• 제목/요약/키워드: Cyber Urgent Shelter

검색결과 2건 처리시간 0.016초

DNS을 목표한 DDoS공격에 효과적인 대응 방법 제안 (A Proposal Countermeasure to DDoS attacks targered DNS)

  • 최지우;천명진;홍도원;서창호
    • 정보보호학회논문지
    • /
    • 제23권4호
    • /
    • pp.729-735
    • /
    • 2013

  • 최근 이슈가 되고 있는 DDoS 공격은 주요 정부기관 및 금융기관 인터넷 사이트를 마비시키는 사이버 테러의 수단으로 사이버 안위를 위협하고 있다. 현재 사용되고 있는 공격 방법은 기존의 방법보다 진화된 방법으로 차단이 쉽지 않아 그로 인한 피해가 커지고 있는 상황이다. 이어서, 본 논문에서는 최근 계속적으로 진화하고 있는 DDoS 공격 중에서 DNS를 목표로 하는 DDoS 공격이 발생하는 사례를 보여주었다. 그러나 현재는 DNS를 목표로 하는 DDoS 공격에 대한 방어가 미비하다. 이를 보완하기 위해서 한국인터넷진흥원에서 운영 중인 사이버대피소에 착안하여 DNS에 대한 DDoS 공격의 대응 방안으로 DNS 사이버대피소를 제안하고자 한다.

  • https://doi.org/10.13089/JKIISC.2013.23.4.729 인용 PDF KSCI HTML

관리자에게 경고 알림을 보낸 후 트래픽 측정을 기준으로 RDDoS 공격을 방어하는 시스템 설계 (Designing a system to defend against RDDoS attacks based on traffic measurement criteria after sending warning alerts to administrators)

  • 차연수;김완태
    • 디지털산업정보학회논문지
    • /
    • 제20권1호
    • /
    • pp.109-118
    • /
    • 2024

  • Recently, a social issue has arisen involving RDDoS attacks following the sending of threatening emails to security administrators of companies and institutions. According to a report published by the Korea Internet & Security Agency and the Ministry of Science and ICT, survey results indicate that DDoS attacks are increasing. However, the top response in the survey highlighted the difficulty in countering DDoS attacks due to issues related to security personnel and costs. In responding to DDoS attacks, administrators typically detect anomalies through traffic monitoring, utilizing security equipment and programs to identify and block attacks. They also respond by employing DDoS mitigation solutions offered by external security firms. However, a challenge arises from the initial failure in early response to DDoS attacks, leading to frequent use of detection and mitigation measures. This issue, compounded by increased costs, poses a problem in effectively countering DDoS attacks. In this paper, we propose a system that creates detection rules, periodically collects traffic using mail detection and IDS, notifies administrators when rules match, and Based on predefined threshold, we use IPS to block traffic or DDoS mitigation. In the absence of DDoS mitigation, the system sends urgent notifications to administrators and suggests that you apply for and use of a cyber shelter or DDoS mitigation. Based on this, the implementation showed that network traffic was reduced from 400 Mbps to 100 Mbps, enabling DDoS response. Additionally, due to the time and expense involved in modifying detection and blocking rules, it is anticipated that future research could address cost-saving through reduced usage of DDoS mitigation by utilizing artificial intelligence for rule creation and modification, or by generating rules in new ways.

  • https://doi.org/10.17662/ksdim.2024.20.1.109 인용 PDF HTML