KR20170072629A - Home Network System and Driving Method Thereof - Google Patents

Home Network System and Driving Method Thereof Download PDF

Info

Publication number
KR20170072629A
KR20170072629A KR1020150181039A KR20150181039A KR20170072629A KR 20170072629 A KR20170072629 A KR 20170072629A KR 1020150181039 A KR1020150181039 A KR 1020150181039A KR 20150181039 A KR20150181039 A KR 20150181039A KR 20170072629 A KR20170072629 A KR 20170072629A
Authority
KR
South Korea
Prior art keywords
traffic
network
information
generated
home network
Prior art date
Application number
KR1020150181039A
Other languages
Korean (ko)
Other versions
KR101767211B1 (en
Inventor
오송현
Original Assignee
주식회사 시큐아이
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 시큐아이 filed Critical 주식회사 시큐아이
Priority to KR1020150181039A priority Critical patent/KR101767211B1/en
Publication of KR20170072629A publication Critical patent/KR20170072629A/en
Application granted granted Critical
Publication of KR101767211B1 publication Critical patent/KR101767211B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Technology Law (AREA)
  • Automation & Control Theory (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention relates to a home network system capable of improving security reliability.
A home network system according to an embodiment of the present invention includes: a connection unit connected to a network; A traffic generator connected to the connection via the network; A storage unit in which traffic that may be generated in the network is stored as traffic information; And a server for comparing traffic generated in the network with traffic information stored in the storage and blocking or allowing the traffic corresponding to the comparison result.

Description

[0001] Home Network System and Driving Method Thereof [0002]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a home network system and a driving method thereof, and more particularly, to a home network system and a driving method thereof that can improve security reliability.

The home network is mainly constructed in the home, and connects sensors, electronic products, computers, and the like using a wired / wireless network. When a home network is established in the home, a user can control devices connected to the home network by using a terminal (e.g., a cellular phone).

Since the technology of the home network is developed based on the existing technology, the external threats of the related art can be reflected in the home network environment. In addition, there are various and complex threats when constructing a home network that can be accessed anytime, anywhere, any device, any media.

In fact, the home network is a service that provides convenience in the center of life. For example, when a home network is hacked, problems such as privacy invasion, exposure of personal information, and theft of personal information may occur.

Accordingly, there is a need for a method for increasing the reliability of security in the construction of a home network.

Accordingly, the present invention relates to a home network system and a driving method thereof, which can improve security reliability.

A home network system according to an embodiment of the present invention includes: a connection unit connected to a network; A traffic generator connected to the connection via the network; A storage unit in which traffic that may be generated in the network is stored as traffic information; And a server for comparing traffic generated in the network with traffic information stored in the storage and blocking or allowing the traffic corresponding to the comparison result.

According to an embodiment, the server permits the traffic when the traffic generated in the network is included in the traffic information, and otherwise blocks the traffic.

According to an embodiment, the traffic generation device includes at least one of a sensor for collecting environmental information and an electronic product that can be connected to the network.

A method of driving a home network system according to an exemplary embodiment of the present invention includes storing traffic that may be generated in a network in a storage unit as traffic information, detecting traffic generated in the network, Comparing the information with the information, and blocking or allowing the traffic corresponding to the comparison result.

According to an exemplary embodiment of the present invention, the step of storing the traffic information may include collecting the traffic generated in the network, removing duplicated traffic among the traffic, In the storage unit.

According to an embodiment, the traffic is allowed when the traffic is included in the traffic information, and otherwise, the traffic is blocked.

Determining whether to store the traffic as the traffic information in the storage unit when the traffic is not included in the traffic information according to an embodiment of the present invention.

According to the home network system and the driving method thereof according to the embodiment of the present invention, it is possible to block traffic excluding traffic set in advance, thereby improving reliability of security.

1 is a diagram illustrating a home network system according to an embodiment of the present invention.
2 is a diagram illustrating a process of storing traffic information in a home network system according to an embodiment of the present invention.
3 is a diagram illustrating a driving method according to the first embodiment of the home network system of the present invention.
4 is a diagram illustrating a driving method according to a second embodiment of the home network system of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made in detail to embodiments of the present invention and other details necessary for those skilled in the art to understand the present invention with reference to the accompanying drawings. However, the present invention may be embodied in many different forms within the scope of the appended claims, and therefore, the embodiments described below are merely illustrative, regardless of whether they are expressed or not.

That is, the present invention is not limited to the embodiments described below, but may be embodied in various forms. It is to be noted that, in the drawings, the same constituent elements are denoted by the same reference numerals and symbols as possible even if they are shown in different drawings.

1 is a diagram illustrating a home network system according to an embodiment of the present invention.

Referring to FIG. 1, a home network system according to an embodiment of the present invention includes sensors 100, electronic products 110, and a connection unit 120.

The sensors 100 are connected to the connection unit 120 by a network and collect environmental information of the installed place. To this end, the sensors 100 may include a security sensor 100a, a humidity sensor 100b, an optical sensor 100c, and a temperature sensor 100d.

The security sensor 100a is located in the digital door lock and can detect whether the door is open or closed. The humidity sensor 100b can collect humidity information of the installed place. The optical sensor 100c can collect the illumination information of the installed place. The temperature sensor 100d can collect temperature information of the installed place. The environmental information collected from the sensors 100 is transmitted to the connection unit 120 via the network. Here, the network may be set as a wired network and / or a wireless network (e.g., Wi-Fi).

The electronic products 110 are connected to the connection unit 120 by a network. To this end, the electronics 110 may be configured with various devices that can be connected to the connection 120 by a network. For example, the electronic products 110 may include a smart refrigerator 110a and a smart TV 110b. The sensors 100 and the electronic products 110 are connected to the network to generate traffic, and will be hereinafter referred to as the traffic generating devices 100 and 110.

In FIG. 1, only the sensors 100 and the electronic products 110 are shown as the traffic generation devices 100 and 110 for convenience of explanation, but the present invention is not limited thereto. Actually, in the present invention, the traffic generation apparatuses 100 and 110 may include various currently known devices that can be connected to a network.

The connection unit 120 is connected to the traffic generation apparatuses 100 and 110 via a network. To this end, the connection unit 120 may be configured as a router, a router, a firewall, a gateway, or the like. Traffic generated from the traffic generating apparatuses 100 and 110 is transmitted to the server 130 via the connection unit 120. [ In this case, the server 130 may store information (environment information, driving information of the electronic product, etc.) corresponding to the traffic in the storage unit 140 and manage the information.

After the home network system as described above is established, the user accesses the connection unit 120 using the terminal 150 (or the server 130), thereby storing the environment information stored in the storage unit 140, Can be confirmed. The user can watch the stored moving picture in response to the driving information of the electronic product, or control the environment inside the home. Actually, a home network system installed in a home can be applied in various forms.

In the present invention, the security of the home network system is improved by using the server 130 and the storage unit 140.

The server 130 processes the traffic generated in the network into traffic information, and stores the processed traffic information in the storage unit 140. In this case, the traffic generated from the traffic generating apparatuses 100 and 110 may be stored in the storage unit 140 as traffic information.

The server 130 is connected to the connection unit 120 and detects traffic generated in the network. The server 130, which senses the traffic, determines whether the detected traffic is included in the traffic information stored in the storage unit 140. Here, when the detected traffic is included in the traffic information, the server 130 permits the corresponding traffic. If the detected traffic is not included in the traffic information, the server 130 blocks the corresponding traffic.

That is, in the present invention, the server 130 detects traffic generated in the network and allows the traffic only when the detected traffic is included in the traffic information. In this way, it is possible to prevent the threat such as hacking when allowing traffic stored in advance in the home network system and blocking other traffic.

In addition, the server 130 shown in FIG. 1 may be set as a computer installed in the home, and the storage unit 140 may be set as a hard disk installed in the computer.

2 is a diagram illustrating a process of storing traffic information in a home network system according to an embodiment of the present invention.

<Traffic collection: S200>

After the home network system is established, the server 130 is connected to the connection unit 120 to collect traffic of the network. Each of the traffic generating apparatuses 100 and 110 communicates using a predetermined protocol and generates traffic of a certain pattern accordingly. The server 130 collects traffic of the network for a predetermined time.

<Elimination of redundant traffic: S202>

The server 130, which has collected the traffic of the network, removes redundant traffic. For example, the security sensor 100a may generate the same traffic at predetermined intervals. Accordingly, the server 130 removes the remaining traffic except one of the overlapped traffic so that the overlapped traffic is not stored in the storage unit 140. [

&Lt; Traffic information storage: S204 >

After the duplicated traffic is removed, the server 130 processes the collected traffic and stores the processed traffic in the storage unit 140. At this time, the traffic stored in the storage unit 140 is used as traffic information.

Meanwhile, the traffic information stored in the storage unit 140 includes the traffic generated when the home network system normally operates. Therefore, when the traffic generated in the home network system is not included in the traffic information, it can be regarded as a threat (hacking, malicious code, etc.) traffic.

3 is a diagram illustrating a driving method according to the first embodiment of the home network system of the present invention.

&Lt; Traffic generation: S300 >

When the home network system is constructed, certain traffic is generated in the network by the traffic generating apparatuses 100 and 110. In addition, traffic may be generated in the network in response to an external connection or the like.

<Traffic collection: S302>

The server 130 monitors the connection unit 120 and collects traffic generated in the network.

<Traffic Search and Judgment: S304, S306>

The server 130, which has collected the traffic, determines whether the collected traffic is included in the traffic information stored in the storage unit 140.

&Lt; Traffic permission: S308 >

If the traffic collected in step S306 is included in the traffic information stored in the storage unit 140, the server 130 sets the traffic to a permitted state. In this case, the traffic can be communicated by the network.

&Lt; Traffic interception: S314 >

If the traffic collected in step S306 is not included in the traffic information stored in the storage unit 140, the server 130 sets the traffic to a blocked state. In this case, the traffic is blocked from being delivered in the network.

That is, according to the present invention, traffic that is not stored in the storage unit 140 may be set in a blocking state, thereby improving reliability of security.

4 is a diagram illustrating a driving method according to a second embodiment of the home network system of the present invention. 4, the same reference numerals are assigned to the same parts as those in FIG. 3, and a detailed description thereof will be omitted.

Referring to FIG. 4, the driving method according to the second embodiment of the present invention further includes steps S310 and S312.

&Lt; Determination of whether to permit traffic: S310 >

If the traffic collected in step S306 is not included in the traffic information stored in the storage unit 140, the server 130 further determines whether traffic is permitted.

In detail, after the home network system is constructed, a projector can be added to the home network system. In this case, new traffic flows into the network corresponding to the protocol of the projector. Accordingly, the present invention further includes step S310 of determining whether the server 130 further permits traffic. For example, in step S310, the user may further allow traffic corresponding to the projector added to the home network system.

&Lt; Traffic information storage: S312 >

In step S310, if the traffic collected by the server 130 is allowed, the server 130 stores the added traffic in the storage unit 140. [ Then, the traffic information added to the traffic information stored in the storage unit 140 is added.

&Lt; Traffic interception: S314 >

If the traffic collected by the server 130 is blocked in step S310, the server 130 sets the traffic to a blocked state. In this case, the traffic is blocked.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. It will be apparent to those skilled in the art that various modifications may be made without departing from the scope of the present invention.

The scope of the present invention is defined by the following claims. The scope of the present invention is not limited to the description of the specification, and all variations and modifications falling within the scope of the claims are included in the scope of the present invention.

100: sensors 100a: security sensor
100b: Humidity sensor 100c: Light sensor
100d: Temperature sensor 110: Electronics
110a: Smart refrigerator 110b: Smart TV
120: connection 130: server
140: storage unit 150: terminal

Claims (7)

A connection unit connected to the network;
A traffic generator connected to the connection via the network;
A storage unit in which traffic that may be generated in the network is stored as traffic information;
And a server for comparing traffic generated in the network with traffic information stored in the storage and blocking or allowing the traffic corresponding to the comparison result. The method according to claim 1,
Wherein the server permits the traffic when the traffic generated in the network is included in the traffic information, and blocks the traffic in other cases. The method according to claim 1,
Wherein the traffic generation device includes at least one of a sensor for collecting environment information and an electronic product that can be connected to the network. Storing traffic that may be generated in a network as traffic information in a storage unit,
Detecting traffic generated in the network;
Comparing the traffic with the traffic information;
And blocking or allowing the traffic corresponding to the comparison result. 5. The method of claim 4,
The step of storing the traffic information
Collecting the traffic generated in the network;
Removing redundant traffic among the traffic,
And storing the removed traffic as the traffic information in the storage unit. 5. The method of claim 4,
Wherein the traffic is allowed when the traffic is included in the traffic information, and is blocked when the traffic is included in the traffic information. 5. The method of claim 4,
If the traffic is not included in the traffic information, determining whether to store the traffic as the traffic information in the storage unit.
KR1020150181039A 2015-12-17 2015-12-17 Home Network System and Driving Method Thereof KR101767211B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150181039A KR101767211B1 (en) 2015-12-17 2015-12-17 Home Network System and Driving Method Thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150181039A KR101767211B1 (en) 2015-12-17 2015-12-17 Home Network System and Driving Method Thereof

Publications (2)

Publication Number Publication Date
KR20170072629A true KR20170072629A (en) 2017-06-27
KR101767211B1 KR101767211B1 (en) 2017-08-23

Family

ID=59514810

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150181039A KR101767211B1 (en) 2015-12-17 2015-12-17 Home Network System and Driving Method Thereof

Country Status (1)

Country Link
KR (1) KR101767211B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102679154B1 (en) * 2023-04-14 2024-06-27 주식회사 에스아이티테크놀로지 The Method and System That Operate An Smart Street Light According to A Detected Vehicle

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102679154B1 (en) * 2023-04-14 2024-06-27 주식회사 에스아이티테크놀로지 The Method and System That Operate An Smart Street Light According to A Detected Vehicle

Also Published As

Publication number Publication date
KR101767211B1 (en) 2017-08-23

Similar Documents

Publication Publication Date Title
US10616765B2 (en) Security for wireless broadcasts
US10868689B2 (en) Management device of internet-of-thing devices, communication system and communication method
CN109729180B (en) Whole system intelligent community platform
CN109829297B (en) Monitoring device, method and computer storage medium thereof
US20140143538A1 (en) Data Security and Integrity by Remote Attestation
US20100325703A1 (en) System and Method for Secured Communications by Embedded Platforms
Abed et al. Review of security issues in Internet of Things and artificial intelligence‐driven solutions
US20100325424A1 (en) System and Method for Secured Communications
US20220215093A1 (en) Event Monitoring
US10791177B2 (en) System to monitor and control sensor devices
KR20140022975A (en) Apparatus and method for controlling traffic based on captcha
CN108092970B (en) Wireless network maintenance method and equipment, storage medium and terminal thereof
CN106034302B (en) Security monitoring method and device for wireless local area network hotspot and communication system
Birnbach et al. Haunted house: physical smart home event verification in the presence of compromised sensors
Chhetri et al. Identifying vulnerabilities in security and privacy of smart home devices
Favaretto et al. When the price is your privacy: A security analysis of two cheap IoT devices
US10383031B2 (en) Zone-based network device monitoring using a distributed wireless network
US10609672B2 (en) Network device navigation using a distributed wireless network
US10542434B2 (en) Evaluating as to whether or not a wireless terminal is authorized
Rafferty et al. A security threat analysis of smart home network with vulnerable dynamic agents
KR101767211B1 (en) Home Network System and Driving Method Thereof
US20180165935A1 (en) Identifying an individual based on an electronic signature
US9949232B1 (en) Network device loss prevention using a distributed wireless network
US10944782B2 (en) Forensic analysis through metadata extraction
US10104638B1 (en) Network device location detection and monitoring using a distributed wireless network

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)
GRNT Written decision to grant