DOI QR코드

DOI QR Code

Design and Implementation of a Network Packet Scanner based on Multi-Platform

멀티 플랫폼 기반의 네트워크 패킷 스캐너 설계 및 구현

  • 이우인 (서울벤처정보대학원대학교 컴퓨터응용기술학과) ;
  • 양해술 (호서대학교 벤처전문대학원)
  • Received : 2010.01.26
  • Accepted : 2010.03.10
  • Published : 2010.03.28

Abstract

The recent trend of the hacking deals with all the IT infrastructure related to the profit of the companies. Presently, they attack the service itself, the source of the profit, while they tried to access to the service infrastructure through the non-service port in the past. Although they affect the service directly, it is difficult to block them with the old security solution or the old system and they threaten more and more companies with the demand of money menacing the protection of customers and the sustainable management. This paper aims to design and implement multi-platform network packet scanner targeting the exception handling network intrusion detection system which determines normal, abnormal by traffic. Linux and unix have the various network intrusion detection and packet management tools like ngrep, snort, TCPdump, but most of them are based on CUI (Character based User Interface) giving users discomfort who are not used to it. The proposed system is implemented based on GUI(Graphical User Interface) to support the intuitive and easy-to-use interface to users, and using Qt(c++) language that supports multi-platform to run on any operating system.

Keywords

Packet Scanner;Packet Management Tool;Information System Management

References

  1. 김기현, 김동욱, 박정곤, 권진현, 김도형, 탐지 오인률이 낮은 실시간 Anomaly IDS 개발, 정보통신연구진흥원, 2008.
  2. 강석복, 통계적 추정과 가설검정, 경문사, 2002.
  3. 자스민 블랑쉐, 마크 서머필드, Qt4를 이용한 C++ GUI 프로그래밍, ITC, 2009.
  4. 라용환, 천은홍, "비정상 연결시도를 탐지한 포트스캔 탐지 시스템의 설계 및 구현", 한국사이버테러정보전학회 정보.보안논문지, Vol.7, No.1, pp.63-75, 2007.
  5. 김재광, 김가을, 고광선, 강용혁, 엄영익, "비정상 트래픽 제어 프레임워크를 위한 퍼지로직 기반의 포트스캔 공격 탐지기법", 한국정보처리학회 제23회 춘계학술발표대회 논문지, pp.1185-1188, 2005.
  6. 김익수, 조혁, 김명호, "스캔 기반의 인터넷 웜 공격 탐지 및 탐지룰 생성 시스템 설계 및 구현", 정보처리학회논문지, Vol.12, No.98, pp.191-200, 2005.
  7. 한국정보보호진흥원, "2008-정보보호 실태조사", 한국정보보호진흥원, 2009.
  8. H. Debar, D. Curry, and B. Feinstein, The Intrusion Detection Message Exchange Format, IETF Internet Draft, draft-ietf-idwg-idmef-xml-14, 2005.
  9. Y. Tang, L. Qian, B. Bou-Diab, A. Krishnamurthy, G. Damm, and Y. Wang, "High-Performance Implementation for Graph-Based Packet Classification Algorithm on Network Processor," IEEE International Conference on Communications (ICC 2004), Vol.2, pp.1268-1272, 2004.
  10. Anthony Jonesn, Network Programming for Microsoft Windows - 2nd Edition, 정보문화사, 2002.
  11. Frederic Cuppens, Alexander Mierge, "Alert Correlation in a Cooperative Intrusion Detection Framework," IEEE Symposium on Security and Privacy 2002.
  12. IETF, A Simple Network Management Protocol, RFC 1157.
  13. Qt programming, “http://kylix.borlandforum.com/impboard/impboard.dll?action=read&db=kylix_tutorial&no=1”
  14. Qt technical paper, "http://qt.nokia.com/products"