• Title/Summary/Keyword: Web-based Attacks

Search Result 122, Processing Time 0.018 seconds

A Study on Interface Security Enhancement (조직의 실시간 보안관리 체계 확립을 위한 '인터페이스 보안' 강화에 대한 연구)

  • Park, Joon-Jeong;Kim, Sora;Ahn, SooHyun;Lim, Chae-Ho;Kim, Kwangjo
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.4 no.5
    • /
    • pp.171-176
    • /
    • 2015

  • Because the specific security technology alone can not cope with sophisticated attacks, various security management models are applied. But, they do not focus on the vulnerability of the highest part because they offer so many common security management criteria. By analyzing the main information and confidential leakage cases inflicting enormous damage to our society, we found that attackers are using mainly an interface vulnerabilities - the paths that connect the internal and external of the organization, such as e-mail, web server, portable devices, and subcontractor employees. Considering the reality that time and resources to invest in security domain are limited, we point out the interface security vulnerabilities the possibility of attackers to exploit and present a convergence method of security measures. Finally, based of ROI(Return on Investment), we propose the real-time security management system through the intensive and continuous management.

  • https://doi.org/10.3745/KTCCS.2015.4.5.171 인용 PDF KSCI

ARP Spoofing attack scenarios and countermeasures using CoAP in IoT environment (IoT 환경에서의 CoAP을 이용한 ARP Spoofing 공격 시나리오 및 대응방안)

  • Seo, Cho-Rong;Lee, Keun-Ho
    • Journal of the Korea Convergence Society
    • /
    • v.7 no.4
    • /
    • pp.39-44
    • /
    • 2016

  • Due to the dazzling development of IT in this IT-oriented era, information delivering technology among objects, between objects and humans, and among humans has been actively performed. As information delivery technology has been actively performed, IoT became closely related to our daily lives and ubiquitous at any time and place. Therefore, IoT has become a part of our daily lives. CoAp, a web-based protocol, is mostly used in IoT environment. CoAp protocol is mostly used in the network where transmission speed is low along with the huge loss. Therefore, it is mostly used in IoT environment. However, there is a weakness on IoT that it is weak in security. If security issue occurs in IoT environment, there is a possibility for secret information of individuals or companies to be disclosed. If attackers infect the targeted device, and infected device accesses to the wireless frequently used in public areas, the relevant device sends arp spoofing to other devices in the network. Afterward, infected devices receive the packet sent by other devices in the network after occupying the packet flow in the internal network and send them to the designated hacker's server. This study suggests counter-attacks on this issues and a method of coping with them.

  • https://doi.org/10.15207/JKCS.2016.7.4.039 인용 PDF KSCI