Browse > Article
http://dx.doi.org/10.9708/jksci.2021.26.06.009

Implementation of a security system using the MITM attack technique in reverse  

Rim, Young Woo (Dept. of Computer Engineering, Kyungsung University)
Kwon, Jung Jang (Dept. of Computer Engineering, Kyungsung University)
Publication Information
Journal of the Korea Society of Computer and Information / v.26, no.6, 2021 , pp. 9-17 More about this Journal
Abstract
In this paper, we propose a reversely using the "Man In The Middle Attack" attack technique as a way to introduce network security without changing the physical structure and configuration of the existing network, a Virtual Network Overlay is formed with only a single Ethernet Interface. Implementing In-line mode to protect the network from external attacks, we propose an integrated control method through a micro network security sensor and cloud service. As a result of the experiment, it was possible to implement a logical In-line mode by forming a Virtual Network Overlay with only a single Ethernet Interface, and to implement Network IDS/IPS, Anti-Virus, Network Access Control, Firewall, etc.,. It was possible to perform integrated monitor and control in the service. The proposed system in this paper is helpful for small and medium-sized enterprises that expect high-performance network security at low cost, and can provide a network security environment with safety and reliability in the field of IoT and embedded systems.
Keywords
Network protection; MITM Attack; ARP Poisoning; Virual network overlay; IoT Cloud;
Citations & Related Records
연도 인용수 순위
  • Reference
1 SuricataUserGuide, Dec.04.2020, https://suricata.readthedocs.io
2 T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Standards Track). DOI:10.17487/RFC5246
3 Kyung Sung. Analysis of Linux firewall based on Firewalld, Journal of Digital Contents Society Vol. 21, No. 3, pp.561-567 2020, DOI:10.9728/dcs.2020.21.3.561   DOI
4 Rami Radwan Omar, Tawfig M. Abdelaziz. A Comparative Study of Network Access Control and Software-Defined Perimeter. ICEMIS'20: Proceedings of the 6th International Conference on Engineering & MIS 2020 September, pp.1-5 2020 , DOI:10.1145/3410352.3410754   DOI
5 Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Elie Bursztein, Nicolas Lidzborski, Kurt Thomas, Vijay Eranti, Michael Bailey, J. Alex Halderman. Neither Snow Nor Rain Nor MITM...An Empirical Analysis of Email Delivery Security, IMC '15: Proceedings of the 2015 Internet Measurement ConferenceOctober Pages 27-39 2015, DOI:10.1145/2815675.2815695
6 Saqib Ali; Maitham H. Al Lawati; Syed J. Naqvi. Unified Threat Management System Approach for Securing SME's Network Infrastructure. ICEBE '12: Proceedings of the 2012 IEEE Ninth International Conference on e-Business EngineeringSeptember, pp.170-176 2012, DOI:10.1109/ICEBE.2012.36   DOI
7 Mariano Graziano, Corrado Leita, Davide Balzarotti. Towards network containment in malware analysis systems. ACSAC '12: Proceedings of the 28th Annual Computer Security Applications ConferenceDecember, pp.339-348 2012, DOI:10.1145/2420950.2421000   DOI
8 Myeong Ki Jeong, Seongjin Ahn, Won Hyung Park. A Comparative Study on Function and Performance of Snort and Suricat, Journal of Korea Society of Digital Industry and Information Management Volume 12 Issue 1 pp.1-12 2016, DOI:10.17662/ksdim.2016.12.1.089   DOI
9 BillKarakostas. A DNS Architecture for the Internet of Things: A Case Study in Transport Logistics Bill Karakostas, Procedia Computer Science Volume 19, pp.594-601, 2013, DOI:10.1016/j.procs.2013.06.079   DOI
10 Jeonghun Park, Wonchi Jeong, Sangik Oh, Namje Park. Policy Proposal to Improve Illegal Web Blocking Policy Based on SNI Blocking Technique, Journal of Korea Multimedia Society, vol.23, no.3, pp. 430-439 Mar.2020, DOI:10.9717/kmms.2020.23.3.430   DOI