Journal of the Korea Convergence Society (한국융합학회논문지)

Korea Convergence Society (한국융합학회)
권호 표지
DOI QR코드

DOI QR Code

ARP Spoofing attack scenarios and countermeasures using CoAP in IoT environment

IoT 환경에서의 CoAP을 이용한 ARP Spoofing 공격 시나리오 및 대응방안

  • Seo, Cho-Rong (Division of Information Communication, BaekSeok University) ;
  • Lee, Keun-Ho (Division of Information Communication, BaekSeok University)
  • 서초롱 (백석대학교 정보통신학부) ;
  • 이근호 (백석대학교 정보통신학부)
  • Received : 2016.06.21
  • Accepted : 2016.08.12
  • Published : 2016.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Due to the dazzling development of IT in this IT-oriented era, information delivering technology among objects, between objects and humans, and among humans has been actively performed. As information delivery technology has been actively performed, IoT became closely related to our daily lives and ubiquitous at any time and place. Therefore, IoT has become a part of our daily lives. CoAp, a web-based protocol, is mostly used in IoT environment. CoAp protocol is mostly used in the network where transmission speed is low along with the huge loss. Therefore, it is mostly used in IoT environment. However, there is a weakness on IoT that it is weak in security. If security issue occurs in IoT environment, there is a possibility for secret information of individuals or companies to be disclosed. If attackers infect the targeted device, and infected device accesses to the wireless frequently used in public areas, the relevant device sends arp spoofing to other devices in the network. Afterward, infected devices receive the packet sent by other devices in the network after occupying the packet flow in the internal network and send them to the designated hacker's server. This study suggests counter-attacks on this issues and a method of coping with them.

최근 IT시대인 만큼 IT기술의 눈부신 발전으로 인해 사물 대 사물, 사물 대 사람, 사람 대 사람 간의 정보 전달 기술이 활발해지고 있다. 정보 전달 기술이 활발해 지고 있는 만큼 IoT는 우리 일상생활에 밀접하게 다가와 언제 어디에서나 흔하게 볼 수 있을 만큼 우리 일상생활의 한 부분을 차지하고 있다. IoT 환경에서는 주로 웹기반 프로토콜인 CoAP 프로토콜을 사용한다. CoAP 프로토콜은 전송 속도가 낮고 손실이 큰 네트워크에서 주로 사용되기 때문에 IoT 환경에서 주로 사용된다. 그러나 IoT는 보안적으로 취약하다는 단점이 있다. 만약, IoT 환경에서 보안에 노출 될 경우 개인정보 또는 기업의 기밀 정보 등이 유출 될 가능성이 있다. 공격자가 IoT 환경에서 대상 디바이스를 감염 시킨 후 감염된 디바이스가 공공장소에서 흔히 사용되는 무선인터넷에 접속 했을 시 장악된 디바이스는 내부망에 있는 디바이스들에게 arp spoofing을 보낸다. 그 후 내부망 패킷의 흐름을 장악한 후에 내부망에 있는 디바이스들이 보내는 패킷을 감염된 디바이스가 받아 지정된 해커의 서버에 보낸다. 본 논문에서는 이에 관한 공격 방법과 대응방안을 제안한다.

Keywords

References

  1. Wanjin Chang, Yongtae Shin, "A Study on the Network and Security for the Internet of Things," Korean Institute Of Information Technology, pp. 19-21, 2015.
  2. Jun-Young Go, Keun-Ho Lee, “SNS di s closure of pe rsonal information in M2M envi ronment threats and counte rmeasures,” Korea Convergence Society, Vol. 5, No. 1, pp. 29-34, 2014.
  3. Seung-Hyeon Choi, Cho-Rong Seo, Keun-Ho Lee, "Device Hacking Scenario and Countermeasures with CoAP in the Internet of Things Environment," Journal of the Korea Convergence Society
  4. Joosang Youn, Hun Choi, "CoAP-based Reliable Message Transmission Scheme in IoT Environments", The Korean Society Of Computer And Information, pp. 79-84, 2016.
  5. Kyong-Ho Han, Seong-Ho Lee, "A Study on the Security Threats of IoT Devices Exposed in Search Engine", The Korean Institute of Electrical Engineers, pp. 128-134, 2016.
  6. Hyeon-Su Byeon , Mi-Ra Kang, “The Study of Factors on Information System Success through Web Assimilation,” The Korea Society of Digital Policy, Vol. 13, No. 11, pp. 85-97, 2015.
  7. Cheol-Min Kim, Hyung-Woo Kang, Ji-In Kim, Seok-Joo Koh, "An Implementation of the Low Power Device Communication using CoAP Protocol in Internet of Things Environment," Korea Institute of Communication Sciences, pp. 102-103, 2015.
  8. Seok-Kap Go, Il-Gyun Park, Seung-Cheol Son, Byeong-Tak Lee, “Trends of IETF CoAP Based Sensor Connection Protocol Technology,” ETRI, Vol. 28, No. 6, pp. 133-139, 2013.
  9. Nam-Hui Gang, “Standard technology trends for the security of the internet objects,” Korea Institute of Communication Sciences, Vol. 31, No. 9, pp. 40-45, 2014.
  10. Woo-Il Seo, Hyun-Min Park, Byeong-Seong Choe, Jae-Hyun Park, "A Study on Detection and trace for TCP Connection ARP Spoofing/Hijacking," Korea Institute of Communication Sciences, pp. 1115-1118, 2000.
  11. Woo-Il Seo, Hyun-Min Park, Byeong-Seong Choe, Jae-Hyun Park, "A Study on Detection and trace for TCP Connection ARP Spoofing/Hijacking," Korea Institute of Communication Sciences, pp. 1115-1118, 2000.
  12. Bong-Koo Ko, Seung-Jong Chung, Gi-hwan Cho, “A Design of Network Management System for Efficiently Isolating Devices Infected with ARP Spoofing Virus,” Korea Institute of Communication Sciences, Vol. 17, No. 3, pp. 641-648, 2013.
  13. Seung-Pyo Hong, "An efficient prevention technique using the relible ARP table for ARP spoofing attacks," Soongsil University, pp. 1-25, 2011.
  14. Hyun-Uk Hwang, Eun-Shin Park, Jong-Baek Park, "A Study on ARP Spoofing ingAttack and Prevention Method," Korea Institute of Communication Sciences, pp. 1821-1824, 2001.
  15. Ji-Woo Kang, Jea-Gi Son, Jea-Hoon An, "ARP Spoofing Detection and Prevention Method using Spark Streaming," The Institute of Electronics Engineers of Korea, pp. 194-195, 2016.