DOI QR코드

DOI QR Code

BHO 이용한 웹 컨텐츠 변조 탐지 방법

Web contents deformation detection method by BHO

  • 모정훈 (고려대학교 정보보호대학원) ;
  • 정만현 (고려대학교 정보보호대학원) ;
  • 조재익 (고려대학교 정보보호대학원) ;
  • 문종섭 (고려대학교 정보보호대학원)
  • Mo, Jeong-Hoon (Korea University, Graduate School Of Information Security) ;
  • Chung, Man-Hyun (Korea University, Graduate School Of Information Security) ;
  • Cho, Jae-Ik (Korea University, Graduate School Of Information Security) ;
  • Moon, Jong-Sub (Korea University, Graduate School Of Information Security)
  • 투고 : 2011.08.10
  • 심사 : 2011.08.30
  • 발행 : 2011.08.31

초록

최근 인터넷 서비스 기술이 발달함에 따라 웹 서비스는 사용자의 컴퓨팅 환경에 많은 변화를 주었다. 시사, 경제, 게임/오락은 물론, 개인 금융까지도 웹 페이지를 통해 처리 된다. 이 때, 웹 페이지는 텍스트 형태의 코드를 전송받아 DOM 정보로 가공되어 웹 브라우저에 의해 사용자에게 보여 진다. 하지만, 이 정보들은 다양한 경로를 통해 접근이 가능하고 악의적인 목적으로 변조되어질 수 있다. 또한, 보안 매커니즘을 우회하여 사용자의 로그인 정보나 인증서를 획득할 수도 있다. 따라서, 본 논문에서는 이러한 웹페이지 변조 행위를 탐지하기 위해 웹 브라우저 중 대표적인 MicroSoft 사의 MS Internet Explorer의 Add-On 프로그램인 BHO를 이용하여 웹 컨텐츠에 대한 무결성을 검증하는 탐지 방법을 제안한다.

Recently, with improvement of internet service technology, web service has been affecting the environment for computing user. Not only current events, economics, game, entertainment, but also personal financial system is processed by web pages through internet. When data transmission is implemented on the internet, webpage acquire text form code and transform them to DOM information, and then shows processed display to user by web browser. However, those information are not only easily accessed by diversified route, but also easily deformed by intentional purpose. Furthermore, it is also possible to acquire logon information of users and certification information by detouring security mechanism. Therefore, this dissertation propose the method to verify integrity of web contents by using BHO which is one of the Add-On program based on MS Internet Explorer platform which is one of major web browser program designed by MicroSoft to detect any action of webpage deformation.

키워드

참고문헌

  1. Johnny Stenback, "Document Object Model (DOM) Level2 HTML Specificatoin", W3C Recommendation 09 January 2003
  2. Suhit Gupta, "Dom-based Content Extraction of HTML Documents", WWW2003, May 20-24, 2003, Budapest, Hungary.
  3. L Wood, "Programming the Web: the W3C DOM specification", Internet Computing, IEEE, 3(1), 48 - 54, Jan, 1999 https://doi.org/10.1109/4236.747321
  4. Behrouz A. Forouzan, "Cryptography and Network Security", Pages 467-468
  5. MicroSoft corp. "http://www.microsoft.com/"
  6. AhnLAB, "http://kr.ahnlab.com/info/securityinfo/"
  7. Rolf Oppliger, "Internet security,firewalls and beyond", Communications of the ACM archive, Volume 40, Issue 5 (May 1997), Pages 92-102, 1997, ISSN:0001-0782 https://doi.org/10.1145/253769.253802
  8. Browser Helper Objects: The Browser the Way You Want It, Available: http://msdn.microsoft.com/en-us/library/bb250436(VS.85).aspx, Oct. 5, 2009.
  9. Diffie W., Hellman M., "New directions in cryptography", Information Theory, IEEE, 22(6), 644 - 654, Nov, 1976 https://doi.org/10.1109/TIT.1976.1055638
  10. R.L. Rivest. The MD5 message-digest algorithm, Request for Comments (RFC 1320), Internet Activities Board, Internet Privacy Task Force, 1992.
  11. Krawczyk, H., Bellare, M., and R. Canetti, "HMAC:Keyed-Hashing for Message Authentication," RFC 2104, February 1997.
  12. D. Eastlake and P. Jones, "RFC3174: US Secure Hash Algorithm 1(SHA1)", Available at http://www.faqs.org/rfcs/rfc3174.html, 2001.
  13. JooBeom Yun, Youngjoo Shin, HyoungChun Kim and Hyunsoo Yoon,"Miguard : Detecting and Guarding against Malicious Iframe through API Hooking", IEICE Electronics Express, Vol.8, No.7, 460-465, 2011 https://doi.org/10.1587/elex.8.460
  14. Kangbin Yim, "Keyboard Security,"Workshop on Ubiquitous Information Security, May 2008
  15. P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna. "Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis". In Proceeding of the Network and Distributed system Security Symposium (NDSS'07), February, 2007.
  16. Kyungroul Lee, Kwangjin Bae, Kangbin Yim, "Hardware Approach to Solving Password Exposure Problem through Keyboard Sniff," ACADEMIC SCIENCE RESEARCH, proceedings ofWASET2009, pp.23-25, Oct 2009
  17. JSON, "http://www.json.org/js.html"
  18. XML, "http://www.w3.org/XML/"
  19. DynaTrace, www.dynatrace.com/