Recently, numerous service discovery protocols have been introduced in the open literature. Unfortunately, many of them did not consider security issues, and for those that did, many security and privacy problems still remain. One important issue is to protect the privacy of a service provider while enabling an end-user to search an alternative service using multiple keywords. To deal with this issue, the existing protocols assumed that a directory server should be trusted or owned by each service provider. However, an adversary may compromise the directory server due to its openness property. In this paper, we suggest an efficient verification of service subscribers to resolve this issue and analyze its performance and security. Using this method, we propose an efficient and secure service discovery protocol protecting the privacy of a service provider while providing multiple keywords search to an end-user. Also, we provide performance and security analysis of our protocol.

With the proliferation of smart grids and the construction of various electric IT systems and networks, a next-generation substation automation system (SAS) based on IEC 61850 has been agreed upon as a core element of smart grids. However, research on security vulnerability analysis and quantification for automated substations is still in the preliminary phase. In particular, it is not suitable to apply existing security vulnerability quantification approaches to IEC 61850-based SAS because of its heterogeneous characteristics. In this paper, we propose an IEC 61850-based SAS network modeling and evaluation approach for security vulnerability quantification. The proposed approach uses network-level and device groupings to categorize the characteristic of the SAS. In addition, novel attack scenarios are proposed through a zoning scheme to evaluate the network model. Finally, an MTTC (Mean Time-to-Compromise) scheme is used to verify the proposed network model using a sample attack scenario.

In the past, the security of industrial control systems was guaranteed by their obscurity. However, as devices of industrial control systems became more varied and interaction between these devices became necessary, effective management systems for such networks emerged. This triggered the need for cyber-physical systems that connect industrial control system networks and external system networks. The standards for the protocols in industrial control systems explain security functions in detail, but many devices still use nonsecure communication because it is difficult to update existing equipment. Given this situation, a number of studies are being conducted to detect attacks against industrial control system protocols, but these studies consider only data payloads without considering the case that industrial control systems' availability is infringed owing to packet reassembly failures. Therefore, with regard to the DNP3 protocol, which is used widely in industrial control systems, this paper describes attacks that can result in packet reassembly failures, proposes a countermeasure, and tests the proposed countermeasure by conducting actual attacks and recoveries. The detection of a data payload should be conducted after ensuring the availability of an industrial control system by using this type of countermeasure.

Recent Location Based Services (LBS) extend not only information services such as car navigation services, but supporting various applications such as augmented reality and emergency services in ubiquitous computing environments. However location based services in the ubiquitous computing environment bring several security issues such as location privacy and forgery. While the privacy of the location based service is considered as the important security issue, security against location forgery is less considered. In this paper, we propose improved Han et al.'s protocol [1] that provides more lightweight computation. Our proposed model also improves the credibility of LBS by deploying multiple location sensing technologies.

Recently wireless sensor networks (WSN) has risen as one of the advanced candidate technologies in order to provide more efficient structure health monitoring (SHM) solution in construction sites. In this paper, we proposed WSN monitoring framework in building sites based on 3D visualization and Augmented Reality (AR) in mobile devices. The proposed system applies 3D visualization and AR technology to camera-enabled mobile devices in WSN environment in order to gather much more information than before. Based on the proposed system, we made an experiment to validate the effectiveness of 3D and AR mode using collected data in IEEE 802.15.4-based WSN.

In this letter, we propose an energy efficient hybrid architecture, the Hybrid MAC-based Robust Architecture (HMR), for wireless sensor networks focusing on MAC layer's scheduling and adaptive security suite as a security sub layer. A hybrid MAC layer with TDMA and CSMA scheduling is designed to prolong network life time, and the multi-channel TDMA based active/sleep scheduling is presented. We also present the security related functionalities needed to employ a flexible security suite to packets dynamically. Implementation and testbed of the proposed framework based on IEEE 802.15.4 are shown as well.

In this paper, we establish our child safety system model related to the addressing contradictory issue of wireless sensor networks caused by the mutual authentication and privacy protection of an end-user. Based on the system model, we propose the novel location-aware and privacy-preserving approach for providing child safety over wireless sensor networks. Although we illustrate our protocol over the sensor networks, the proposed protocol can be operated by various wireless networks (e.g., WiFi and UWB) which can support RSSI (Received Signal Strength Indication). Compared to a few previous works, the proposed approach can show the potential of enhancing accuracy with location information, preserve the privacy of an end-user, and provide the capability of controlling the child safety service to an end-user.

The VoIP-based Internet Phonesystem is now seen as one of the killer applications in the high speed and broadband internet environment. Given the wide-spread use of the Internet Phone, it is necessary to provide security services for guaranteeing users' privacy. However, providing security service in Internet Phone has the possibility of incurring additional overheads such as call setup delay time. In this paper, we present a one-way key agreement model based on VoIP in order to reduce call setup time as well as protecting user privacy. The proposed approach decreases the delay time of the call setup in comparison with the previous models because our model enables the key generation in caller side without waiting the response from the receiver.