WO2021132756A1 - System for preventing hacking of internet of things - Google Patents
System for preventing hacking of internet of things Download PDFInfo
- Publication number
- WO2021132756A1 WO2021132756A1 PCT/KR2019/018438 KR2019018438W WO2021132756A1 WO 2021132756 A1 WO2021132756 A1 WO 2021132756A1 KR 2019018438 W KR2019018438 W KR 2019018438W WO 2021132756 A1 WO2021132756 A1 WO 2021132756A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- terminal
- main control
- control device
- things
- internet
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/40—Support for services or applications
Definitions
- the present invention relates to an IoT hacking prevention system, and more particularly, a situation in which only a registered terminal can be used in order to externally control a plurality of internal devices connected in an Internet of Things method, and a situation in which a registered terminal is impersonated It relates to an IoT hacking prevention system that can prevent hacking and reliably prevent hacking.
- the Internet of Things is an environment in which all things in life are connected through a wired/wireless network to share information.
- the Internet of Things is an intelligent technology and service that communicates information between people and things and between things and things. to provide.
- M2M Machine to Machine
- the IoT is applied to a home automation system, and the home automation system may communicate with and control a thing (eg, a plurality of digital devices) included in the system using the Internet of Things.
- a thing eg, a plurality of digital devices
- FIGS. 1 and 2 As an example of a home automation system using the Internet of Things, the technology described in Korean Patent No. 10-1438769 as shown in FIGS. 1 and 2 has been proposed, and its technical features are the wall pad ( 100), the common entrance unit 110 installed in the common entrance of each building, the security office unit 120 installed in the security room in the complex, and various devices controlled by them are connected through a wired communication network of RS-485 or RS-422.
- the main device 210 includes a first communication unit 212 having an RS-485 or RS-422 communication module so as to be connected to the wired communication network, and a first communication unit having an Ethernet communication module for communication with the DB server 220 .
- the communication unit 213 and the flow of the communication protocol of the wired communication network are monitored to manage the home automation system 200 and control the wall pad 100, the common entrance unit 110, the actual security unit 120 and from them.
- a control unit 214 capable of controlling various receiving devices, wherein the DB server 220 stores and updates the monitoring result received from the main unit 210 and stores and updates the control information received from the manager PC 230 .
- the DB management module 221 that stores and manages and transmits the monitoring result received from the main device 210 to the DB management module 221 and transmits the control information received from the DB management module 221 to the main device 210 . It is characterized in that it comprises a main device control module (222).
- Korean Patent No. 10-1438769 has the advantage of being able to solve problems occurring in home automation from a remote PC through the Internet without visiting the site by combining the Internet of Things and the home automation system, but it is easy through an external communication network. There is a problem that it is difficult to prevent hacking because it can penetrate.
- the present invention has been devised to solve the above problems, and an object of the present invention consists of a plurality of internal devices connected to each other through an internal communication network, and a main control device connected to and controlling the internal devices through an internal communication network,
- the main control device is to provide an IoT hacking prevention system that prevents hacking by storing information on terminals that can be accessed from the outside and allowing external access only to registered terminals.
- the main control device is provided with a storage unit to register the phone number of the terminal, and when a terminal such as a smartphone connects through a telephone communication network, the main control device confirms the phone number of the attempted connection and then , to provide an IoT hacking prevention system that can reliably block an attempt to access by impersonating a phone number by blocking access and re-connecting with the corresponding phone number.
- the present invention for solving these problems
- the main control device is characterized in that the terminal information is stored and only the registered terminal can be accessed.
- the main control device blocks the connection with the terminal requesting access, and when the terminal requesting access is a terminal registered in the main control device, the main control device requests access It is characterized in that it is connected by requesting access to the terminal.
- the main control device stores the phone number of the registered terminal, and the main control device tries to access the registered phone number through the phone communication network.
- the main control device is characterized in that the information of the terminal is stored, it is characterized in that by setting the authority of the terminal to limit the controllable internal devices.
- the main control device is characterized in that it receives the information of the internal device in real time, and transmits the set information to the registered terminal.
- a plurality of internal devices connected to each other through an internal communication network and a main control device connected to and controlled by the internal devices and an internal communication network are provided, and the main control device can be accessed from the outside.
- the main control device is provided with a storage unit, the phone number of the terminal is registered, and when a terminal such as a smartphone connects through a telephone communication network, the main control device confirms the phone number of the terminal to which the connection was attempted, and then establishes the connection. By blocking and attempting to access the phone number again, there is an effect that can reliably block attempts to access by impersonating the phone number.
- FIG. 1 is a schematic diagram of a conventional home automation system using the Internet of Things.
- FIG. 2 is a block diagram showing the overall configuration of a conventional home automation system using the Internet of Things.
- FIG. 3 is a conceptual diagram of an IoT hacking prevention system according to the present invention.
- FIG. 4 is a block diagram of an IoT hacking prevention system according to the present invention.
- FIG. 5 is a flowchart showing a connection process of the IoT hacking prevention system according to the present invention.
- FIG. 6 is a block diagram showing an example in which the IoT hacking prevention system according to the present invention is applied to home automation.
- FIG. 3 is a conceptual diagram of the IoT hacking prevention system according to the present invention
- FIG. 4 is a block diagram of the IoT hacking prevention system according to the present invention
- the present invention relates to an Internet of Things (IoT) hacking prevention system, and as shown in FIGS. 3 to 6 , the configuration includes a plurality of internal devices 400 connected to each other by communication and a main connected to the internal devices 400 by communication. It consists of a control device 300 and a terminal 500 connected to the main control device 300 to control the internal device 400 .
- IoT Internet of Things
- the internal device 400 is provided with an auxiliary communication module 410, respectively, are connected to each other using an internal communication network to exchange information with each other, and the main control device 300 is also an internal device ( 400 ) to receive information from the internal device 400 .
- the main control device 300 is provided with a main communication module 310 to be connected to each internal device 400 as well as to the terminal 500 and an external communication network (external) through the main communication module 310 .
- Internet, telephone communication network, etc. since the internal device 400 cannot be directly connected to an external communication network, the terminal 500 is connected to each internal device 400 through the main control device 300 to control it. do.
- the main control device 300 stores the information of the main communication module 310 and the connectable terminal 500 for communication with each internal device 400 and the external terminal 500 as described above. It consists of a storage unit 320 that is.
- the main control device 300 is connected to each internal device 400 to receive the information of the internal device 400 in real time, the information set by the administrator among the information received from the internal device 400 is It is transmitted to the terminal 500 of the manager through the main communication module 310 .
- the internal device 400 is composed of appliances used at home as shown in FIG. 6 , and as an example, a gas oven range, which is a household appliance 400 , is lit.
- the main control device 300 notifies the manager through the main communication module 310 by checking the overheating state through the temperature sensor provided in the gas range. By controlling the valve in the pipe to cut off the gas supply, it is possible to prevent a fire.
- the technology of the present invention is not only applicable to home automation, and although not shown in the drawing, it is applicable to a general company or factory, etc., so that the information of each device constituting the company or factory is transmitted in real time to the main control device 300 It allows the administrator to respond quickly according to the situation by notifying the administrator only for the information received by the administrator and set by the administrator.
- the main control device 300 is provided with a storage unit 320 to store the information of the terminal 500, the main control device 300 is stored in the storage unit 320 is a registered terminal ( Only 500 is allowed to connect to the main control device 300 through the main communication module 310 .
- the unique information of the terminal 500 is transmitted together, so that the main control device 300 can specify the terminal 400 requesting access. Only the registered terminal 500 enables access.
- the terminal 500 transmits a connection request signal to the main control device 300 , and , when the main control device 300 receives the connection request signal transmitted from the terminal 500 , it first blocks the connection with the terminal 500 that has requested the connection.
- the main control device 300 checks the information of the terminal 500 that has requested access, and blocks the access if it is not the terminal 500 registered in the storage unit 320 provided in the main control device 300 . In the case where the terminal 500 that requested the connection is the terminal 500 registered in the storage 320, the main control device 300 makes a connection request to the terminal 500 that requested the connection. will connect
- the phone number of the terminal 500 is stored in the storage unit 320 of the main control device 300, and the phone number of the terminal 500 that has requested access can be checked to determine whether it is a registered terminal 500.
- the connection is requested through a registered phone number.
- the main communication module 310 of the main control device 300 not only enables general communication, but also has a modem function to enable connection through a telephone communication network, and the terminal 500 is also made of a smartphone.
- An application capable of a modem function is installed to enable communication with the main control device 300 .
- information of the terminal 500 is stored in the storage unit 320 of the main control device 300 , and the storage unit 320 limits the internal device 400 that can be controlled for each terminal 500 . You can also set permissions.
- the present invention relates to an IoT hacking prevention system, and more particularly, a situation in which only a registered terminal can be used in order to externally control a plurality of internal devices connected in an Internet of Things method, and a situation in which a registered terminal is impersonated It relates to an IoT hacking prevention system that can prevent hacking and reliably prevent hacking.
Abstract
Description
Claims (6)
- 서로 통신으로 연결되는 다수의 내부장치와,A plurality of internal devices connected to each other by communication,상기 내부장치와 통신으로 연결되는 메인제어장치와,a main control device connected by communication with the internal device;상기 메인제어장치에 접속하여 상기 내부장치를 제어하는 단말기로 이루어지는 것을 특징으로 하는 사물인터넷 해킹 방지 시스템.Internet of Things (IoT) hacking prevention system, characterized in that the terminal is connected to the main control device to control the internal device.
- 제1항에 있어서,According to claim 1,상기 메인제어장치에는 단말기의 정보가 저장되어 등록된 단말기만 접속 가능한 것을 특징으로 하는 사물인터넷 해킹 방지 시스템.Internet of Things (IoT) hacking prevention system, characterized in that the main control device stores terminal information and only registered terminals can access it.
- 제2항에 있어서,3. The method of claim 2,상기 메인제어장치는 단말기에서 접속 요청 신호가 수신되면 접속을 요청한 단말기와의 연결을 차단하고,When the connection request signal is received from the terminal, the main control device blocks the connection with the terminal requesting access,접속을 요청한 단말기가 상기 메인제어장치에 등록된 단말기일 경우, 상기 메인제어장치가 접속을 요청한 단말기로 접속을 요청하여 연결되는 것을 특징으로 하는 사물인터넷 해킹 방지 시스템.If the terminal requesting access is a terminal registered in the main control device, the main control device requests access to the terminal requesting access and connects to the terminal.
- 제3항에 있어서,4. The method of claim 3,상기 메인제어장치에는 등록된 단말기의 전화번호가 저장되며,The main control device stores the phone number of the registered terminal,상기 메인제어장치는 전화 통신망을 통하여 등록된 전화번호로 접속을 시도하는 것을 특징으로 하는 사물인터넷 해킹 방지 시스템.The main control device is an Internet of Things (IoT) hacking prevention system, characterized in that it attempts to access a registered phone number through a telephone communication network.
- 제2항에 있어서,3. The method of claim 2,상기 메인제어장치에는 단말기의 정보가 저장되되,The main control device stores information of the terminal,단말기의 권한을 설정하여 제어할 수 있는 내부장치를 제한하는 것을 특징으로 하는 사물인터넷 해킹 방지 시스템.Internet of Things (IoT) hacking prevention system, characterized in that it limits the internal devices that can be controlled by setting the authority of the terminal.
- 제1항에 있어서,According to claim 1,상기 메인제어장치는 내부장치의 정보를 실시간으로 수신받고, 설정된 정보를 등록된 단말기로 전송하는 것을 특징으로 하는 사물인터넷 해킹 방지 시스템.The main control device receives the information of the internal device in real time, and transmits the set information to the registered terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/KR2019/018438 WO2021132756A1 (en) | 2019-12-26 | 2019-12-26 | System for preventing hacking of internet of things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/KR2019/018438 WO2021132756A1 (en) | 2019-12-26 | 2019-12-26 | System for preventing hacking of internet of things |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021132756A1 true WO2021132756A1 (en) | 2021-07-01 |
Family
ID=76574787
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2019/018438 WO2021132756A1 (en) | 2019-12-26 | 2019-12-26 | System for preventing hacking of internet of things |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2021132756A1 (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030217110A1 (en) * | 2002-05-16 | 2003-11-20 | Weiss Eugene S. | Home gateway server appliance |
US20090086688A1 (en) * | 2007-10-01 | 2009-04-02 | Verizon Services Organization Inc. | Remote access to a customer home network |
KR20120064916A (en) * | 2010-12-10 | 2012-06-20 | 주식회사 케이티 | Method and apparatus for controlling home network access using phone numbers, and system thereof |
KR20170132017A (en) * | 2016-05-23 | 2017-12-01 | 엘지전자 주식회사 | Method for controlling mobile terminal |
KR20200029786A (en) * | 2018-09-11 | 2020-03-19 | 주식회사 성강이지에스 | a prevention system of hacking for internet of things |
-
2019
- 2019-12-26 WO PCT/KR2019/018438 patent/WO2021132756A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030217110A1 (en) * | 2002-05-16 | 2003-11-20 | Weiss Eugene S. | Home gateway server appliance |
US20090086688A1 (en) * | 2007-10-01 | 2009-04-02 | Verizon Services Organization Inc. | Remote access to a customer home network |
KR20120064916A (en) * | 2010-12-10 | 2012-06-20 | 주식회사 케이티 | Method and apparatus for controlling home network access using phone numbers, and system thereof |
KR20170132017A (en) * | 2016-05-23 | 2017-12-01 | 엘지전자 주식회사 | Method for controlling mobile terminal |
KR20200029786A (en) * | 2018-09-11 | 2020-03-19 | 주식회사 성강이지에스 | a prevention system of hacking for internet of things |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7640349B2 (en) | Systems and methods for providing secure access to household terminals | |
CN110519306B (en) | Equipment access control method and device of Internet of things | |
WO2013100419A1 (en) | System and method for controlling applet access | |
WO2013085217A1 (en) | Security management system having multiple relay servers, and security management method | |
WO2016148483A1 (en) | Apparatus and method for managing home energy using beacon in home energy management system | |
US20050177640A1 (en) | Method for selectively providing access to voice and data networks by use of intelligent hardware | |
KR101751910B1 (en) | Method and apparatus for controlling delegation of authority for internet-of-things device, and method and apparatus for controlling access to internet-of-things device | |
WO2016190663A1 (en) | Security management device and security management method in home network system | |
KR102270432B1 (en) | a prevention system of hacking for internet of things | |
WO2021132756A1 (en) | System for preventing hacking of internet of things | |
WO2019093581A1 (en) | Device and method for providing terminal management and message filtering in lora network | |
CN107483514A (en) | Attack monitoring device and smart machine | |
KR200495991Y1 (en) | Multiplexer providing security function to networks in a household of home networks in an apartment house | |
CN102710625A (en) | Method for controlling external terminal to access electric appliance and home gateway | |
US8555341B2 (en) | Method, apparatus, and system for network security via network wall plate | |
JP4647440B2 (en) | Network service security system and network service security method | |
CN208985237U (en) | Remote authorization device and system based on building conversational system | |
WO2016117776A1 (en) | Router-based harmful site blocking system and method therefor | |
KR100381171B1 (en) | Home Appliance Controlling System and Operating Method for the Same | |
CN107659932B (en) | Equipment access method and device | |
WO2012128423A1 (en) | Networking system for smart matching using a router | |
WO2023140398A1 (en) | Method for setting linking by means of door lock administrator right | |
JP2022147898A (en) | Illegal access monitoring system and illegal access monitoring method | |
KR20080017164A (en) | A information access control service system and its method on a home gateway | |
JP2001014023A (en) | Monitor control system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19957276 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19957276 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 13/12/2022) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19957276 Country of ref document: EP Kind code of ref document: A1 |