公开(公告)号：US08335918B2

公开(公告)日：2012-12-18

申请号：US12238578

申请日：2008-09-26

申请人： Tae-Shik Shon ,  Sun-Gi Kim ,  Hyo-Hyun Choi

发明人： Tae-Shik Shon ,  Sun-Gi Kim ,  Hyo-Hyun Choi

IPC分类号： H04L9/00

CPC分类号： H04L63/0428 ,  H04L63/12 ,  H04L63/1466 ,  H04L63/162

摘要： A medium access control (MAC) frame provision method establishes security in an IEEE 802.15.4 network. A MAC frame is generated, which includes a MAC header, a payload field, and a frame check sequence (FCS) field, the payload field including relevant main data according to a frame type defined in the MAC header. A disguised decoy data sequence number (DSN) is generated and inserted into the MAC header. A real DSN, which is a corresponding transmission sequence number of the MAC frame, is generated and inserted into the payload field. The MAC frame is transmitted, including the encrypted payload field, to a counterpart node. A MAC ACK frame acknowledges reception of the transmitted MAC frame; and a DSN is compared in the received MAC ACK frame with the real DSN. An authentication of the counterpart node is performed when the received MAC ACK frame is equal to the real DSN.

摘要翻译： 介质访问控制（MAC）帧提供方法在IEEE 802.15.4网络中建立安全性。 生成MAC帧，其包括MAC头，有效载荷字段和帧校验序列（FCS）字段，所述有效负载字段根据在MAC报头中定义的帧类型包括相关主数据。 生成伪装的诱饵数据序列号（DSN）并将其插入到MAC头中。 产生作为MAC帧的相应传输序列号的真实DSN并将其插入到有效载荷字段中。 将MAC帧发送到对方节点，包括加密的有效载荷字段。 MAC ACK帧确认所发送的MAC帧的接收; 并且在接收到的MAC ACK帧中与DSN进行比较。 当接收的MAC ACK帧等于实际DSN时，执行对方节点的认证。

公开(公告)号：US08155094B2

公开(公告)日：2012-04-10

申请号：US12179705

申请日：2008-07-25

申请人： Tae-Shik Shon ,  Wook Choi ,  Hyo-Hyun Choi

发明人： Tae-Shik Shon ,  Wook Choi ,  Hyo-Hyun Choi

IPC分类号： H04W4/00

CPC分类号： H04W40/02 ,  H04L1/1607 ,  H04L1/188 ,  H04L2001/0092 ,  Y02D70/144 ,  Y02D70/162 ,  Y02D70/30

摘要： A method for transmitting/receiving data with transfer obligation delegated in a Wireless Sensor Network (WSN) reduces the time and power spent by a transmitting apparatus to wait for acknowledgment that a data transfer was successful. The method for transmitting data from a transmitting end to a receiving end through a set transfer route by multiple data transmit/receive apparatuses provided in a Wireless Sensor Network (WSN), typically includes the steps of: performing temporary storage of data to be transmitted on receiving a request to transmit data; requesting a data transmit/receive apparatus, existing on a next route, to transmit data while transmitting data to a data transmit/receive apparatus which is set as a transfer route; and confirming the delivery of the data to the data transmit/receive apparatus set as the transfer route, and then deleting the temporarily stored data frame.

摘要翻译： 在无线传感器网络（WSN）中委托的传输义务发送/接收数据的方法减少了发送装置花费的时间和功率，以等待确认数据传输成功。 通过在无线传感器网络（WSN）中提供的多个数据发送/接收装置通过设置的传输路由从发送端向接收端发送数据的方法通常包括以下步骤：执行临时存储要发送的数据 接收传送数据的请求; 请求在下一个路由上存在的数据发送/接收装置在将数据发送到被设置为传送路由的数据发送/接收装置的同时发送数据; 并确认将数据传送到设置为传送路由的数据发送/接收装置，然后删除临时存储的数据帧。

公开(公告)号：US08687077B2

公开(公告)日：2014-04-01

申请号：US12238569

申请日：2008-09-26

申请人： Wook Choi ,  Hyo-Hyun Choi ,  Tae-Shik Shon

发明人： Wook Choi ,  Hyo-Hyun Choi ,  Tae-Shik Shon

IPC分类号： H04N5/228

CPC分类号： G08B13/19689 ,  G08B13/1966 ,  G08B25/009 ,  H04N5/232 ,  H04N5/23206

摘要： A method for controlling a camera through a Multi-Hop-based wireless sensor network includes: sensing whether an event occurs or not in a corresponding area and transmitting position information on the corresponding area and type information on the event, converting the received position information on the event into a movement control signal for the camera, calculating camera driving values in a left/right direction and an up/down direction using the converted signal, controlling a zoom-in operation of the camera lens using the calculated camera driving values according to the received event type and photographing an object located in the corresponding direction, and transmitting the photographed images over the outer network.

摘要翻译： 一种通过基于多跳的无线传感器网络来控制摄像机的方法包括：检测相应区域中是否发生事件，并发送对应区域的位置信息，以及类型关于事件的信息，将接收到的位置信息转换为 将该事件转换为相机的移动控制信号，使用转换的信号计算左/右方向和上/下方向上的相机驱动值，使用所计算的相机驱动值来控制相机镜头的放大操作，根据 接收到的事件类型并拍摄位于相应方向上的对象，并且通过外部网络发送所拍摄的图像。

公开(公告)号：US08285986B2

公开(公告)日：2012-10-09

申请号：US12572959

申请日：2009-10-02

申请人： Tae-Shik Shon ,  Hyo-Hyun Choi ,  Bon-Hyun Koo

发明人： Tae-Shik Shon ,  Hyo-Hyun Choi ,  Bon-Hyun Koo

IPC分类号： H04L29/06 ,  G06F17/00 ,  G06F9/00 ,  H04K1/00

CPC分类号： H04L63/20 ,  H04L67/125 ,  H04L67/303 ,  H04W84/18

摘要： An apparatus and method for providing data packet security in a wireless sensor network including a plurality of sensor nodes. The apparatus includes a memory unit for storing a plurality of node characteristic information and a plurality of settable security status information, each of the node characteristic information corresponding to at least one of the settable security status information; and a control unit for examining the node characteristic information of the control unit, if a data packet generation request is made, detecting the security status information corresponding to the examined node characteristic information from the memory unit, and generating data packets including the detected security status information.

摘要翻译： 一种用于在包括多个传感器节点的无线传感器网络中提供数据分组安全性的装置和方法。 该装置包括存储单元，用于存储多个节点特征信息和多个可设置的安全状态信息，每个节点特征信息对应于可设置的安全状态信息中的至少一个; 以及控制单元，用于检查所述控制单元的节点特征信息，如果进行数据分组生成请求，则从所述存储器单元检测与所检查的节点特征信息相对应的安全状态信息，以及生成包括检测到的安全状态的数据分组 信息。

公开(公告)号：US20090300354A1

公开(公告)日：2009-12-03

申请号：US12433224

申请日：2009-04-30

申请人： Tae-Shik Shon ,  Hyo-Hyun Choi ,  Bon-Hyun Koo

发明人： Tae-Shik Shon ,  Hyo-Hyun Choi ,  Bon-Hyun Koo

IPC分类号： H04L29/06

CPC分类号： H04L63/1466

摘要： A method for preventing a replay attack is provided. A prime number is mutually exchanged between a main node and children nodes. The main node generates a Prime Sequence Code Matrix (PSCM) corresponding to the prime number, notifies the children nodes of sequence orders corresponding to the children nodes. The main node selects an arbitrary value of a Prime Sequence Code-1 (PSC1) among a series of values corresponding to an arbitrary node in the PSCM. The arbitrary node computes a Prime Sequence Code-2 (PSC2) subsequent to receiving the PSC1 using a sequence order received from the main node and the prime number. The PSC2 is transmitted to the main node. The main node compares the received PSC2 with the PSCM. The method can be easily applied by supplementing a weakness for a replay attack on the basis of an IEEE 802.15-4-2006 standard and minimizing system load.

摘要翻译： 提供了一种防止重放攻击的方法。 素数在主节点和子节点之间相互交换。 主节点生成与素数相对应的素数矩阵（PSCM），向子节点通知子节点对应的序列顺序。 主节点在与PSCM中的任意节点相对应的一系列值中选择素数序列-1（PSC1）的任意值。 任意节点使用从主节点接收的序列顺序和素数来计算接收PSC1之后的序号码2（PSC2）。 PSC2被传送到主节点。 主节点将接收的PSC2与PSCM进行比较。 该方法可以通过补充基于IEEE 802.15-4-2006标准的重播攻击的弱点并最小化系统负载来轻松应用。

公开(公告)号：US20090086041A1

公开(公告)日：2009-04-02

申请号：US12238569

申请日：2008-09-26

申请人： Wook Choi ,  Hyo-Hyun Choi ,  Tae-Shik Shon

发明人： Wook Choi ,  Hyo-Hyun Choi ,  Tae-Shik Shon

IPC分类号： H04N5/232

CPC分类号： G08B13/19689 ,  G08B13/1966 ,  G08B25/009 ,  H04N5/232 ,  H04N5/23206

摘要： A method for controlling a camera through a Multi-Hop-based wireless sensor network includes: sensing whether an event occurs or not in a corresponding area and transmitting position information on the corresponding area and type information on the event, converting the received position information on the event into a movement control signal for the camera, calculating camera driving values in a left/right direction and an up/down direction using the converted signal, controlling a zoom-in operation of the camera lens using the calculated camera driving values according to the received event type and photographing an object located in the corresponding direction, and transmitting the photographed images over the outer network.

摘要翻译： 一种通过基于多跳的无线传感器网络来控制摄像机的方法包括：检测相应区域中是否发生事件，并发送对应区域的位置信息，以及类型关于事件的信息，将接收到的位置信息转换为 将该事件转换为相机的移动控制信号，使用转换的信号计算左/右方向和上/下方向上的相机驱动值，使用所计算的相机驱动值来控制相机镜头的放大操作，根据 接收到的事件类型并拍摄位于相应方向上的对象，并且通过外部网络发送所拍摄的图像。

公开(公告)号：US08200970B2

公开(公告)日：2012-06-12

申请号：US12433224

申请日：2009-04-30

申请人： Tae-Shik Shon ,  Hyo-Hyun Choi ,  Bon-Hyun Koo

发明人： Tae-Shik Shon ,  Hyo-Hyun Choi ,  Bon-Hyun Koo

IPC分类号： H04L29/06

CPC分类号： H04L63/1466

摘要： A method for preventing a replay attack is provided. A prime number is mutually exchanged between a main node and children nodes. The main node generates a Prime Sequence Code Matrix (PSCM) corresponding to the prime number, notifies the children nodes of sequence orders corresponding to the children nodes. The main node selects an arbitrary value of a Prime Sequence Code-1 (PSC1) among a series of values corresponding to an arbitrary node in the PSCM. The arbitrary node computes a Prime Sequence Code-2 (PSC2) subsequent to receiving the PSC1 using a sequence order received from the main node and the prime number. The PSC2 is transmitted to the main node. The main node compares the received PSC2 with the PSCM. The method can be easily applied by supplementing a weakness for a replay attack on the basis of an IEEE 802.15-4-2006 standard and minimizing system load.

摘要翻译： 提供了一种防止重放攻击的方法。 素数在主节点和子节点之间相互交换。 主节点生成与素数相对应的素数矩阵（PSCM），向儿童节点通知与子节点对应的序列顺序。 主节点在与PSCM中的任意节点相对应的一系列值中选择素数序列-1（PSC1）的任意值。 任意节点使用从主节点接收的序列顺序和素数来计算接收PSC1之后的序号码2（PSC2）。 PSC2被传送到主节点。 主节点将接收的PSC2与PSCM进行比较。 该方法可以通过补充基于IEEE 802.15-4-2006标准的重播攻击的弱点并最小化系统负载来轻松应用。

公开(公告)号：US08175627B2

公开(公告)日：2012-05-08

申请号：US12131998

申请日：2008-06-03

申请人： Tae-Shik Shon ,  Wook Choi ,  Hyo-Hyun Choi

发明人： Tae-Shik Shon ,  Wook Choi ,  Hyo-Hyun Choi

IPC分类号： H04B7/00 ,  H04B1/00 ,  H04B15/00

CPC分类号： H04L47/10 ,  H04L1/188 ,  H04L45/123 ,  H04L47/14 ,  H04L47/25 ,  H04L2001/0092 ,  H04W28/10 ,  H04W28/18 ,  H04W40/12 ,  H04W84/18

摘要： A method and apparatus for transmitting/receiving data in a Wireless Sensor Network (WSN). The method typically includes the steps of: ascertaining characteristics of data whose transfer is requested; ascertaining a Link Quality Indication Value (LQIV); determining a level of a link state in consideration of the characteristics of the data and the LQIV; and controlling the link transfer of the data in consideration of the level of the link state. The apparatus includes a module for transmitting/receiving data in the network layer thereof having a link level determination unit for predefining a level of a link state, depending on characteristics of data and a Link Quality Indication Value (LQIV) to store a predefined level of the link state, and to determine a level of the link state. A link control unit controls the link transfer of the data in consideration of the determined level of the link state.

摘要翻译： 一种用于在无线传感器网络（WSN）中发送/接收数据的方法和装置。 该方法通常包括以下步骤：确定请求传送的数据的特征; 确定链路质量指示值（LQIV）; 考虑到数据和LQIV的特性来确定链路状态的级别; 并且考虑到链路状态的级别来控制数据的链路传送。 该装置包括：用于在其网络层中发送/接收数据的模块，具有根据数据的特性和链路质量指示值（LQIV）来预定义链路状态的级别的链路级别确定单元，用于存储预定级别的 链路状态，并确定链路状态的级别。 考虑到确定的链路状态的级别，链路控制单元控制数据的链路传送。

公开(公告)号：US20080089294A1

公开(公告)日：2008-04-17

申请号：US11890521

申请日：2007-08-07

申请人： Tae-Shik Shon ,  Sun-Woong Choi ,  Sun-Gi Kim ,  Kang-Young Moon

发明人： Tae-Shik Shon ,  Sun-Woong Choi ,  Sun-Gi Kim ,  Kang-Young Moon

IPC分类号： H04Q7/00

CPC分类号： H04W12/06 ,  H04L63/0823 ,  H04L63/0869 ,  H04W8/26 ,  H04W36/08

摘要： A method and system to perform a handover using mutual authentication in a Wireless Broadband (WiBro) network includes: generating a temporary number of a mobile station needing handover from a first base station to a second base station and requesting a handover from the first base station; transferring a handover request message, including a field for storing the temporary number of the mobile station, from the first base station to the second base station according to the handover request of the mobile station; transferring a handover response message, including respective fields for storing the mobile station's temporary number and the second base station's certification encoded using an authentication key received from an authentication server, from the second base station to the first base station; verifying the encoded temporary number of the mobile station and the encoded certification of the second base station in the handover response message transferred from the second base station, and transferring a handover acknowledge (ACK) message including a field for storing an authentication result for the second base station, from the first base station to the second base station; transmitting an initial communication request message, including a Control Mobile Attenuation Code (CMAC) value to be authenticated by the second base station, from the mobile station to the second base station; and authenticating the mobile station and transmitting a response message to the initial communication request message, from the second base station to the mobile station in response to the CMAC value transmitted from the mobile station being the same as a CMAC value of the second base station.

摘要翻译： 一种在无线宽带（WiBro）网络中使用相互认证执行切换的方法和系统包括：产生需要从第一基站到第二基站的切换的移动台的临时号码，并请求从第一基站 ; 根据移动台的切换请求，从第一基站向第二基站传送包括用于存储移动台的临时号码的字段的切换请求消息; 传送切换响应消息，包括用于存储移动台的临时号码的各个字段和使用从认证服务器接收的认证密钥编码的第二基站的认证从第二基站到第一基站; 在从第二基站传送的切换响应消息中验证移动台的编码临时号码和第二基站的编码认证，以及传送包括用于存储第二基站的认证结果的字段的切换确认（ACK）消息 基站，从第一基站到第二基站; 从所述移动台向所述第二基站发送包括要由所述第二基站认证的控制移动衰减码（CMAC）值的初始通信请求消息; 以及响应于与所述第二基站的CMAC值相同的从所述移动站发送的CMAC值，从所述第二基站向所述移动站认证所述移动台并向所述初始通信请求消息发送响应消息。

公开(公告)号：US20070150954A1

公开(公告)日：2007-06-28

申请号：US11604229

申请日：2006-11-27

申请人： Tae-Shik Shon

发明人： Tae-Shik Shon

IPC分类号： G06F12/14

CPC分类号： H04L63/1416 ,  H04L63/1425

摘要： In a system and method for detecting network intrusion, the system comprises: a packet capturer which captures at least one packet on a network; a preprocessor which provides feature values dependent on features of each packet captured by the packet capturer; and a learning engine for classifying patterns dependent on the feature values provided by the preprocessor into two different pattern sets, and for selecting one pattern set having more elements from the pattern sets as a reference set so as to detect network intrusion. The network intrusion detection system and method do not depend on historical data according to known attack patterns, and thus not only detect a changed attack pattern but also efficiently detect network intrusion.

摘要翻译： 在用于检测网络入侵的系统和方法中，该系统包括：捕获网络上的至少一个分组的分组捕获器; 预处理器，其提供取决于由分组捕获器捕获的每个分组的特征的特征值; 以及学习引擎，用于根据预处理器提供的特征值将模式分类为两个不同的模式集合，并且用于从模式集合中选择具有更多元素的一个模式集作为参考集，以便检测网络入侵。 网络入侵检测系统和方法根据已知的攻击模式不依赖于历史数据，因此不仅可以检测更改的攻击格局，还可以有效地检测网络入侵。