Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2004.11C.7.993

A Study on Tools for Worm Virus & DDoS Detection  

Lee Myung-Sun (한국과학기술정보연구원 슈퍼컴퓨팅센터)
Lee Jae-Kwang (한남대학교 컴퓨터공학과)
Publication Information
The KIPS Transactions:PartC / v.11C, no.7, 2004 , pp. 993-998 More about this Journal
Abstract
As Worm Virus & DDoS attack appeares, the targets and damage of infringement accidents are extending from specific system or services to paralysis of the network itself. These attacks are expending very frequently and strongly, and ISP who will be used as the path of these attacks will face serious damages. But compare to Worm Virus & DDoS attack that generally occures in many Systems at one time with it's fast propagation velocity, network dimensional opposition is slow and disable to deal with the whole appearance for it is operated manually by the network manager. Therefore, this treatise present devices how to detect Worm Virus & DDoS attack's outbreak and the attacker(attacker IP adderss) automatically.
Keywords
Worm Virus; DDoS; Netflow; Flowscan; Intrustion Detection; Cflowd;
Citations & Related Records
연도 인용수 순위
  • Reference
1 K. J. Houle, G. M. Weaver, CERT, 'Trends in Denial of Service Attack Technology,' http://www.cert.org/archive/pdf/DoS_trends.pdf, Oct., 2001
2 정재훈, 이승윤, 김용진, 인터넷 트래픽 수동적 측정 도구 Cflowd 의 설치 및 설정 방법, 2001
3 정현철, 변대용, KISA, '트래픽 분석을 통한 서비스거부공격 추적', http://www.kisa.or.kr, Jan., 2003
4 Arno Wagner, Thomas Dubendorfer, ETH Zurich, 'DDoS Attack Detection based on Netflow Logs, Feb., 2003
5 김승해, '서비스거부공격 자동탐지스스템 설계 및 구현', Aug., 2003
6 최우형, '침입자 추적 대응 기술 - Netflow를 통한 탐지 기법', 2004
7 CAIDA, http://caida.org/tools/measurement/cflowd
8 CAIDA, http://www.caida.org/tools/utilities/arts
9 KrCERT, http://www.krcert.or.kr/
10 Flowscan+, http://flowscan.kreonet2.net/
11 CERTCC-KR, KISA, 'MS-SQL 슬래머(Slammer) 공격 테스트 및 사고대응', http://www.certcc.or.kr, Jan., 2003