• Title/Summary/Keyword: 위조된 ACK 공격

Search Result 2, Processing Time 0.014 seconds

Security Vulnerability of Snoop Protocol and Its Countermeasure (Snoop 프로토콜의 보안상 취약점과 그 대책)

  • Go, Yun-Mi;Kwon, Kyung-Hee
    • The Journal of the Korea Contents Association
    • /
    • v.10 no.10
    • /
    • pp.19-25
    • /
    • 2010
  • While Snoop improves network performance by using local retransmission in case of packet loss in wireless network, it has security vulnerability to be unable to countermeasure against falsified ACKs attacks. Therefore in this paper, we suggest a modified Snoop with an extra buffer in addition to original Snoop buffer. Even though packets are exhausted in original buffer by falsified ACKs attacks, proposed Snoop can locally retransmit the packets saved in the extra buffer. The simulation by NS-2 shows that proposed Snoop countermeasure efficiently against falsified ACKs attack and builds securer Snoop protocol.

Implementation and Design of Port Scan Detecting System Detecting Abnormal Connection Attempts (비정상 연결시도를 탐지한 포트 스캔 탐지 시스템의 설계 및 구현)

  • Ra, Yong-Hwan;Cheon, Eun-Hong
    • Convergence Security Journal
    • /
    • v.7 no.1
    • /
    • pp.63-75
    • /
    • 2007
  • Most of computer systems to be connected to network have been exposed to some network attacks and became to targets of system attack. System managers have established the IDS to prevent the system attacks over network. The previous IDS have decided intrusions detecting the requested connection packets more than critical values in order to detect attacks. This techniques have False Positive possibilities and have difficulties to detect the slow scan increasing the time between sending scan probes and the coordinated scan originating from multiple hosts. We propose the port scan detection rules detecting the RST/ACK flag packets to request some abnormal connections and design the data structures capturing some of packets. This proposed system is decreased a False Positive possibility and can detect the slow scan, because a few data can be maintained for long times. This system can also detect the coordinated scan effectively detecting the RST/ACK flag packets to be occurred the target system.

  • PDF