• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.1
• /
• pp.14-26
• /
• 2008

IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.

• The Journal of Society for e-Business Studies
• /
• v.10 no.2
• /
• pp.89-108
• /
• 2005

The SOAP specifications are not provided a functions of information security, especially authentication function. In case of user authentication, delivery of the username and password elements can be exposed to sniffing/replay attack by malicious attacker. In this paper, we propose a new mechanism to protect authentication attacks for the SOAP messages. The proposed mechanism is compensated for weakness of S/KEY system. Our mechanism has no limitation for time and overhead and also provide a more effective and secure delivery.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.187-194
• /
• 2008

This paper proposes an effective countermeasure to an intrinsic hardware vulnerability of the keyboard controller that causes sniffing problem on the password authentication system based on the keyboard input string. Through the vulnerability, some possible attacker is able to snoop whole the password string input from the keyboard even when any of the existing keyboard protection software is running. However, it will be impossible for attackers to gather the exact password strings if the proposed policy is applied to the authentication system though they can sniff the keyboard hardware protocol. It is expected that people can use secure Internet commerce after implementing and applying the proposed policy to the real environment.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.915-918
• /
• 2002

최근 인터넷의 확산에 따라 여러 가지 침해사고 발생이 증가하고 있는 추세이다. 그 중에도 인터넷의 표준 프로토콜로 사용 중인 TCP/IP 의 전송방식이 암호화하지 않은 텍스트기반으로 이루어진 데이터이기에 간단한 스니핑 기법으로도 데이터 유출 및 절취가 가능하다. 동일 네트워크에 대형 시스템들이 몰려 있는 웹호스팅 업체나 IDC등에서는 더 유의해야 한다. 취약한 하나의 시스템만 관리자 권한을 획득하여 스니퍼를 돌린다면 전체 네트워크를 장악하게 되며, 외부 공격자뿐만 아니라 내부 공격자에게도 큰 취약점을 가지고 있다. 본 논문에서는 이러한 스니핑 공격을 원격지에서 실시간으로 탐지해 냄으로서 스니핑 공격에 대처할 수 있도록 시스템을 구현하였다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2001.10a
• /
• pp.733-735
• /
• 2001

네트워크가 보편화되면서 사이버 공간을 이용한 테러가 전 세계적으로 발생하고 있다. TCP/IP 프로토콜은 현재 가장 많이 사용되고 있는 네트워크 기술중의 하나로 인터넷뿐만 아니라, 많은 소규모의 사설 컴퓨터네트워크에서도 많이 사용되고 있다. 그러나 TCP 자체가 가지고 있는 보안 취약점 때문에 SYN 공격, TCP Sequence Number 공격, IP Spoofing, TCP Connection hijacking, Sniffing 과 같은 다양한 해킹 기법이 등장하고 있다. 본 논문에서는 TCP/IP 프로토콜 취약점을 이용하여 공격할 경우 이를 탐지하거나 차단하지 못하는 경우에 대비하여 실시간 접근 로그 파일을 생성하여 시스템 관리자가 의사결정을 할 수 있는 것과 동시에 시스템 스스로 대처할 수 있는 시스템을 구현하여 타당성을 검증하고 그에 따른 기대효과를 제시 한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.9
• /
• pp.1187-1192
• /
• 2020

The dronebot combat system is a representative model of the future battlefield in the 4th industrial revolution. In dronebot, unmanned reconnaissance tankrobot can minimize human damage and reduce cost with higher combat power than humans. However, since the battlefield environment is very complex such as obstacles and enemy situations, it is also necessary for the pilot to control the tankrobot. Tankrobot are robots with new ICT technology, capable of hacking attacks, and if there is an abnormality in control, it can pose a threat to manipulation and control. A Bluetooth sniffing attack was performed on the communication section of the tankrobot and the controller to introduce a vulnerability to Bluetooth, and a countermeasure using MAC address exposure prevention and communication section encryption was proposed as a security measure. This paper first presented the vulnerability of tankrobot to be operated in future military operations, and will be the basic data that can be used for defense dronebot units.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2011.06a
• /
• pp.91-94
• /
• 2011

Smart Grid에 사용되는 전기IT기기에서 Bluetooth의 보안 취약점이 발견되고 있다. 특히 전기안전을 위한 감시센서 정보전달을 맡고 있어서 위험성은 더욱 커진다. 본 논문은 Bluetooth가 탑재된 전기IT기기에 대한 Hacking Tool 분석을 실시하고, Bluetooth 취약점을 이용한 DoS, Sniffing공격 등 Tool 공격을 실행하고, Smart Grid와 U-IT 전기기기와 전력망에 대한 보안 방안 제시를 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.35-45
• /
• 2005

There has recently been an increase of phishing attacks, attacks which lure users into revealing their personal information to an attacker who in turn exploits this information for economic gain. The conventional methods of fooling the user with similarly modified mail or address are constantly evolving and have diversified to include the forgery of mail or domain addresses. Recently the injury incurred by these attacks has greatly increased as attackers exploit the weaknesses found on a few web browsers and used these to conduct phishing attacks based on URL spoofing. Furthermore we are now witnessing the entrance of highly advanced phishing techniques that no longer simply rely on vulnerabilities, but employ ordinary script, HTML, DNS sniffing, and the list goes on. In this paper we first discuss means of investigating and preventing the advanced URL spoofing techniques used in phishing attacks, and then propose a scheme for fundamentally restricting them altogether.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.2
• /
• pp.287-293
• /
• 2009

This paper would suggest about data communicate using RF Transmitter-Receiver and about PC protection method authenticate using software of PC which Receiver is connected. Older PC protection system is demanded manual operation of the user but the suggesting method protect PC automatically with judge existing of the user who has Tag approaches the distance which gets near. And it is impossible about the forgery and it is safe about sniffing attack and spoofing.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.493-496
• /
• 2018

Wi-Fi Protected Access2 (WPA2), a recommended Wi-Fi communication security technology, vulnerabilities are found and Users' personal information may also be exposed. In this paper, we analyze security vulnerabilities of public Wi-Fi by attack and seek to find ways to securely use Wi - Fi by users.