• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.2904-2918
• /
• 2020

With a huge demand for replicated content on the Internet, a new networking paradigm called information-centric networking (ICN) has been introduced for efficient content dissemination. In ICN, named content is distributed over the network cache and it is accessed by name instead of a location identifier. These aspects allow users to retrieve content from any of the nodes having replicas, and consequently 1) network resources are more efficiently utilized by avoiding redundant transmission and 2) more scalable services are provided by distributing server loads. However, in-network caching in ICN brings about a new type of security issues, called content poisoning attacks, where fabricated content is located in the network cache and interferes with the normal behavior of the system. In this paper, we look into the problems of content poisoning in ICN and discuss security architectures against them. In particular, we reconsider the state-of-the-art schemes from the perspective of feasibility, and propose a practical security architecture.

• The KIPS Transactions:PartC
• /
• v.15C no.4
• /
• pp.227-238
• /
• 2008

As the internet users rise up rapidly, DNS information forgery can cause severe socio-economic damages. However, most studies on DNS information security reached the breaking point in applying to actual circumstances because of the limit of existing DNS system version, the increasement of management burden and etc. The paper proposes the real-time method for detecting cache poisoning of DNS system independent of analysing the DNS forgery types in the current DNS service environment. It also proposes the method of enhancing the reliability for the cache information of Recursive DNS system by post-verifying the cache information of the DNS system.

• Proceedings of the IEEK Conference
• /
• 2004.08c
• /
• pp.540-543
• /
• 2004

Address Resolution Protocol (ARP) cache poisoning is a MAC layer attack that can only be carried out when an attacker is connected to the same local network as the target machines. ARP is not a new problem, but wireless network introduces a new attack point and more vulnerable to the attack. The attack on wireless network cannot be detected by current detection tool installed on wired network. In order to detect the ARP poisoning attack, there must be a ARP poisoning detection tool for wireless LAN environment. This paper proposes linux-based ARP poisoning detection system equipped with wireless LAN card and Host AP device driver

• KSCI Review
• /
• v.14 no.2
• /
• pp.205-214
• /
• 2006

Is need Remote Access through internet for business of Ubiquitous Computing age, and apply OTP for confidentiality about inputed ID and Password, network security of integrity. Current OTP must be possessing hardware or Token, and there is limitation in security. Install a Snooping tool to OTP network in this treatise, and because using Cain, enforce ARP Cache Poisoning attack and confirm limitation by Snooping about user password. Wish to propose new system that can apply Tokenless OTP by new security way, and secure confidentiality and integrity. Do test for access control inflecting Tokenless OTP at Remote Access from outside. and could worm and do interface control with certification system in hundred. Even if encounter hacking at certification process, thing that connection is impossible without pin number that only user knows confirmed. Because becoming defense about outward flow and misuse and hacking of password when apply this result Tokenless OTP, solidify security, and evaluated by security system that heighten safety.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.1 s.45
• /
• pp.107-116
• /
• 2007

Is need Remote Access through internet for business of Ubiquitous Computing age, and apply OTP for confidentiality about inputed ID and Password, network security of integrity. Current OTP must be possessing hardware of Token, and there is limitation in security. Install a Snooping tool to OTP network in this treatise, and because using Cain, enforce ARP Cache poisoning attack and confirm limitation by Snooping about user password. Wish to propose new system that can apply Tokenless OTP by new security way, and secure confidentiality and integrity. Do test for access control inflecting Tokenless OTP at Remote Access from outside, and could worm and do interface control with certification system in hundred. Even if encounter hacking at certification process, thing that connection is impossible without pin number that only user knows confirmed. Because becoming defense about outward flow and misuse and hacking of password when apply this result Tokenless OTP, solidify security, and evaluated by security system that heighten safety.

• 한국IT서비스학회:학술대회논문집
• /
• 2008.05a
• /
• pp.578-581
• /
• 2008

전 세계적으로 급격한 컴퓨터 보급률 확대와 인터넷 활용인구의 증가에 힘입어 사회와 문화, 산업전반에 걸쳐 인터넷의 활용도는 눈부신 성장을 이어가고 있다. 하지만 기존의 IP 체계가 주소할당과 보안 등의 이유들로 많은 문제점들이 나타나고 있으며 이에 대한 해결방안으로 지금 전 세계는 IPv6로의 전환에 많은 연구와 노력을 기울이고 있다. 이러한 IP체계의 전환시점에서도 여전히 발생할 수 있는 DNS 주소 위변조 공격을 막고 안정적으로 도메인 네임 서비스를 사용자에게 제공할 수 있는 방안으로 DNSSEC을 개발하였다. 본 논문에서는 DNSSEC이 가지고 있는 과부하의 문제점을 분석하여 그에 대한 해결방안을 제안한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.5
• /
• pp.36-46
• /
• 2019

The number of hosts connected to the Internet has increased dramatically, introducing the Domain Name System(DNS) in 1984. DNS is now an important key point for all users of the Internet by allowing them to use a convenient character address without memorizing a series of numbers of complex IP address. However, relative to the importance of DNS, there still exist many problems such as the authorization allocation issue, the disputes over public registration, security vulnerability such as DNS cache poisoning, DNS spoofing, man-in-the-middle attack, DNS amplification attack, and the need for many domain names in the age of hyper-connected networks. In this paper, to effectively improve these problems of existing DNS, we proposed a method of implementing DNS using distributed ledger technology, blockchain, and implemented using a Ethereum-based platform. In addition, the qualitative analysis performance comparative evaluation of the existing domain name registration and domain name server was conducted, and conducted security assessments on the proposed system to improve security problem of existing DNS. In conclusion, it was shown that DNS services could be provided high security and high efficiently using blockchain.