Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

A Implement of Integrated Management Systems for User Fraud Protection and Malware Infection Prevention

악성코드 감염방지 및 사용자 부정행위 방지를 위한 통합 관리 시스템 구현

  • Min, So-Yeon (Department of Information and Communication, Seoil University) ;
  • Cho, Eun-Sook (Department of Computer Software, Seoil University) ;
  • Jin, Byung-Wook (Department of Computer Science, Soongsil University)
  • Received : 2015.11.25
  • Accepted : 2015.12.04
  • Published : 2015.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

The Internet continues to grow and develop, but there are going to generate a variety of Internet attacks that exploit it. In the initial Internet environment, the attackers maliciously exploited Internet environments for ostentations and hobbies. but these days many malicious attempts purpose the financial gain so systematic and sophisticated attacks that are associated with various crimes are occurred. The structures, such as viruses and worms were present in the form of one source multi-target before. but recently, APT(Advanced Persistent Threat, intelligent continuous attacks) in the form of multi-source single target is dealing massive damage. The performance evaluation analyzed whether to generate audit data and detect integrity infringement, and false positives for normal traffic, process detecting and blocking functions, and Agent policy capabilities with respect to the application availability.

인터넷이 지속적으로 성장과 발전을 거듭해가고 있는 이면에는 이를 악용하기 위한 다양한 인터넷 공격들이 발생하고 있다. 초기 인터넷 환경에서는 공격자가 역량과시 및 취미 등으로 인터넷 환경을 악용한 공격이 존재하였지만, 금전적인 이득을 목적으로 각종범죄와 연관된 체계적으로 복잡한 공격들이 발생하고 있다. 최근 들어서 바이러스나 윔과 같은 구조가 단순한 소스 멀티타깃(one source multi-target)의 형태가 존재하였지만, 멀티소스 싱글타깃(multi-source single target)의 형태를 갖는 APT(Advanced Persistent Threat, 지속적인 지능형 공격)으로 사용자들로 하여금 막대한 피해를 입히고 있다. 그러므로 본 논문에서는 Agent 및 관리 시스템은 악성코드 감염을 사전에 예방하는 기능을 고도화하여 사용자의 부정행위를 통한 자료유출을 감시할 수 방지 시스템을 설계 및 구현하였다. 성능평가에서는 감사데이터 생성 여부, 무결성 침해 발생 시 탐지 여부, 정상트래픽 오탐 여부, 프로세스 탐지 및 차단 기능 설정, Agent 정책 적용 가능여부에 대해서 기능을 분석하였다.

Keywords

References

  1. Saint Security, Malware analysis report, malwares.com, 2015. 7. 13
  2. Jae-Kyung Park, A Realtime Malware Detection Technique Using Multiple Filter, KSCI, Vol.19, No. 7. 2014. 7.
  3. Jaeho Lee, Sangjin Lee, A Study on Unknown Malware Detection using Digital Forensic Techniques, , JKIISC, Vol24, No. 1, 2014. 2.
  4. JesseBurns,"DevelopingSecureMobileApplications forAndroid:AnintroductiontomakingsecureAndroidapplications",Dec2009.
  5. A.Shabtai,Y.FledelandU.Kanonov,Y.EloviiandS.Dolev. "GoogleAndroid:AState - of - the -ArtReview of Security Mechanisms . " IEEE SecurityandPrivacy,vol.8,issue2,pp.35-442010.
  6. James M. Aquilina, Eoghan Casey, Cameron H. Malin, MalwareForensics-InvestigatingandAnalyzingMaliciousCode", 2008.
  7. Brett Stone-Gross, Ryan Abman, Richard A. Kemmerer, ChristopherKruegel,DouglasG.Steigerwald,andGiovanniV igna, "TheUndergroundEconomyofFakeAntivirusSoftware", 2012.
  8. Sang Min Lee, Hwa Sun Kim, Hune Cho, "Study on OWL-based database built for the efficient operation of human resources bank," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol.5, No.3, pp.55-64, June 2015. DOI: http://dx.doi.org/10.14257/AJMAHS.2015.06.27
  9. Sattarova Feruza, "Secure Multi-Party Computation in Networks Over A Cross Domain Privacy Preserving Firewall Optimization," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol.1, No.1, pp.91-98, Dec. 2011. DOI: http://dx.doi.org/10.14257/AJMAHS.2011.12.06
  10. Zita Maria Almeida do Vale, Carlos Ramos, Rosslin John Robles, "Effective Use of Multiple Random Walks in P2P Networks," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol.4, No.1, pp.1-8, June 2014. DOI: http://dx.doi.org/10.14257/AJMAHS.2014.06.04
  11. Farkhod Alisherov, "The Security in the Vehicular Ad Hoc Network (VANET) Using Expedite Message Authentication Protocol (EMAP)," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol.1, No.1, pp.99-106, Dec. 2011. DOI: http://dx.doi.org/10.14257/AJMAHS.2011.12.03
  12. Chul-Woo Park, Ji-Woong Son, Hyun-Ki Hwang, Ki-Chang Kim, "Detection of systems infected with C&C Zeus through technique of Windows API hooking," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol.5 No.2, pp.297-304, April 2015. DOI: http://dx.doi.org/10.14257/AJMAHS.2015.04.11