• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.85-96
• /
• 2008

An authentication procedure on wired and wireless network will be done based on the registration and management process storing both the user's IP address and client device's MAC address information. However, existent MAC address registration/administration mechanisms were weak in MAC Spoofing attack as the attacker can change his/her own MAC address to client's MAC address. Therefore, an advanced mechanism should be proposed to protect the MAC address spoofing attack. But, existing techniques sequentially compare a sequence number on packet with previous one to distinguish the alteration and modification of MAC address. However, they are not sufficient to actively detect and protect the wireless MAC spoofing attack. In this paper, both AirSensor and AP are used in wireless network for collecting the MAC address on wireless packets. And then proposed module is used for detecting and protecting MAC spoofing attack in real time based on MAC Address Lookup table. The proposed mechanism provides enhanced detection/protection performance and it also provides a real time correspondence mechanism on wireless MAC spoofing attack with minimum delay.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38C no.11
• /
• pp.1044-1050
• /
• 2013

This paper analyzes what is mitigated as spoofing attack using the U-Blox Receiver and GPS RF signal generator developed at ETRI. Generally the spoofing attack made the target receiver to be wrong navigation solution by providing false measurement of code and carrier. So we analyzed the impact of spoofing attack through the signal strength and navigation solution. In oder to test of effect of anti-spoofing signal, we consider the signal with antiphase code to spoofing signal and generated GPS normal signal and spoofing signal and anti-spoofing signal using GPS RF signal generator. This paper analyzed that the GPS receiver was responded to the spoofing attack according to code phase difference between spoofing and anti-spoofing signal. We confirmed that the spoofing signal was disappeared by anti-spoofing signal if code phase is an exact match.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.9
• /
• pp.113-120
• /
• 2022

In this paper, we analyze the feasibility of the IP spoofing attack exploiting null security algorithms in 5G networks based on 3GPP standard specifications. According to 3GPP standard specifications, the initial Registration Request message is not protected by encryption and integrity. The IP spoofing attack exploits the vulnerability that allows a malicious gNB (next generation Node B) to modify the contents of the initial Registration Request message of a victim UE (User Equipment) before forwarding it to AMF (Access and Mobility Management Function). If the attack succeeds, the victim UE is disconnected from the 5G network and a malicious UE gets Internet services, while the 5G operator will charge the victim UE. In this paper, we analyze the feasibility of the IP spoofing attack by analyzing whether each signaling message composing the attack conforms to the 3GPP Rel-17 standard specifications. As a result of the analysis, it is determined that the IP spoofing attack is not feasible in the 5G system implemented according to the 3GPP Rel-17 standard specifications.

• Journal of Positioning, Navigation, and Timing
• /
• v.5 no.4
• /
• pp.165-172
• /
• 2016

A Global Navigation Satellite System (GNSS), which is typically exemplified by the Global Positioning System (GPS), employs a open signal structure so it is vulnerable to spoofing electronic attack using a similar malicious signal with that used in the GPS. It is necessary to require a spoofing test evaluation environment to check the risk of spoofing attack and evaluate the performance of a newly developed anti-spoofing technique against spoofing attacks. The present paper proposed a simulation method of spoofing environment based on simulator that can be implementable in a test room and analyzed the spoofing simulation performance using commercial GPS receivers. The implemented spoofing simulation system ran synchronized two GPS simulator modules in a single scenario to generate both of spoofing and GPS signals simultaneously. Because the signals are generated in radio frequency, a commercial GPS receiver can be tested using this system. Experimental test shows the availability of this system, and anti-spoofing performance of a commercial GPS receiver has been analyzed.

• Journal of Information Processing Systems
• /
• v.5 no.3
• /
• pp.131-134
• /
• 2009

Man-in-the-middle attack is used wildly as a method of attacking the network. To discover how this type of attack works, this paper describes a method of man-in-the-middle attack based on ARP spoofing, and proposes a method of preventing such attacks.

• Journal of Convergence Society for SMB
• /
• v.4 no.1
• /
• pp.47-53
• /
• 2014

DNS spoofing, the DNS server with the address of a specific web server intercepts them in the process of translating the attacker wants to forge a Web server that is a way to access. ARP spoofing ARP request and response messages for the protocol without authentication vorticity incorrect information as to the ARP Cache Table to store the MAC addresses of their vulnerability using the MAC address of the other computer as if it were a lie technique. These DNS / ARP spoofing attacks in detail to find out about how it looks at ways to prevent. Think about the future research directions.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.23 no.11
• /
• pp.1451-1461
• /
• 2019

DNS spoofing is an attack in which an attacker intervenes in the communication between client and DNS server to deceive DNS server by responding to a fake IP address rather than actual IP address. It is possible to implement a pharming site that hacks user ID and password by duplicating web server's index page and simple web programming. In this paper we have studied web spoofing attack that combines DNS spoofing and pharming site implementation which leads to farming site. We have studied DNS spoofing attack method, procedure and farming site implementation method for portal server of this university. In the case of Kyungsung Portal, bypassing attack and hacking were possible even though the web server was SSL encrypted and secure authentication. Many web servers do not have security measures, and even web servers secured by SSL can be disabled. So it is necessary that these serious risks are to be informed and countermeasures are to be researched.

• Journal of Positioning, Navigation, and Timing
• /
• v.10 no.3
• /
• pp.169-177
• /
• 2021

In this paper, we propose a novel global navigation satellite system (GNSS) spoofing detection technique through an array antenna-based direction of arrival (DoA) estimation of satellite and spoofer. Specifically, we consider a sophisticated GNSS spoofing attack scenario where the spoofer can accurately mimic the multiple pseudo-random number (PRN) signals since the spoofer has its own GNSS receiver and knows the location of the target receiver in advance. The target GNSS receiver precisely estimates the DoA of all PRN signals using compressed sensing-based orthogonal matching pursuit (OMP) even with a small number of samples, and it performs spoofing detection from the DoA estimation results of all PRN signals. In addition, considering the initial situation of a sophisticated spoofing attack scenario, we designed the algorithm to have high spoofing detection performance regardless of the relative spoofing signal power. Therefore, we do not consider the assumption in which the power of the spoofing signal is about 3 dB greater than that of the authentic signal. Then, we introduce design parameters to get high true detection probability and low false alarm probability in tandem by considering the condition for the presence of signal sources and the proximity of the DoA between authentic signals. Through computer simulations, we compare the DoA estimation performance between the conventional signal direction estimation method and the OMP algorithm in few samples. Finally, we show in the sophisticated spoofing attack scenario that the proposed spoofing detection technique using OMP-based estimated DoA of all PRN signals outperforms the conventional spoofing detection scheme in terms of true detection and false alarm probability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.892-911
• /
• 2019

Biometric recognition systems have been widely used for information security. Among the most popular biometric traits, there are fingerprint and face due to their high recognition accuracies. However, the security system that uses face recognition as the login method are vulnerable to face-spoofing attacks, from using printed photo or video of the valid user. In this study, we propose a fast and robust method to detect face-spoofing attacks based on the analysis of spatial frequency differences between the real and fake videos. We found that the effect of a spoofing attack stands out more prominently in certain regions of the 2D Fourier spectra and, therefore, it is adequate to use the information about those regions to classify the input video or image as real or fake. We adopt a divide-conquer-aggregate approach, where we first divide the frequency domain image into local blocks, classify each local block independently, and then aggregate all the classification results by the weighted-sum approach. The effectiveness of the methodology is demonstrated using two different publicly available databases, namely: 1) Replay Attack Database and 2) CASIA-Face Anti-Spoofing Database. Experimental results show that the proposed method provides state-of-the-art performance by processing fewer frames of each video.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.05a
• /
• pp.281-284
• /
• 2010

The characteristics of International Hacking is that because even if with tracing techniques, nobody can find Real IP address of the attacker so it is true that Great difficulty in the investigation. so that an attacker goes through the Proxy Server Many times and they use techniques of IP Spoofing to hide their IP address. In this paper, study How attackers use IP Spoofing Technique and the application of Proxy Server. In addition, to Propose IP Spoofing attacks through the Proxy Server attack and defend methods also IP traceback methods so this study materials will contribute to the development of International Hacking and Security Protection Technology.