Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Malicious Bot Curing Technique Using DHCP

DHCP를 이용한 악성 봇 치료 기법

  • 김홍윤 (한서대학교 컴퓨터공학과)
  • Received : 2012.05.21
  • Accepted : 2012.06.20
  • Published : 2012.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, a technique wherein the DHCP server has a restriction in providing the IP address to the computers that has no malicious bot curing vaccine is proposed, so that users will cooperate in the curing of malicious bot to avoid inconvenience. In order to provide restricted ip address periodically, the DHCP server makes a request of vaccine installation check for user's computer. Proposed technique is effective in the curing of malicious bot, because it does not depend on specific systems or organizations.

본 논문에서는 악성 봇 치료 백신을 설치하지 않는 컴퓨터에게 DHCP 서버가 IP 주소를 제한적으로 공급하는 기법을 제안하여, 불편을 느낀 사용자들이 악성 봇 치료에 적극적으로 참여하도록 유도하고자 한다. DHCP 서버는 IP 주소를 제한적으로 공급하기 위하여 주기적으로 사용자 컴퓨터에게 백신 설치 확인 요청을 한다. 이 기법은 특정 시스템이나 조직에 종속되지 않아서 효율적인 악성 봇 치료가 가능하다.

Keywords

References

  1. Y. H. Kim, "Theoretical Implication on Establishing the National Countermeasure System against Cyber Crime - Focusing on a Pattern of Cyber Terror -," Journal of the Korea Society of Computer and Information, Vol. 14, No. 6, pp. 165-171, June 2009.
  2. M. S. Jang, J. I. Lee, C. S. Oh, "Harmful Traffic Control Using Sink Hole Routing," Journal of the Korea Society of Computer and Information, Vol. 14, No. 4, pp. 69-76, April 2009.
  3. K. H. Kim, et al., "Accredited by the device identifier location-based security techniques," Journal of the Korea Institute of Entertainment Industry Spring Conference, pp. 186-194, May 2011.
  4. Y. B. Kim, H. Y. Youm, "A New Bot Disinfection Method Based on DNS Sinkhole," Journal of the Korea Institute of Information Security and Cryptology, Vol. 18, No. 6(A), pp. 107-114, Dec. 2008.
  5. D. W. Kang, et al., "Recent trends and the corresponding technical studies malicious behavior of botnets," Korea Institutes of Information Security and Cryptology, Vol. 19, No. 6, pp. 22-31, Dec. 2009.
  6. Y. B. Kim, et al., "Preventing Botnet Damage Technique and It's Effect using Bot DNS Sinkhole," Journal of the Korea Institute of Information Security and Cryptology, Vol. 15, No. 1, pp. 47-55, Jan. 2009.
  7. J. H. Lee, et al., "The Address Detection Algorithm to Avoid DHCP NAK Loop Problem in Virtual LAN," Journal of Korea Information Science Society Fall Conference, Vol. 29, No. 2, pp. 604-606, 2002.
  8. DHCP Server Callout API usage, http://blogs.technet.com/b/ teamdhcp/archive/2009/07/06/dhcp-server-callout-api-usage.aspx
  9. DHCP Server Callout API Reference, http://msdn.microsoft.com/en-us/library/windows/desktop/aa363373(v=vs.85).aspx