융합정보논문지 (Journal of Convergence for Information Technology)

중소기업융합학회 (Convergence Society for SMB)
권호 표지
DOI QR코드

DOI QR Code

홈 IoT에서 SSDP 반사체 공격에 대한 대응기법

A Countermeasure Technique for Attack of Reflection SSDP in Home IoT

  • 박광옥 (창원대학교 컴퓨터공학과) ;
  • 이종근 (창원대학교 컴퓨터공학과)
  • Park, Kwang-ok (Department of Computer Engineering, Changwon National University) ;
  • Lee, Jong-Kun (Department of Computer Engineering, Changwon National University)
  • 투고 : 2017.02.09
  • 심사 : 2017.03.23
  • 발행 : 2017.04.28
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

최근에 증폭기법을 이용한 DDoS 공격은 정상적인 서버들에서 정상 트래픽과의 구분을 어렵게 하고 공격 탐지를 하더라도 감지가 어려운 특성을 가지고 있다. SSDP 프로토콜은 IoT 장비들에서 널리 사용되는 일반적인 프로토콜이기 때문에 DDoS 증폭 공격으로 활용되고 있는 형편이다. 본 연구에서는 SSDP의 서비스 확인 메시지 중계의 약점을 이용한 반사체공격기법을 분석하고 이러한 공격에 대하여 각 디바이스의 Mac 주소를 관리하여 공격을 감지하고 방어하는 기술적 제안과 홈 IoT 관리 체계를 제안하였다. 가상 환경 속에서 실험적 공격을 수행하여 가상공격의 효과에 대하여 정리 분석하였으며 제안 기술로 공격을 방지하도록 검증하였으며 또한 홈 IoT의 보안관제 체제를 제안하였다.

Recently, the DDoS attack using the amplifier method makes it difficult to distinguish the normal traffic from the normal server and it is difficult to detect even the attack detection. Since the SSDP protocol is a common protocol widely used in IoT devices, it is used as a DDoS amplification attack. In this paper, we analyze the reflector attack of SSDP which is one of the DDoS and suggest a technical proposal to detect and defend against the attack by managing the Mac address of each device. Also, we propose a control structure to protect the reflection attack of SSDP in Home IoT. The efficiency of the proposed system has been verified by performing an experimental attack on the virtual environment.

키워드

참고문헌

  1. B. I. Jang and C. S. Kim, “A Study on the Security Technology for the Internet of Things,” Journal of Security Engineering, Vol. 10, No. 2, pp. 256-270, 2014. DOI: 10.1109/ICIMSA.2016.7503989
  2. Y. Cui, H. G. Lee, M. J. Kim and H. J. Lee, "Design and Development for a Media Sharing Platform Based on UPnP," Proceeding of KCC 2010, KISS, Vol. 37, No. 2(B), pp. 309-314, 2010.
  3. J. H. Shin and W. Shin, "A New Defense against DDoS Attacks using Reputation," Journal of the Korea Institute of Information and Communication Engineering, Vol. 15, No. 8, pp. 1720-1726, 2011. DOI: 10.6109/jkiice.2011.15.8.1720
  4. S. R. Jung and H. Y. Yun, “Adaptively Flexible Service Discovery and Advertisement for SSDP of UPnP in Wireless ad-hoc Network,” The KISS Transactions:Part A, Vol. 17-A, No. 5, pp. 237-248, 2010. DOI: 10.3745/KIPSTA.2010.17A.5.237
  5. M. Kuhrer, "Thomas Hupperich, Christian Rossow, and Thorsten Holz," Exit from Hell? Reducing the Impact of Amplification DDoS Attacks," In proceeding 23rd USENIX Security Symposium, uSENIX Association, pp. 111-125, 2014
  6. H Choi, H Park and H Lee, “A Study on Amplification DRDoS Attacks and Defenses,” The Journal of Korea Institute of Information, Electronics, and Communication Technology, Vol. 8, No. 5, pp. 429-437, 2015. DOI: 10.17661/jkiiect.2015.8.5.429
  7. K. Hengst, "DDoS through the Internet of Things," Prooceeding of the 25th Twente Student Conference on IT, pp. 1-9, 2016.
  8. A. A. Md. and M. Haque, "UPnP Networking: Architecture ad Security Issues," Prooceeding of the TKK Seminar on Network Security, 2007.
  9. J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of things (IoT): a vision, architectural elements and future directions,” Journal of Future Generation Computer Science, Vol. 29, No. 7, pp. 1645-1660, 2013. https://doi.org/10.1016/j.future.2013.01.010
  10. A. P. Castellani, N. Bui, P. Casari, M. Rossi, Z. Shelby and M. Zorzi, "Architecture and protocols for the Internet of Things: A case study," Prooceeding of the 8th IEEE international Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 678-683, 2010.
  11. S. C. Noh and J. G. Kim, "A Study of Phase Sensing Device IoT Network Security Technology Framework Configuration," Jouranl of Information and Security, Vol. 15, No. 4, pp. 41-47, 2015
  12. J. H. Oh and K. H. Lee, "Attack Scenarios and Countermeasures using CoAP in IoT Environment," Journal of the Korea Convergence Society, Vol. 7, No. 4, pp. 33-38, Aug. 2016. DOI: 10.15207/JKCS.2016.7.4.033
  13. D. Perakovic, M. Perisa and I. Cvitic. "Analysis of the IoT Impact on Volume of DDoS Attacks," Prooceeding of the PosTel 2015, 2015.
  14. H. J. Mun, G. H. Choi and Y. C. Hwang, “Countermeasure to Underlying Security Threats in IoT communication,” Journal of IT Convergence Society for SMB, Vol. 6, No. 2, pp. 37-44, Jun. 2016. DOI: 10.22156/CS4SMB.2016.6.2.037
  15. Nazrul Hoque, Dhruba K. Bhattacharyya, and Jugal K. Kalita, "Botnet in DDoS Attacks: Trends and Challenges," Journal of IEEE Communications Surveys & Tutorials, Vol. 17, No. 4, pp. 2242-2270, Jul. 2015. DOI: 10.1109/COMST.2015.2457491
  16. B. A. Miller, T. Nixon, C. Tai, and M. D. EWood, "Home Networking with Universial Plug and Play," IEEE Computer Magazine, Vol. 29, No. 12, pp. 104-109, Dec. 2001. DOI: 10.1109/35.968819
  17. S. I. Yoon and G. C. Sihn, “Service Discovery Protocols for Ubiauitous Computing Environments,” Electronics and Telecommunication Trends, Vol. 20, No. 1, pp. 147-156, 2005.
  18. C. Rossow, "Amplification Hell: Revisiting Network Protocol for DDoS Attacks," In the Proceeding of the NDSS'14, San Diego, USA, pp. 1-15, 2014. DOI: 10.14722/ndss.2014.23233
  19. S. S. Shin, G. S. Chae and T. H. Lee, “An Investigation Study to Reduce Security Threat in the Internet of Things Environment,” Journal of IT Convergence Society for SMB, Vol. 5, No. 4, pp. 31-36, Dec. 2015.
  20. H. J. Mun, S. H. Choi and Y. C. Hwang, “Effective Countermeasure to APT Attacks using Big Data,” Journal of IT Convergence Society for SMB, Vol. 6, No. 1, pp. 17-23, Mar. 2016. DOI: 10.22156/CS3SMB.2016.6.1.017
  21. G. I. Kim, Y. C. Kim and J. K. Lee, “An Efficiency Authentication Security Mechanism of VANET in Highway,” Journal of IT Convergence Society for SMB, Vol. 6, No. 3, pp. 57-64, Sep. 2016. DOI: 10.22156/CS4SMB.2016.6.3.057
  22. J. Y. Jung and M. A. Lee, "Current Status of Digital Braille Music and Policy Proposal," Journal of digital Convergence, Vol. 13, No. 8, pp. 51-57, Aug. 2015. DOI: 10.14400/JDC.2015.13.8.51
  23. H. S. Lee and S. H. Lee, "Impact on Internalization of Management Strategy in Public Organization," Journal of digital Convergence, Vol. 14, No. 5, pp. 1-10, May. 2016. DOI: 10.14400/JDC.2016.14.5.1
  24. D. S. Lee, "Design of Compact Data Integration and Convergence Device Using Esp8266 Module," Journal of the Korea Convergence Society, Vol. 8. No. 2, pp. 15-20, Feb. 2017. https://doi.org/10.15207/JKCS.2017.8.2.015
  25. J. C. Lee, "A Classification Algorithm using Extended Representation", Journal of the Korea Convergence Society, Vol. 8. No. 2, pp. 27-33, Feb. 2017. https://doi.org/10.15207/JKCS.2017.8.2.027