Abstract: Disclosed are an apparatus and a method for Internet of Things (IoT) device security. The method includes unifying a port in a first IoT device for communication, receiving, by the first IoT device, a packet from a second IoT device through the port, identifying whether the packet in the first IoT device is in a preset packet form, verifying content of the packet in the first IoT device when the packet is in the preset packet form, and opening the port for providing a service in the first IoT device when the verifying of the packet content is successful.

Abstract: Provided are an apparatus and method for performing remote attestation by taking into account mobility. The method includes obtaining, by each node constituting a network, a remote attestation result value by performing self-remote attestation, obtaining, by each of the nodes, remote attestation result values from the other nodes by broadcasting the obtained remote attestation result value to at least one neighboring node, and monitoring, by each of the nodes, remote attestation of each of the nodes on the basis of the obtained remote attestation result values of the nodes.

Abstract: Disclosed herein are an apparatus for determining a device group to be isolated using similarity of features between devices and a method using the apparatus. The method includes generating device groups in consideration of respective features of all devices, generating a security threat device group based on devices in which a security threat has occurred, among all of the devices, calculating the cosine similarity between the security threat device group and all of the device groups, and determining at least one device group to be isolated, among all of the device groups, in consideration of the cosine similarity.

Abstract: Disclosed are an apparatus and a method for Internet of Things (IoT) device security. The method includes unifying a port in a first IoT device for communication, receiving, by the first IoT device, a packet from a second IoT device through the port, identifying whether the packet in the first IoT device is in a preset packet form, verifying content of the packet in the first IoT device when the packet is in the preset packet form, and opening the port for providing a service in the first IoT device when the verifying of the packet content is successful.

Abstract: Disclosed herein are an apparatus and method for managing remote attestation. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may request a gateway to verify the integrity of devices connected with the gateway, receive a verification result about whether the integrity of the devices is damaged from the gateway, identify a device, the integrity of which is damaged, using the verification result, perform detailed integrity verification on the device, the integrity of which is damaged, in order to identify an object, the integrity of which is damaged, and perform an operation for responding to the object, the integrity of which is damaged.

Abstract: Disclosed herein are a dynamic segmentation apparatus and method for preventing a spread of a security threat. The dynamic segmentation apparatus includes one or more processors and execution memory for storing at least one program executed by the processors, wherein the program is configured to register feature information of a first device, which is a target for which a security threat is to be managed, generate a first segment from the feature information of the first device, receive security threat information from an external system, extract feature information of a second device, in which a security threat has occurred, from the security threat information, perform clustering on the feature information of the second device using at least one clustering algorithm, generate at least one segment set by identifying segments from clustering results, and determine a security threat segment based on an inclusion relationship between segments in the segment set.

Abstract: Disclosed herein are an apparatus and method for providing sensor data in a sensor device based on a blockchain. A method for providing sensor data in a sensor device based on a blockchain may include creating a device record using encrypted device identification information, registering the device record in the blockchain, creating an event record using event information collected from a sensor, registering the header of the event record, including information about a link to the device record, in the blockchain, and distributing the body of the event record, the body being linked to the header of the event record.

Abstract: Disclosed is an electronic device including a shielding member. The electronic device includes a substrate having an electric element mounted thereon; a shield can mounted on the electric element and including an opening formed at a part facing the electric element; a shielding member mounted around a part in which the opening is formed on an outer surface of the shield can, and electrically connected to the shield can; a metal plate mounted on the shielding member, with the opening covered, and electrically connected to the shielding member; and a heat conductive member mounted in the opening and interposed between the electric element and the metal plate, and in contact with the electric element and the metal plate.

Abstract: A communication method and an IoT device in a multi-MAC (Media Access Control)-operating environment. The communication method in the multi-MAC-operating environment, including synchronous MAC and asynchronous MAC, includes periodically transmitting, by the IoT device included in the multi-MAC-operating environment, a first message to a first device; determining, by the IoT device, whether to transmit a second message; transmitting, by the IoT device, a preamble packet to a second device, to which the second message is to be transmitted, when the second message is determined to be transmitted; and transmitting, by the IoT device, the second message to the second device.

Abstract: A method and an apparatus for device security verification utilizing a virtual trusted computing base are provided. The validity of a key for decryption is verified by a secure memory loader running on a processor of a device after booting of the device which is a computing device, and if the key is valid, encrypted firmware stored in a memory of the device is decrypted using the key to verify the confidentiality of the firmware. Then, the security memory loader verifies the authentication and integrity of the firmware by comparing a signature value generated for the decrypted firmware with an existing signature value.

Abstract: Disclosed herein are an apparatus and method for detecting a malicious device based on swarm intelligence. The method includes detecting a malicious device by causing at least one exploration ant to access a device swarm along movement routes in which pheromone trail values are taken into consideration, wherein the exploration ant is generated in response to a detection request received from a security management server, when the at least one exploration ant detects a suspicious device that is suspected to be a malicious device, causing the exploration ant to return along the movement routes in reverse order, and returning pheromone trail values generated by devices on the return movement routes to a malicious device detection apparatus, and identifying whether the suspicious device is the malicious device by calculating an optimal solution based on a local information set generated by aggregating the pheromone trail values returned for movement routes.

Abstract: An apparatus and method for managing meter data. The apparatus for managing meter data includes a metering unit for acquiring meter data from a target device based on time information; a communication unit for receiving a message including the time information from a server device and transmitting the meter data to the server device; and a security unit for creating a private key using the time information and encrypting the meter data using the private key.

Abstract: Provided is an apparatus and method for security control that is capable of preventing a security threat from spreading on the basis of a security control policy established for each device (or a device group) in a network infrastructure environment, such as IoT. In a network infrastructure including a service server, a gateway, and a device, the apparatus and method for security control, in response to detecting a security threat, such as distributed denial of service (DDoS) attacks, malicious code propagation, or the like, perform a security control and a security control release on a device in which the security threat has occurred and/or a device group having an identical or similar property to the device to prevent the security threat from spreading and block the security threat in an early stage.

Abstract: A method for security of an Internet of things (IoT) device includes transmitting, by a server, a key value determined based on a reliability level of a user device and a key identification (ID) of the key value to the user device, encrypting, by the user device, a command representing a service requested by a user by using the key value and transmitting the encrypted command and the key ID to the IoT device, and extracting, by the IoT device, the key value corresponding to the key ID received from the user device from pre-stored key list information, decrypting the encrypted command by using the extracted key value, executing the decrypted command to generate information requested by the user, encrypting the generated information by using the extracted key value, and transmitting the encrypted information to the user device.

Abstract: A communication method and an IoT device in a multi-MAC (Media Access Control)-operating environment. The communication method in the multi-MAC-operating environment, including synchronous MAC and asynchronous MAC, includes periodically transmitting, by the IoT device included in the multi-MAC-operating environment, a first message to a first device; determining, by the IoT device, whether to transmit a second message; transmitting, by the IoT device, a preamble packet to a second device, to which the second message is to be transmitted, when the second message is determined to be transmitted; and transmitting, by the IoT device, the second message to the second device.

Abstract: Disclosed herein is an apparatus for supporting authentication between devices, which includes a certificate information storage unit for storing certificate data of a first terminal for managing a certificate; a communication unit for receiving a request for a certificate of the first terminal, which uses a signature value and certificate-related information corresponding to the first terminal, from a second terminal and returning information corresponding to a valid certificate of the first terminal to the second terminal in order to enable the second terminal to authenticate the first terminal; and a certificate verification unit for verifying whether a certificate of the first terminal is valid.

Abstract: Disclosed herein are a fixed-location Internet-of-Things (IoT) device for protecting secure storage access information and a method for protecting secure storage access information of the fixed-location IoT device.

Abstract: A split resonator and a printed circuit board (PCB) including the same are disclosed. The split resonator is mounted to one side of the PCB to improve the electromagnetic shielding effect, and absorbs a radiation field emitted to the outer wall of the PCB. The PCB includes: a substrate on which one or more electronic components are populated; a dielectric substrate mounted to one side of the substrate; one pair of conductors provided in the dielectric substrate, spaced apart from the substrate in a thickness direction of the substrate by a predetermined distance, and arranged to face each other; and a connection portion configured to interconnect the one pair of conductors, and arranged in parallel to the thickness direction of the substrate.