JOURNAL BROWSE
Search
Advanced SearchSearch Tips
A Countermeasure against the Abatement Attack to the Security Server
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
A Countermeasure against the Abatement Attack to the Security Server
Cho, Seong-Min; Lee, Hoon;
  PDF(new window)
 Abstract
In this work we propose a new method to countermeasure against the abatement attack to the security server that is induced by man-in-the-middle attack. To that purpose, we first investigate the state of the art in the current research about the abatement attack. After that, we propose a new countermeasure method that can cope with the unresolved problems in the current method, which can cover diverse types of network.
 Keywords
Secure Internet Server;Man-In-The-Middle Attack;Secure Switch;Secure Coding;
 Language
Korean
 Cited by
 References
1.
KrCERT, "ARP attack analysis and countermeasures", KISA, Technical Report, TR-2007-001_ARP_Spoofing, 2007.

2.
WEF, "WEF_Global_IT_Report_2015", World Economic Forum, pp. 183-291, 2015.

3.
C. S. Lim, W. K. Lee, "An Effective Protection Mechanism for SSL Man-in-the-Middle Proxy Attacks", Journal of Computing Science and Engineering vol. 16, no. 6, pp. 693-697, 2010.

4.
Mohan Gowda G S, Janardhan Singh, "Secure Search Engine for Mobile Users for Countering the Attacks over Internet", International Journal of Innovative Technology and Exploring Engineering, vol. 4, no. 2, pp. 7-10, 2014.

5.
T.H. Song, "A Study on the Defense Against MITM with Message-Level Security", MA dissertation, University of Seoul, Graduate School of Science and Technology, 2013.

6.
Man-in-the-middle attack [Internet]. Available: https://en.wikipedia.org/wiki/Man-in-the-middle_attack

7.
M. S. Song, "A study on Detection and Protection for ARP Spoofing Attack based on Routing Trace", MA dissertation, Seoul National University of Science and Technology, 2013.

8.
IETF RFC. 826, IEFF An Ethernet Address Resolution Protocol, IETF, David C. Plummer, 1982.

9.
I. H. Jung, "An Internet Stopper Using ARP Spoofing with Automatic Node Identification", Institute of Internet, Broadcasting and Communication, vol. 11, no. 6, pp93-106, 2011.

10.
Risk of Wi-Fi [Internet]. Available: http://blogsabo.ahnlab.com/1872

11.
S. B. Choi, C. H. Lim, "SSL Compare Products and classification of SSL acceleration technology", Cryptography & Network Security Center, Future Systems, Inc., Technical Report, FS-TR01-05,pp.16-17, 2001.

12.
sslstrip is a tool that demonstrates the HTTPS stripping attacks, [Internet]. Available: http://www.thoughtcrime. org/software/sslstrip/

13.
Vivek Ramachandran and Sukumar Nandi, "Detection ARP spoofing: An active technique", Cisco Systems, Inc., 2005.

14.
Kozierok, C.M. "TCP/IP Guide. 1 edn. No Starch Press", 2005.

15.
Ferdous A Barbhuiya, Santosh Biswas and Sukumar Nandi, "An active host-based detection mechanism for ARP Related attacks.", International Journal of Network Security & Its Applications, vol. 3, no. 3, 2011.

16.
arpwatch [Internet]. Available: http://www.arpalert.rg

17.
arpguard [Internet]. Available: https://www.arp-guard.com

18.
xarp [Internet]. Available: http://www.xarp.net/

19.
Configuring Dynamic ARP Inspection [Internet]. Available: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst 3750/software/release/12-2_25_see/configuration/guide/scg/swdynarp.html#wp1038527

20.
SG Secure Switch [Internet]. Available: http://handream. net/product/switch/sg/

21.
TiFRONT Secure Switch [Internet]. Available: http://www.piolink.co.kr/TiFRONT/sec/sec_01.asp

22.
S. P. Hong, "An efficient prevention technique using the reliable ARP table for ARP spoofing attacks", MA dissertation, Dept. Computing, Graduate School of Soongsil University, pp.9-10, 2011.

23.
JavaScript [Internet]. Available: https://en.wikipedia.org/wiki/JavaScript

24.
KISA, "Software Development Security Guide for e-government software development and Operators", Ministry of Government Administration and Home Affairs, (11-1311000-000330-10), pp. 4-6, 2013.