Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2004.11C.7.959

Attacker Response Framework using Mobile Code  

Bang Hyo-Chan (ETRI 능동보안기술연구팀)
Him Jin-Oh (ETRI 능동보안기술연구팀)
Na Jung-Chan (ETRI 능동보안기술연구팀)
Jang Joong-Su (ETRI 네트워크보안그룹)
Lee Young-Suk (국립군산대학교 전자정보학부)
Publication Information
The KIPS Transactions:PartC / v.11C, no.7, 2004 , pp. 959-970 More about this Journal
Abstract
It has become more difficult to correspond an cyber attack quickly as patterns of attack become various and complex. However, current so curity mechanisms just have passive defense functionalities. In this paper, we propose new network suity architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture makes it possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service), by using active packet technology including a mobile code on active network. Also, it is designed to have more active correspondent than that of existing mechanisms. We im-plemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.
Keywords
Active Network; Distributed Denial-of-Service Attack; Attacker Isolation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Dan Sterne, Kelly Djahandari, Ravindra Balupari, William La Cholter, Bill Babson, Brett Wilson, Priya Narasimhan, and Andrew Purtell, 'Active Network Based DDoS Defense,' Proceedings of the DARPA Active Networks Conference and Exposition (DANCE.02), p.193, May, 2002   DOI
2 Hyun Joo Kim, Jung C. Na and Sung W. Sohn, 'Response To Distributed Denial-of Service Attack using Active Technology,' IMSA2004, Apr., 2004.
3 이수형, 나중찬, 손승원, '액티브 네트워크 기반 보안 기술 동향', 한국전자통신연구원 주간기술동향, 제1076호, Dec.,2002
4 이영석, 방효찬, 나중찬, '액티브 네트워크 기반의 위조 IP 공격 대응 메커니즘', 한국정보과학회 춘계학술발표논문집, Vol.4, No.4, 2003
5 방효찬, 손선경, 나중찬, 손승원, '액티브 네트워크를 이용한 능동 보안 관리 프레임워크', COMSW2002, Jul, 2002
6 P. Ferguson, D.Senie, 'Network Ingress Filtering : Defeating Denial of Service Attacks which employ IP Source Address Spoofing,' IETF RFC2827, May, 2000
7 B. Chang, D. Kimm Y. Kwon, T. Nam, T. Chung, 'Security Management by Zone Cooperation in Active Network Environment,' Proc. of the 2002 International Conference on Security Management (SAM'02), pp.187-192, 2002
8 D. Kat, 'IP Router Alert Option,' RFC 2113, IETF, Feb., 1997
9 Beom-Hwan Chang, Dong-Soo Kim, Hyun- Ku Kim, Jung- Chan Na, Tai-Myoung Chung, 'Active security management based on secure zone cooperation,' Future Generation Computer Systems, Vol.20, No.2, pp.283-293, February, 2004   DOI   ScienceOn
10 D. Scott Alexander, Bob Braden, Carl A. Gunter, Alden W. Jackson, Angelos D. Keromytis, Gary J. Minden, and David Wetherall, 'Active Network Encapsulation Protocol (ANEP),' Active Network Group Draft, July, 1997
11 Dan Schnackenberg, Kelly Djahandari and Dan Sterne, 'Infrastructure for Intrusion Detection and Response,' DARPA Information Survivability Conference and Exposition(DISCEX 2000), Jan., 2000   DOI
12 Spyros Denazis, 'Overview FAIN Programmable Network and Management Architecture-Draft Ver. 2.0,' WP3-HEL-056-Dl4-FAIN, FAIN Consortium, May 12th, 2003
13 Dan Schnackkenberg, Harley Holiday et al., 'Cooperative Intrusion Traceback and Response Architecture(CITRA),' DISCEX 2001, June, 2001   DOI
14 Dan Schnackenber, Travis Rei, Kelly Djahandar, Brett Wilso, 'Cooperative Intrusion Traceback and Response Architecture (CITRA),' NAI Labs Report #02-008 Feb., 2002
15 Sterne, D., 'Active Networks Intrusion Detection and Response (AN-IDR),' presentation at DARPA Fault Tolerant Networks Program Principal Investigators Meeting, Honolulu, HI, July, 2000
16 Stamatis Kamouskos, 'Dealing with Denial-of-Service Attacks in Agent-enabled Active and Programmable Infrastructures,' IEEE 25th International Computer Software and Application Software (COMSAC 2001), Oct., 2001   DOI