Browse > Article
http://dx.doi.org/10.6109/jkiice.2013.17.3.641

A Design of Network Management System for Efficiently Isolating Devices Infected with ARP Spoofing Virus  

Ko, Bong-Koo (전북대학교 정보전산원)
Chung, Seung-Jong (전북대학교 IT정보공학과)
Cho, Gi-Hwan (전북대학교 컴퓨터공학부(클라우드오픈R&D센터))
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.17, no.3, 2013 , pp. 641-648 More about this Journal
Abstract
ARP spoofing is a typical Internet attack, in which an attacker sends data by changing his's MAC address with the other's one. Currently, this attack is usually dealt with separating the attacking PCs infected with ARP spoofing virus, by keeping network devices investigating by the network manager. However, this manual process has some limitations in time and accuracy. This paper proposes a new network management system to replace the effort of network manager who has to keep on inspecting the network. Along with designing an ARP analyzer and a disconnection notifier and adding them into the existing network management system, the proposed system provides a basement to identify and notify the PC infected by an ARP spoofing virus with fast and high accuracy. As a result, it is expected to minimize the network break off and to make easy the network management.
Keywords
Spoofing; Virus; MAC Address; Network Management System;
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 인터넷침해대응센터, 인터넷 침해사고 동향 분석 및 월보, http://www.krcert. or.kr
2 D. Bruschi, A. Ornaghi, and E. Rosti, "S-ARP: a Secure Address Resolution Protocol," Proc. on 19th Annual Computer Security Applications, pp. 66-74, Dec. 2003
3 N. Hubballi, S. Biswas, S. Roopa, R. Ratti, and S. Nandi, "LAN Attack Detection using Discrete Event Systems," ISA Transactions, vol. 50, no. 1, pp. 119-300, 2011   DOI   ScienceOn
4 서우일, 박현민, 최병석, 박재현, "TCP Connection ARP Spoofing/Hijacking에 대한 탐지 및 추적에 대한 연구," 2000년도 정보통신산업진흥원 추계종합 학술발표회 논문집
5 신윤호, 임광혁, 임을규, "TCP/IP환경에 기반한 SCADA 시스템의 ARP Spoofing 공격 가능성 연구," 한국사이버테러정보전학회, 정보보안논문지, 제9권, 제3호, pp. 9-17, 2009. 9
6 G. Hao and G. Tao, "Principle of and Protection of man-in-the-middle Attack based on ARP Spoofing," Journal of Information Processing Systems, vol. 5, no. 3, pp. 131-134. Sept. 2009   DOI   ScienceOn
7 서우석, 전문석, "통합보안정책 알고리즘 적용에 따른 최적화 방어 시스템 구축에 관한 연구," 한국정보보호학회 논문지, 제21권, 제4호, 2011. 8
8 홍승표, 오명진, 이수연, 이상준 "신뢰적인 ARP 테이블의 운영을 통한 ARP 스푸핑 공격에 대한 효율적인 방어 기법," 정보과학회 논문지: 컴퓨팅의 실제 및 레터, 제17권 제1호, pp. 26-30, 2011. 1   과학기술학회마을
9 V. Ramachandran and S. Nandi, "Detecting ARP Spoofing: An Active Technique," Proc. on ICISS, pp. 239-250, 2005
10 정인환, "자동노드 인식 기능을 갖는 ARP 스푸핑을 이용한 인터넷 차단기," 한국인터넷방송통신학회 논문지, 제11권, 제6호, pp. 93-106, 2011. 12
11 이승재, ARP Spoofing과 Network Sniffing 연동 공격의 탐지 및 추적에 관한 연구, 성균관대학교, 정보통신대학원, 석사학위논문, 2006
12 이보만, 박대우, "해외에서 Proxy Server를 연동한 우회적인 공격기법 연구," 한국해양정보통신학회 춘계학술대회 논문집, pp.432-435, 2011
13 J. Koo, S. Ahn, Y. Lim, and Y. Mun, "Evaluation of Network Blocking Algorithm Based on ARP Spoofing and Its Application," LNCS 3481, pp. 177-186, 2005
14 J. Bae, S. Ahn, and J. Chung, "Network Access Control and Management using ARP Spoofing in Various Windows Environment," Proc. on Information Science and Applications (ICISA), pp. 1-10, 2011