A Study of Connection Maintenance Techniques using TCP Hijacking

  • 김점구 (남서울대학교 컴퓨터학과)
  • 투고 : 2014.02.28
  • 심사 : 2014.03.24
  • 발행 : 2014.03.30

초록

인터넷 사용자의 급증에 따라, 인터넷을 통한 각종 침해사고 역시 크게 증가되고 있다. 이러한 각종 침해사고로부터의 대응 방법으로 해킹을 시도하는 해커의 실제 위치를 실시간으로 추적하는 침입자 역추적 기술에 대한 연구가 활발히 이루어지고 있다. 본 논문에서는 TCP Connection trace-back 시스템에서 사용되는 기법 중에 하나인 패킷 워터마킹 역추적 기법에서 TCP Hijacking 기법을 이용하여 Reply 패킷의 Connection 유지의 어려움을 해결하는 방법을 제시한다.

Internet users drastically increases, also through the Internet to buy various intrusion significantly increased. These various methods of intrusion defense thinking hacker attempting to hack the actual position of the real-time tracking of the intruder backtracking technique for research have been actively carried out. In this paper, a technique used in TCP Connection trace-back System in one packet trace-back technique watermarking technique using TCP Hijacking Connection Reply packets how to solve the difficulties of maintaining presented.

키워드

참고문헌

  1. Sei Dong Il, TCP Connection Traceback, KIISE, 2008
  2. Buchholz, Thomas E. Daniels, Benjamin Kuperman, Clay Shields, Packet Tracker Final Report, CERIAS Technical Report 2000-23, Purdue University, 2008
  3. Kunikazu Yoda & Hiroaki Etoh, Finding a Connection Chain for Tracing Intruders, In F. Guppens, Y.Deswarte, D.Gollamann, M.Waidner (ed.): LNCS, Vol.1985, 2008
  4. Jung Hyeon Chul, TCP Connection Hijacking Attack , KISA, 2012
  5. Sei Dong Il, Implement of Internet packets watermark detection system, KISA, 2012
  6. X. Wang, D. Reeves, S. F. Wu, and J. Yuill, Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework, Proceedings ofIFIP Conference. on Security, Mar. 2001
  7. Kang dong ho, Sei Dong Il, Packet networks using watermarking technique based connection traceback system design, KIISE, 2012
  8. Sichoon Noh, Kuimam J.Kim, "Improved Structure Management of Gateway Firewall Systems for Effective Networks Security", Springer, 2008.
  9. Sichoon,Noh,"Building of an Integrated Multilevel Virus Protection Infrastructure", IEEE Computer Society, 2005.12.
  10. VeriTest, http://lionbridge.com
  11. ICSA Labs, http://www.icsalabs.com
  12. Tolly Group, http://tolly.com
  13. NSS Labs, http://www.nss.co.uk