디지털융복합연구 (Journal of Digital Convergence)

  • 제12권8호
  • /
  • Pages.243-248
  • /
  • 2014
  • /
  • 2713-6434(pISSN)
  • /
  • 2713-6442(eISSN)
한국디지털정책학회 (The Society of Digital Policy and Management)
권호 표지
DOI QR코드

DOI QR Code

IPSec 보안 이슈와 대응 방안

Issues and Security on IPSec: Survey

  • Hong, Sunghyuck (Baekseok University, Division of Information and Communication)
  • 투고 : 2014.06.11
  • 심사 : 2014.08.20
  • 발행 : 2014.08.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

IPSec은 네트워크상에서 안전한 통신환경을 제공하기 위해 사용하는 보안 프로토콜로, 헤더 인증(Authentication Header)과 데이터와 송신자를 인증하는 Encapsulating Security Payload (ESP) 서비스를 제공하며, 이에 대한 기본적인 개념과, IPSec의 종류를 알아보고 활용되는 방법에 대해서 조사하였다. IPSec 프로토콜이 악용되었을 때의 문제점과 그에 대한 대응책을 알아보고 IPSec을 통한 DDoS 공격에 대한 해결방법을 제시하여 IPSec 프로토콜 사용을 통한 안전한 통신환경을 구축하고자 한다.

IPSec provides two services that are authentication header and Encapsulating Security Payload(ESP). In this research work, security issues on the Internet and the basic concept of IPSec are described. Security issues on the Internet are presented and proposed a possible solution for DDoS attack using IPSec. Therefore, this research will be able to contribute for building secure communication against DDoS attack.

키워드

참고문헌

  1. Kent, S.; Atkinson, R.. IP Encapsulating Security Payload (ESP). IETF. RFC 2406, November 1998.
  2. Juhyuk Kim; Myungmook Han. "A Study of the NATted Host Identification Algorithm Using Pattern Analysis from Extended IP Header Information". Proceedings of KIIS spring Conference 2011 Vol.21. No.1. pp. 42-43. Apr. 2011
  3. TaeSeok Jin, "Protocol and Algorithm Trend for IPSec Technology", 2011 spring conference proceedings of 'Korean Institue of Intelligent Systems' Vol.21, No.1, pp.221-224, Apr. 2011
  4. Myunghee Kang; Hwangbin Ryou; Future System, Inc; Kwangwoon University. "An User Authorization Mechanism using an Attribute Certificate in the IPSec-VPN System". Institute of Information Security Vol.14. No.5. pp.11-21. Oct. 2004
  5. Junghym kim; Youjip Won; Eulgyu Im, "A security problem and its solurion in IPSec", 2006 summer conference of The Institute of Electronics Engineers of Korea Vol. 29, No. 1, pp.57-58, 2006
  6. Youngji Lee; Taiyun kim, "The problem resolution algorithm in ESP protoco", The KIPS transactions. Part C Part C c9(2), pp. 189-196, 2002
  7. A. Nascimento et al., "Can I Add a Secure VoIP Call?" Proc. 13th IEEE Int'l Conf. Networks, vol. 1, 2005, pp. 151-155.
  8. R. Rajavelsamy et al., "Performance Evaluation of VoIP over 3G-WLAN Interworking System," Proc. IEEE WCNC, vol. 4, 2005, pp. 2312-2317.
  9. D.P. Hole and F.A. Tobagi, "Capacity of an IEEE 802.11b Wireless LAN Supporting VoIP," Proc. IEEE Int'l Conf. Comm., vol. 1, 2004, pp. 196-201.
  10. W. Wang, S.-C. Liew, and V.O.K. Li, "Solutions to Performance Problems in VoIP over a 802.11 Wireless LAN," IEEE Trans. Vehicular Technology, vol. 54, no. 1, 2005, pp. 366-384. https://doi.org/10.1109/TVT.2004.838890
  11. doi: 10.1109/ACCT.2012.64
  12. doi: 10.1109/LCN.2007.103