Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지
DOI QR코드

DOI QR Code

A Method for Preemptive Intrusion Detection and Protection Against DDoS Attacks

DDoS 공격에 대한 선제적 침입 탐지·차단 방안

  • 김대환 (국군수송사령부 정보체계실) ;
  • 이수진 (국방대학교 컴퓨터공학전공)
  • Received : 2016.01.29
  • Accepted : 2016.05.12
  • Published : 2016.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Task environment for enterprises and public institutions are moving into cyberspace-based environment and structing the LTE wireless network. The applications "App" operated in the LTE wireless network are mostly being developed with Android-based. But Android-based malwares are surging and they are the potential DDoS attacks. DDoS attack is a major information security threat and a means of cyber attacks. DDoS attacks are difficult to detect in advance and to defense effectively. To this end, a DMZ is set up in front of a network infrastructure and a particular server for defensive information security. Because There is the proliferation of mobile devices and apps, and the activation of android diversify DDoS attack methods. a DMZ is a limit to detect and to protect against DDoS attacks. This paper proposes an information security method to detect and Protect DDoS attacks from the terminal phase using a Preemptive military strategy concept. and then DDoS attack detection and protection app is implemented and proved its effectiveness by reducing web service request and memory usage. DDoS attack detection and protecting will ensure the efficiency of the mobile network resources. This method is necessary for a continuous usage of a wireless network environment for the national security and disaster control.

Keywords

References

  1. Android Developers, Manifest.permission, 2015, http://developer.android.com/intl/ko/reference/android/Manifest.permission.html(Accessed 2016/02/01).
  2. Cecui, DDoS Attack Defense List, 2014, http://www.cronyit.co.kr/img/brochure/SECUI_MFD.pdf(Accessed 2016/02/01).
  3. Choi, Y.R., J.Y. Jeong, B.C. Park, and W.G. Hong, "System for Mobile Application Level Traffic Monitoring and Analysis", KNOM Review, Vol.14, No.2, 2011, 10-21. (최영락, 정재윤, 박병철, 홍원기, "응용 레벨 모바일 트래픽 모니터링 및 분석을 위한 시스템 연구", Knom Review, 제14권, 제2호, 2011, 10-21.)
  4. Enck, W., P. Traynor, P. McDaniel, and T. La Porta, "Exploiting Open Functionality in SMS-Capable Cellular Networks", In Proceedings of the 12th ACM Conference on Computer and Communications Security ACM, 2005, 393-404.
  5. Eom, J.H., S.S. Choi, and T.Y. Jeong, Between Versions Introduction, Hongreung Science Publishers, 2012. (엄정호, 최성수, 정태명, 사이버전 개론, 홍릉과학출판사, 2012.)
  6. Institute for National Security Strategy(INSS), North Korean Nuclear Issue and the Korean Peninsula Trust Process, 2013, http://www.inss.re.kr/inss/attach/getFile.do?fileId=5761(Accessed 2016/02/01). (국가안보전략연구소, 북핵문제와 한반도 신뢰프로세스, 2013, http://www.inss.re.kr/inss/attach/getFile.do?fileId=576).
  7. Jeong, J.G., "Do it! Android App Programming", Aegis Publishing, 2016. (정재곤, "Do it! 안드로이드 앱 프로그래밍", 이지스퍼블리싱, 2016.)
  8. John, P., "DDoS Attacks Advancing Enduring Survey", SANS, 2014.
  9. Kim, S.G., J.H. Oh, and C.T. Im, "Abnormal Flooding Detection Technologies in the LTE Mobile Data Networks", Journal of Korea Information and Communications Society General Conference, 2014, 878-879. (김세권, 오주형, 임채태, "LTE 모바일 망에서의 비정상 데이터 플루딩 탐지 기술", 한국통신학회 종합 학술 발표회 논문집(하계), 2014, 878-879.
  10. Kim, Y.R., Eye News 24 News, 2014, http://news.inews24.com/php/news_view.php?g_serial=861593&g_menu=020310(Accessed 2016/02/01). (김영리, 손전등 앱 개인정보 유출… "내 폰도 털렸나?", 아이뉴스24뉴스, 2014/11/06, http://news.inews24.com/php/news_view.php?g_serial=861593&g_menu=020310).
  11. NIA, "DDoS Strategies and Policy Planning", 2010. (NIA, "DDoS 대응전략 및 정책계획", 2010.)
  12. Seong, M.J. and E.G. Im, "Android Malware Network Packet Analysis Specific Action", Journal of the Korea Information Science 2014 Korea Computer Conference, 2014, 104-106. (성명재, 임을규, "안드로이드 악성코드의 네트워크 패킷 특정행동 분석", 한국정보과학회 2014 한국컴퓨터종합학술대회 논문집, 2014, 104-106.)
  13. Traynor, P., W. Enck, P. McDaniel, and T. La Porta, "Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks", IEEE/ACM Transactions on Networking, Vol.17, No.1, 2009, 40-53. https://doi.org/10.1109/TNET.2008.925939
  14. Zhao, B., C. Chi, W. Gao, S. Zhu, and G. Cao, "A Chain Reaction DoS Attack on 3G Networks : Analysis and Defenses", In Infocom, 2009, 2455-2463.