• The KIPS Transactions:PartA
• /
• v.17A no.5
• /
• pp.237-248
• /
• 2010

UPnP(Universal Plug and Play) is a middleware of DLNA (Digital Living Network Alliance) services a home network. UPnP supports the connections between each other devices in networks and also provides service discovery and advertisement with SSDP(Simple Service Discovery Protocol), which is generally designed for wired networks. SSDP operates on multicasting discovery request and advertisement and unicasting a reply in networks. It is a challenge issue for service discovery protocol such as SSDP to provide a stable and effective service in wireless ad-hoc networks. Wired based service discovery protocol does not consider the dynamics of wireless ad-hoc network. In that case, the nodes are freely in or out. Therefore, this paper proposes a flexible SSDP(fSSDP) which is a peer-to-peer(P2P) discovery protocol adopted for wireless ad-hoc Networks. It is implemented on the extension of SSDP. fSSDP supports a functionality that the broadcast area of service discovery dynamically changes with the periodically updated area of advertisement. It is good for reducing messaging overhead caused from the broadcast flooding of service discovery in wireless ad-hoc network.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4599-4617
• /
• 2018

Abusing the Simple Server Discovery Protocol (SSDP) can induce an SSDP attack (including SSDP DoS, DDoS, DRDoS) posing a significant threat to UPnP devices. Rapid and extensive developments in computer technology, especially in regards to IoT, have made Upnp devices an indispensable part of our daily lives - but also render them susceptible to a variety of SSDP attacks without suitable countermeasures. This paper proposes the Two-dimensional table scheme, which provides high security at a reasonable computational cost. The feasibility and effectiveness of the proposed scheme are also validated by comparison against four other schemes (Stateless connections, Failing-together, Cookie, and Client puzzle).

• Journal of Convergence for Information Technology
• /
• v.7 no.2
• /
• pp.1-9
• /
• 2017

Recently, the DDoS attack using the amplifier method makes it difficult to distinguish the normal traffic from the normal server and it is difficult to detect even the attack detection. Since the SSDP protocol is a common protocol widely used in IoT devices, it is used as a DDoS amplification attack. In this paper, we analyze the reflector attack of SSDP which is one of the DDoS and suggest a technical proposal to detect and defend against the attack by managing the Mac address of each device. Also, we propose a control structure to protect the reflection attack of SSDP in Home IoT. The efficiency of the proposed system has been verified by performing an experimental attack on the virtual environment.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2021.05a
• /
• pp.108-110
• /
• 2021

Since 2015, attacks using the IoT protocol have been continuously reported. Among various IoT protocols, attackers attempt DDoS attacks using SSDP(Simple Service Discovery Protocol), and as statistics of cyber shelters, Korea has about 1 million open SSDP servers. Vulnerable SSDP servers connected to the Internet can generate more than 50Gb of traffic and the risk of attack increases gradually. Until recently, distributed denial of service attacks and distributed reflective denial of service attacks have been a security issue. Accordingly, the purpose of this study is to analyze the request packet of the existing SSDP protocol to identify an amplification attack and to avoid a response when an amplification attack is suspected, thereby preventing network load due to the occurrence of a large number of response packets due to the role of traffic reflection amplification.

• Journal of the Korea Convergence Society
• /
• v.7 no.4
• /
• pp.33-38
• /
• 2016

DDoS attack has been continuously utilized that caused the excessively large amount of traffic that network bandwidth or server was unable to deal with paralyzing the service. Most of the people regard NTP as the biggest cause of DDoS. However, according to recently executed DDoS attack, there have been many SSDP attack in the use of amplified technique. According to characteristics of SSDP, there is no connection for making a forgery of source IP address and amplified resources feasible. Therefore, it is frequently used for attack. Especially, as it is mostly used as a protocol for causing DDoS attack on IoT devices that constitute smart home including a wireless router, media server, webcam, smart TV, and network printer. Hereupon, it is anticipated for servers of attacks to gradually increase. This might cause a serious threat to major information of human lives, major government bodies, and company system as well as on IoT devices. This study is intended to identify DDoS attack techniques in the use of weakness of SSDP protocol occurring in IoT devices and attacking scenario and counter-measures on them.

• Journal of the Korea Convergence Society
• /
• v.12 no.5
• /
• pp.9-16
• /
• 2021

Due to the prolonged infectious disease of COVID-19 worldwide, there are various security threats due to network attacks on Internet of Things devices that are vulnerable to telecommuting. Initially, users of Internet of Things devices were exploited for vulnerabilities in Remote Desktop Protocol, spear phishing and APT attacks. Since then, the technology of network attacks has gradually evolved, exploiting the simple service discovery protocol of Internet of Things devices, and DRDoS attacks have continued to increase. Existing SSDPs are accessible to unauthorized devices on the network, resulting in problems with information disclosure and amplification attacks on SSDP servers. To compensate for the problem with the authentication procedure of existing SSDPs, we propose a hash-based SSDP that encrypts server-specific information with hash and adds authentication fields to both Notify and M-Search message packets to determine whether an authorized IoT device is present.

• Journal of the Korean earth science society
• /
• v.39 no.2
• /
• pp.154-163
• /
• 2018

Geoacoustic model comprises physical and acoustic properties of submarine bottom layers influencing sound transmission through sea water and underwater. This study suggested for the first time that we made a geoacoustic model of long-coring bottom layers at the SSDP-105 drilling site of the Ulsan coastal area, which is located in the southwestern inner shelf of the East Sea. The geoacoustic model of 52 m depth below seafloor with three-layer geoacoustic units was reconstructed in the coastal sedimentary strata at 79 m in water depth. The geoacoustic model was based on the data of a deep-drilled sediment core of SSDP-105 and sparker seismic profiles in the study area. For actual modeling, the geoacoustic property values of the models were compensated to in situ depth values below the sea floor using the Hamilton modeling method. We suggest that the geoacoustic model be used for geoacoustic and underwater acoustic experiments of mid- and low-frequency reflecting on the deep bottom layers in the Ulsan coastal area of the East Sea.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.2
• /
• pp.30-36
• /
• 2007

The UPnP uses the same standard protocol as SSDP and UDP based on standard internet and technology like the TCP/IP, and is independent of other physical networking product. But the structure of the UPnP has the of vulnerability to the security countermeasure for home-networking technology since it is operated on the same protocol as the SSDP and UDP. In this paper, we analyze and report against the DoS attack, where the worm virus, using the vulnerability to the UPnP, eliminates the attack of all equipments that are based on networking and eliminates the information belonging to the equipments of the home-networking or transmits the massive data.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.280-282
• /
• 2016

오늘날 IoT 사물기기들의 사용 범위가 늘어나면서 해커들은 IoT 기기에서 네트워크상의 서비스 및 정보검색의 기능을 하는 프로토콜인 SSDP의 취약점을 악용하여 SSDP DRDoS(분산 반사 서비스 거부) 공격이라는 새로운 형태의 공격을 만들어 공격을 시도하고 있다. 이는 단순히 우리 생활에서 쓰이는 IoT 기기의 위협뿐만 아니라 사람의 생명이나 주요 기반시설 등에서 사용되어지는 IoT기기들의 공격으로 이어지면 큰 위험을 나타낼 수 있다. 앞으로 IoT기기들이 점차 증가되어 생활에 편리함과 실용성을 가지고 오는 반면에 해커들은 더욱더 교묘하고 복잡하게 공격을 시도를 할 것이다. 특히 본 논문에서는 DRDoS의 몇 가지 공격방법을 알아보고 그중에 IoT 기기에서 사용되어지는 SSDP프로토콜의 관련연구 및 공격방법들을 알아보고 공격시나리오 및 대응방안을 제안한다.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2004.05b
• /
• pp.272-276
• /
• 2004

이수기와 같이 장기적인 관점에서 저수지운영을 해야 하는 관리자는 해당 기간동안의 이익을 최대화하는 전략을 필요로 한다. 이를 위해서는 미래 유입량의 불확실성을 고려한 최적화 모형에 근거한 운영률을 수립해야 할 것이다. 본 연구에서는 금강수계의 이수기를 대상으로 추계학적 최적화 기법인 표본 추계학적 동적계획법(Sampling Stochastic Dynamic Programming)을 적용하여 최적 연계운영 시스템을 개발하였다. 본 연구를 통해 개발된 모형은 상용프로그램인 CSUDP와의 비교를 통해 검증되었으며 이를 기반으로 과거자료를 이용한 SSDP/Hist모형과 앙상블 유량예측(Ensemble Streamflow Prediction)을 이용한 SSDP/ESP모형을 개발하여 두 모형의 장${\cdot}$단점을 비교 분석하였다. 발전부분은 두 모형이 비슷하였으나 용수공급 측면에서는 SSDP/ESP가 SSDP/Hist 보다 우수함을 알 수 있었다.