• Title/Summary/Keyword: MAC주소

Search Result 38, Processing Time 0.287 seconds

The core information protection mechanism in the BcN(Broadband Convergence Network) (BcN(Broadband Convergence Network) 환경에서의 중요정보에 대한 도청방지 메카니즘)

  • Oh, Sek-Hoan;Lee, Jae-Yong;Kim, Byung-Chul
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.45 no.1
    • /
    • pp.14-26
    • /
    • 2008
  • IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.

Design and Implementation of Indoor Location Recognition System based on Fingerprint and Random Forest (핑거프린트와 랜덤포레스트 기반 실내 위치 인식 시스템 설계와 구현)

  • Lee, Sunmin;Moon, Nammee
    • Journal of Broadcast Engineering
    • /
    • v.23 no.1
    • /
    • pp.154-161
    • /
    • 2018
  • As the number of smartphone users increases, research on indoor location recognition service is necessary. Access to indoor locations is predominantly WiFi, Bluetooth, etc., but in most quarters, WiFi is equipped with WiFi functionality, which uses WiFi features to provide WiFi functionality. The study uses the random forest algorithm, which employs the fingerprint index of the acquired WiFi and the use of the multI-value classification method, which employs the receiver signal strength of the acquired WiFi. As the data of the fingerprint, a total of 4 radio maps using the Mac address together with the received signal strength were used. The experiment was conducted in a limited indoor space and compared to an indoor location recognition system using an existing random forest, similar to the method proposed in this study for experimental analysis. Experiments have shown that the system's positioning accuracy as suggested by this study is approximately 5.8 % higher than that of a conventional indoor location recognition system using a random forest, and that its location recognition speed is consistent and faster than that of a study.

D-ARP Scheme for Full Mesh Routing in Partial BMA Network (제한적 BMA 네트워크에서 Full Mesh 라우팅을 위한 D-ARP 기법)

  • Kim, Moon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.25 no.8
    • /
    • pp.1088-1094
    • /
    • 2021
  • This paper proposes a partial BMA (Broadcasting Multiple Access) network structure and D-ARP (Distributed Address Resolution Protocol) method in order to support full mesh routing function in the DAMA (Demand Assigned Multiple Access)-based MF-TDMA (Multi Frequency-Time Division Multiple Access) satellite system. The partial BMA network enables legacy router devices and routing protocols to be adopted in the satellite communication system, and decreases the amount of routing protocol overhead. In addition, we introduce the D-ARP method that help a spoke satellite node acquiring the MAC (Media Access Control) address from remote satellite nodes in none BMA satellite network. The D-ARP method provides the MAC address of remote nodes to each other nodes through the broadcasting-enabled satellite channel. And we lastly evaluate and analysis the network performance of the proposed approach.

Internal Network Partition Security Model Based Authentication using BlockChain Management Server in Cloud Environment (클라우드 환경에서 블록체인관리서버를 이용한 인증기반 내부망 분리 보안 모델)

  • Kim, Young Soo;Lee, Byoung Yup
    • The Journal of the Korea Contents Association
    • /
    • v.18 no.6
    • /
    • pp.434-442
    • /
    • 2018
  • Recently, the threat to the security and damage of important data leaked by devices of intranet infected by malicious code through the Internet have been increasing. Therefore, the partitioned intranet model that blocks access to the server for business use by implementing authentication of devices connected to the intranet is required. For this, logical net partition with the VDI(Virtual Desktop Infrastructure) method is no information exchange between physical devices connected to the intranet and the virtual device so that it could prevent data leakage and improve security but it is vulnerable to the attack to expose internal data, which has access to the server for business connecting a nonregistered device into the intranet. In order to protect the server for business, we suggest a blockchain based network partition model applying blockchain technology to VDI. It contributes to decrease in threat to expose internal data by improving not only capability to verify forgery of devices, which is the vulnerability of the VDI based logical net partition, but also the integrity of the devices.

An Attack Origin Detection Mechanism in IP Traceback Using Marking Algorithm (마킹 알고리듬 기반 IP 역추적에서의 공격 근원지 발견 기법)

  • 김병룡;김수덕;김유성;김기창
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.13 no.1
    • /
    • pp.19-26
    • /
    • 2003
  • Recently, the number of internet service companies is increasing and so is the number of malicious attackers. Damage such as distrust about credit and instability of the service by these attacks may influence us fatally as it makes companies image failing down. One of the frequent and fatal attacks is DoS(Denial-of-Service). Because the attacker performs IP spoofing for hiding his location in DoS attack it is hard to get an exact location of the attacker from source IP address only. and even if the system recovers from the attack successfully, if attack origin has not been identified, we have to consider the possibility that there may be another attack again in near future by the same attacker. This study suggests to find the attack origin through MAC address marking of the attack origin. It is based on an IP trace algorithm, called Marking Algorithm. It modifies the Martins Algorithm so that we can convey the MAC address of the intervening routers, and as a result it can trace the exact IP address of the original attacker. To improve the detection time, our algorithm also contains a technique to improve the packet arrival rate. By adjusting marking probability according to the distance from the packet origin we were able to decrease the number of needed packets to traceback the IP address.

Hacking attack and vulnerability analysis for unmanned reconnaissance Tankrobot (무인정찰 탱크로봇에 대한 해킹 공격 및 취약점 분석에 관한 연구)

  • Kim, Seung-woo;Park, Dea-woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.24 no.9
    • /
    • pp.1187-1192
    • /
    • 2020
  • The dronebot combat system is a representative model of the future battlefield in the 4th industrial revolution. In dronebot, unmanned reconnaissance tankrobot can minimize human damage and reduce cost with higher combat power than humans. However, since the battlefield environment is very complex such as obstacles and enemy situations, it is also necessary for the pilot to control the tankrobot. Tankrobot are robots with new ICT technology, capable of hacking attacks, and if there is an abnormality in control, it can pose a threat to manipulation and control. A Bluetooth sniffing attack was performed on the communication section of the tankrobot and the controller to introduce a vulnerability to Bluetooth, and a countermeasure using MAC address exposure prevention and communication section encryption was proposed as a security measure. This paper first presented the vulnerability of tankrobot to be operated in future military operations, and will be the basic data that can be used for defense dronebot units.

Implementation Wireless Internet Security Connection System Using Bluetooth Beacon in Smart Factory (블루투스 비컨을 사용한 스마트 팩토리에서의 무선인터넷 보안 연결 시스템 구현)

  • Jang, Yun Seong;Shin, Soo Young
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.22 no.12
    • /
    • pp.1705-1713
    • /
    • 2018
  • It is currently undergoing the fourth industrial revolution, which is the convergence of ICT and manufacturing, connecting both industrial equipment and production processes to one network and communicating with each other. The fact that they are connected to one network has the advantage of management, but there is a risk of security. In particular, Wi-Fi can be easily accessed by outsiders through a software change of the MAC address or password exposures. In this paper, by applying the method of Beacon using a Bluetooth Low Energy Add in Bluetooth 4.0, we propose a system of black-box approach to secure connections to wireless Internet, users do not have to know the password. We also implemented the proposed system using the raspberry pi and verified the effectiveness of a real-time system by testing the communication.

A Design of Network Management System for Efficiently Isolating Devices Infected with ARP Spoofing Virus (ARP spoofing 바이러스에 감염된 단말을 효율적으로 분리하기 위한 네트워크 관리시스템의 설계)

  • Ko, Bong-Koo;Chung, Seung-Jong;Cho, Gi-Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.17 no.3
    • /
    • pp.641-648
    • /
    • 2013
  • ARP spoofing is a typical Internet attack, in which an attacker sends data by changing his's MAC address with the other's one. Currently, this attack is usually dealt with separating the attacking PCs infected with ARP spoofing virus, by keeping network devices investigating by the network manager. However, this manual process has some limitations in time and accuracy. This paper proposes a new network management system to replace the effort of network manager who has to keep on inspecting the network. Along with designing an ARP analyzer and a disconnection notifier and adding them into the existing network management system, the proposed system provides a basement to identify and notify the PC infected by an ARP spoofing virus with fast and high accuracy. As a result, it is expected to minimize the network break off and to make easy the network management.

Practical MAC address table lookup scheme for gigabit ethernet switch (기가비트 이더넷 스위치에서 빠른 MAC 주소 테이블의 검색 방법)

  • 이승왕;박인철
    • Proceedings of the IEEK Conference
    • /
    • /
    • pp.799-802
    • /
    • 1998
  • As we know, gigabit ethernet is a new technology to be substituted for current fast ethernet used widely in local area network. The switch used in gigabit ethernet should deal with frames in giga-bps. To do such a fast switching, we need that serveral processes meet the budgets, such as MAC address table lookup, several giga speed path setup, fast scheduling, and etc. Especially MAC address table lookup has to be processed in the same speed with speed of incoming packets, thus the bottleneck in the process can cause packet loss by the overflow in the input buffer. We devise new practical hardware hashing method to perform fast table lookup by minimizing the number of external memory access and accelerating with hardware.

  • PDF

ARP-Related Attack Detection and Recovery Technique in DHCP-based Public Networks (DHCP 기반 공용 네트워크 환경에서 ARP 관련 공격 탐지 및 복구기법)

  • Kim, Min-June;Jang, Yong-Jun;Shin, Ji-Chul;Rhee, Kyung-Hyune
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • /
    • pp.652-654
    • /
    • 2013
  • ARP 관련 공격은 LAN상에서 MAC 주소의 위조를 통해 공격대상 호스트의 패킷을 가로채어 도청이나 변조를 가능하게 하는 공격 방법 중 하나이다. 이더넷 기술의 기본이 되는 ARP 프로토콜과 이를 기본적으로 사용할 수밖에 없는 공용 네트워크의 급격한 확산은 장차 ARP 관련 공격과 그 피해가 더욱 심각해 질 것으로 예상된다. 따라서 본 논문에서는, 공용 네트워크에서 기본적으로 사용하는 DHCP 프로토콜을 이용한 ARP 관련 공격 탐지 및 복구 솔루션을 제안한다.

  • PDF