Based on Beacon

IPS (Indoor positioning system) is a system that measures the user’s position in the room. Since IPS can’t use GPS (Global Positioning System), various researches are under way focusing on indoor location accuracy. IPS may also be unable to measure indoors because of signal loss, blind spots, etc. To solve this problem, Beacon’s RSSI signal is linearized using BITON algorithm and Kalman filter is applied. In addition, the position is predicted even when the signal is lost by measuring the instantaneous direction and the moving distance using the sensor of the smartphone. Therefore, in this paper, we propose a room location prediction model that can improve user’s position accuracy and detect user’s position in case of signal loss using Beacon and smartphone sensor.

Designing System Model to Detect Malfunction of Gas Sensor in Laboratory Environment

Recently, the size of the chemical industry has been growing as well as investing a lot of time and resources to develop core technologies and cultivate human resources. As a result, the handling of chemicals is increasing and the risks are increasing. In particular, there is always the problem of the occurrence of chemical accidents due to the failure of control or management. To prevent this, a disaster detection system using sensors is actively under study. However, the gas sensor among the disaster detection sensors is malfunction due to the influence of the temperature and the humidity. Therefore, in this paper, we collect correlation data of temperature sensor and gas sensor to prevent this. After confirming the correlation through correlation analysis, we calculate regression coefficient by regression analysis and obtain regression equation that can extract sample values of gas sensor data and temperature sensor data. Through this formula, a threshold value that can detect the error value of the gas sensor data is obtained and applied to the decision tree to design a system that can detect the malfunction of the gas sensor according to the temperature change.

Development of a Physical Security Gateway for Connectivity to Smart Media in a Hyper-Connected Environment.

Due to the rapid technological growth of smart media and the rapid spread of convenience through increased convenience, most individuals have smart media, and many person information is stored on a server connected to smart media. As a result, there is always a risk of leakage of personal information, and there is a great need for a method of protecting the personal data of the server from the invasion of the server. In this paper, we propose a method of blocking the intrusion from the external through unidirectional communication method.