Theproliferation of Internet of Things(IoT)devices introduces substantial security challenges.Currently,privacy constitutes a significant concern for individuals.While maintaining privacy within these systems is an es...Theproliferation of Internet of Things(IoT)devices introduces substantial security challenges.Currently,privacy constitutes a significant concern for individuals.While maintaining privacy within these systems is an essential characteristic,it often necessitates certain compromises,such as complexity and scalability,thereby complicating management efforts.The principal challenge lies in ensuring confidentiality while simultaneously preserving individuals’anonymity within the system.To address this,we present our proposed architecture for managing IoT devices using blockchain technology.Our proposed architecture works on and off blockchain and is integrated with dashcams and closed-circuit television(CCTV)security cameras.In this work,the videos recorded by the dashcams and CCTV security cameras are hashed through the InterPlanetary File System(IPFS)and this hash is stored in the blockchain.When the accessors want to access the video,they must pass through multiple authentications which include web token authentication and verifiable credentials,to mitigate the risk of malicious users.Our contributions include the proposition of the framework,which works on the single key for every new video,and a novel chaincode algorithm that incorporates verifiable credentials.Analyses are made to show the system’s throughput and latency through stress testing.Significant advantages of the proposed architecture are shown by comparing them to existing schemes.The proposed architecture features a robust design that significantly enhances the security of blockchain-enabled Internet of Things(IoT)deviceswhile effectively mitigating the risk of a single point of failure,which provides a reliable solution for security concerns in the IoT landscape.Our future endeavors will focus on scaling the system by integrating innovative methods to enhance security measures further.展开更多
The proliferation of Internet of Things(IoT)devices has established edge computing as a critical paradigm for real-time data analysis and low-latency processing.Nevertheless,the distributed nature of edge computing pr...The proliferation of Internet of Things(IoT)devices has established edge computing as a critical paradigm for real-time data analysis and low-latency processing.Nevertheless,the distributed nature of edge computing presents substantial security challenges,rendering it a prominent target for sophisticated malware attacks.Existing signature-based and behavior-based detection methods are ineffective against the swiftly evolving nature of malware threats and are constrained by the availability of resources.This paper suggests the Genetic Encoding for Novel Optimization of Malware Evaluation(GENOME)framework,a novel solution that is intended to improve the performance of malware detection and classification in peripheral computing environments.GENOME optimizes data storage and computa-tional efficiency by converting malware artifacts into compact,structured sequences through a Deoxyribonucleic Acid(DNA)encoding mechanism.The framework employs two DNA encoding algorithms,standard and compressed,which substantially reduce data size while preserving high detection accuracy.The Edge-IIoTset dataset was used to conduct experiments that showed that GENOME was able to achieve high classification performance using models such as Random Forest and Logistic Regression,resulting in a reduction of data size by up to 42%.Further evaluations with the CIC-IoT-23 dataset and Deep Learning models confirmed GENOME’s scalability and adaptability across diverse datasets and algorithms.The potential of GENOME to address critical challenges,such as the rapid mutation of malware,real-time processing demands,and resource limitations,is emphasized in this study.GENOME offers comprehensive protection for peripheral computing environments by offering a security solution that is both efficient and scalable.展开更多
Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metav...Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.展开更多
When aWindows-based system is used for an exceedingly long time,its performance degrades,and the error occurrence rate tends to increase.This is generally called system aging.To investigate the reasons for system agin...When aWindows-based system is used for an exceedingly long time,its performance degrades,and the error occurrence rate tends to increase.This is generally called system aging.To investigate the reasons for system aging,various studies have been conducted within the range of the operating system kernel to the user application.However,finding an accurate reason for system performance degradation remains challenging research topic.In this study,system monitoring was conducted by dividing a system into‘before software installation,’‘after software installation,’and‘after software removal.’We confirmed that when a software installed in a system is removed,various system elements,such as storage and memory,are not restored to the level prior to the software installation.Consequently,we established a hypothesis regarding the performance degradation of a computer system owing to repeated software installation/removal operations,investigated the correlation between system aging and repeated software installation/removal operations,and proposed a system aging analysis framework for analyzing the reason behind system aging.In the proposed system aging analysis framework,we aim to forcibly age a Windows-based system by repeating the software installation/removal operation by utilizing the system forced aging module.The framework identifies the elements affecting system performance through a differential data analysis of the system time-series data extracted by the system performance extraction and system component snapshot modules.Consequently,the aging analysis framework presented in this study is expected to be effectively utilized as an index for studying system aging.展开更多
Industrial Control System(ICS),which is based on Industrial IoT(IIoT),has an intelligent mobile environment that supports various mobility,but there is a limit to relying only on the physical security of the ICS envir...Industrial Control System(ICS),which is based on Industrial IoT(IIoT),has an intelligent mobile environment that supports various mobility,but there is a limit to relying only on the physical security of the ICS environment.Due to various threat factors that can disrupt the workflow of the IIoT,machine learning-based anomaly detection technologies are being presented;it is also essential to study for increasing detection performance to minimize model errors for promoting stable ICS operation.In this paper,we established the requirements for improving the anomaly detection performance in the IIoT-based ICS environment by analyzing the related cases.After that,we presented an improving method of the performance of a machine learning model specialized for IIoT-based ICS,which increases the detection rate by applying correlation coefficients and clustering;it provides a mechanism to predict thresholds on a per-sequence.Likewise,we adopted the HAI dataset environment that actively reflected the characteristics of IIoT-based ICS and demonstrated that performance could be improved through comparative experiments with the traditional method and our proposed method.The presented method can further improve the performance of commonly applied error-based detection techniques and includes a primary method that can be enhanced over existing detection techniques by analyzing correlation coefficients between features to consider feedback between ICS components.Those can contribute to improving the performance of several detection models applied in ICS and other areas.展开更多
One of the latest technologies enabling remote control,operational efficiency upgrades,and real-time big-data monitoring in an industrial control system(ICS)is the IIoT-Cloud ICS,which integrates the Industrial Intern...One of the latest technologies enabling remote control,operational efficiency upgrades,and real-time big-data monitoring in an industrial control system(ICS)is the IIoT-Cloud ICS,which integrates the Industrial Internet of Things(IIoT)and the cloud into the ICS.Although an ICS benefits from the application of IIoT and the cloud in terms of cost reduction,efficiency improvement,and real-time monitoring,the application of this technology to an ICS poses an unprecedented security risk by exposing its terminal devices to the outside world.An adversary can collect information regarding senders,recipients,and prime-time slots through traffic analysis and use it as a linchpin for the next attack,posing a potential threat to the ICS.To address this problem,we designed a network traffic obfuscation system(NTOS)for the IIoT-Cloud ICS,based on the requirements derived from the ICS characteristics and limitations of existing NTOS models.As a strategy to solve this problem wherein a decrease in the traffic volume facilitates traffic analysis or reduces the packet transmission speed,we proposed an NTOS based on packet scrambling,wherein a packet is split into multiple pieces before transmission,thus obfuscating network analysis.To minimize the ICS modification and downtime,the proposed NTOS was designed using an agentbased model.In addition,for the ICS network traffic analyzer to operate normally in an environment wherein the NTOS is applied,a rule-based NTOS was adopted such that the actual traffic flow is known only to the device that is aware of the rule and is blocked for attackers.The experimental results verified that the same time requested for response and level of difficulty of analysis were maintained by the application of an NTOS based on packet scrambling,even when the number of requests received by the server per second was reduced.The network traffic analyzer of the ICS can capture the packet flow by using the pre-communicated NTOS rule.In addition,by designing an NTOS using an agent-based model,the impact on the ICS was minimized such that the system could be applied with short downtime.展开更多
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)(Project Nos.RS-2024-00438551,30%,2022-11220701,30%,2021-0-01816,30%)the National Research Foundation of Korea(NRF)grant funded by the Korean Government(Project No.RS-2023-00208460,10%).
文摘Theproliferation of Internet of Things(IoT)devices introduces substantial security challenges.Currently,privacy constitutes a significant concern for individuals.While maintaining privacy within these systems is an essential characteristic,it often necessitates certain compromises,such as complexity and scalability,thereby complicating management efforts.The principal challenge lies in ensuring confidentiality while simultaneously preserving individuals’anonymity within the system.To address this,we present our proposed architecture for managing IoT devices using blockchain technology.Our proposed architecture works on and off blockchain and is integrated with dashcams and closed-circuit television(CCTV)security cameras.In this work,the videos recorded by the dashcams and CCTV security cameras are hashed through the InterPlanetary File System(IPFS)and this hash is stored in the blockchain.When the accessors want to access the video,they must pass through multiple authentications which include web token authentication and verifiable credentials,to mitigate the risk of malicious users.Our contributions include the proposition of the framework,which works on the single key for every new video,and a novel chaincode algorithm that incorporates verifiable credentials.Analyses are made to show the system’s throughput and latency through stress testing.Significant advantages of the proposed architecture are shown by comparing them to existing schemes.The proposed architecture features a robust design that significantly enhances the security of blockchain-enabled Internet of Things(IoT)deviceswhile effectively mitigating the risk of a single point of failure,which provides a reliable solution for security concerns in the IoT landscape.Our future endeavors will focus on scaling the system by integrating innovative methods to enhance security measures further.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)(Project Nos.RS-2024-00438551,30%,2022-11220701,30%,2021-0-01816,30%)the National Research Foundation of Korea(NRF)grant funded by the Korean Government(Project No.RS2023-00208460,10%).
文摘The proliferation of Internet of Things(IoT)devices has established edge computing as a critical paradigm for real-time data analysis and low-latency processing.Nevertheless,the distributed nature of edge computing presents substantial security challenges,rendering it a prominent target for sophisticated malware attacks.Existing signature-based and behavior-based detection methods are ineffective against the swiftly evolving nature of malware threats and are constrained by the availability of resources.This paper suggests the Genetic Encoding for Novel Optimization of Malware Evaluation(GENOME)framework,a novel solution that is intended to improve the performance of malware detection and classification in peripheral computing environments.GENOME optimizes data storage and computa-tional efficiency by converting malware artifacts into compact,structured sequences through a Deoxyribonucleic Acid(DNA)encoding mechanism.The framework employs two DNA encoding algorithms,standard and compressed,which substantially reduce data size while preserving high detection accuracy.The Edge-IIoTset dataset was used to conduct experiments that showed that GENOME was able to achieve high classification performance using models such as Random Forest and Logistic Regression,resulting in a reduction of data size by up to 42%.Further evaluations with the CIC-IoT-23 dataset and Deep Learning models confirmed GENOME’s scalability and adaptability across diverse datasets and algorithms.The potential of GENOME to address critical challenges,such as the rapid mutation of malware,real-time processing demands,and resource limitations,is emphasized in this study.GENOME offers comprehensive protection for peripheral computing environments by offering a security solution that is both efficient and scalable.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)(Project Nos.2022-0-00701,10%,RS-2023-00228996,10%,RS-2022-00165794,10%)the ICTR&DProgram of MSIT/IITP(ProjectNo.2021-0-01816,10%)a National Research Foundation of Korea(NRF)grant funded by the Korean Government(Project No.RS2023-00208460,60%).
文摘Nowadays,theuse of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes.Therefore,the Avatar and Metaverse are being developed with a new theory,application,and design,necessitating the association of more personal data and devices of targeted users every day.This Avatar and Metaverse technology explosion raises privacy and security concerns,leading to cyber attacks.MV-Honeypot,or Metaverse-Honeypot,as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities,should be developed.To fill this gap,we study user’s engagements with Avatars in Metaverse,analyze possible security vulnerabilities,and create a model named Simplified Avatar Relationship Association with Non-linear Gradient(SARANG)that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper.We also determine the most significant threat for each component’s cyberattacks that will affect user data and Avatars.As a result,the commercial off-the-shelf(COTS)of the MV-Honeypot must be established.
基金This work was supported by the ICT R&D program of MSIT/IITP(Project No.2021-0-01816,A Research on Core Technology of Autonomous Twins for Metaverse,10%)National Research Foundation of Korea(NRF)(Project No.NRF-2020R1A2C4002737,90%)grants funded by the Korean government。
文摘When aWindows-based system is used for an exceedingly long time,its performance degrades,and the error occurrence rate tends to increase.This is generally called system aging.To investigate the reasons for system aging,various studies have been conducted within the range of the operating system kernel to the user application.However,finding an accurate reason for system performance degradation remains challenging research topic.In this study,system monitoring was conducted by dividing a system into‘before software installation,’‘after software installation,’and‘after software removal.’We confirmed that when a software installed in a system is removed,various system elements,such as storage and memory,are not restored to the level prior to the software installation.Consequently,we established a hypothesis regarding the performance degradation of a computer system owing to repeated software installation/removal operations,investigated the correlation between system aging and repeated software installation/removal operations,and proposed a system aging analysis framework for analyzing the reason behind system aging.In the proposed system aging analysis framework,we aim to forcibly age a Windows-based system by repeating the software installation/removal operation by utilizing the system forced aging module.The framework identifies the elements affecting system performance through a differential data analysis of the system time-series data extracted by the system performance extraction and system component snapshot modules.Consequently,the aging analysis framework presented in this study is expected to be effectively utilized as an index for studying system aging.
基金This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(No.NRF-2020R1A2C1012187,50%)the Nuclear Safety Research Program through the Korea Foundation of Nuclear Safety(KoFONS)using the financial resource granted by the Nuclear Safety and Security Commission(NSSC)of the Republic of Korea(No.2101058,25%)+1 种基金the Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-00493)5G Massive Next Generation Cyber Attack Deception Technology Development,25%).
文摘Industrial Control System(ICS),which is based on Industrial IoT(IIoT),has an intelligent mobile environment that supports various mobility,but there is a limit to relying only on the physical security of the ICS environment.Due to various threat factors that can disrupt the workflow of the IIoT,machine learning-based anomaly detection technologies are being presented;it is also essential to study for increasing detection performance to minimize model errors for promoting stable ICS operation.In this paper,we established the requirements for improving the anomaly detection performance in the IIoT-based ICS environment by analyzing the related cases.After that,we presented an improving method of the performance of a machine learning model specialized for IIoT-based ICS,which increases the detection rate by applying correlation coefficients and clustering;it provides a mechanism to predict thresholds on a per-sequence.Likewise,we adopted the HAI dataset environment that actively reflected the characteristics of IIoT-based ICS and demonstrated that performance could be improved through comparative experiments with the traditional method and our proposed method.The presented method can further improve the performance of commonly applied error-based detection techniques and includes a primary method that can be enhanced over existing detection techniques by analyzing correlation coefficients between features to consider feedback between ICS components.Those can contribute to improving the performance of several detection models applied in ICS and other areas.
基金This work was supported by the Defense Acquisition Program Administration and Agency for Defense Development under the contract UD210029TD.
文摘One of the latest technologies enabling remote control,operational efficiency upgrades,and real-time big-data monitoring in an industrial control system(ICS)is the IIoT-Cloud ICS,which integrates the Industrial Internet of Things(IIoT)and the cloud into the ICS.Although an ICS benefits from the application of IIoT and the cloud in terms of cost reduction,efficiency improvement,and real-time monitoring,the application of this technology to an ICS poses an unprecedented security risk by exposing its terminal devices to the outside world.An adversary can collect information regarding senders,recipients,and prime-time slots through traffic analysis and use it as a linchpin for the next attack,posing a potential threat to the ICS.To address this problem,we designed a network traffic obfuscation system(NTOS)for the IIoT-Cloud ICS,based on the requirements derived from the ICS characteristics and limitations of existing NTOS models.As a strategy to solve this problem wherein a decrease in the traffic volume facilitates traffic analysis or reduces the packet transmission speed,we proposed an NTOS based on packet scrambling,wherein a packet is split into multiple pieces before transmission,thus obfuscating network analysis.To minimize the ICS modification and downtime,the proposed NTOS was designed using an agentbased model.In addition,for the ICS network traffic analyzer to operate normally in an environment wherein the NTOS is applied,a rule-based NTOS was adopted such that the actual traffic flow is known only to the device that is aware of the rule and is blocked for attackers.The experimental results verified that the same time requested for response and level of difficulty of analysis were maintained by the application of an NTOS based on packet scrambling,even when the number of requests received by the server per second was reduced.The network traffic analyzer of the ICS can capture the packet flow by using the pre-communicated NTOS rule.In addition,by designing an NTOS using an agent-based model,the impact on the ICS was minimized such that the system could be applied with short downtime.
