Á¤º¸°úÇÐȸ ÄÄÇ»ÆÃÀÇ ½ÇÁ¦ ³í¹®Áö (KIISE Transactions on Computing Practices)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
¸®´ª½º ¾ÆÆÄÄ¡ À¥ ¼¹ö ½Ç½Ã°£ ·Î±× ºÐ¼®À» ÅëÇÑ °ø°Ý ŽÁö ÇÁ·Î±×·¥ °³¹ß |
| ¿µ¹®Á¦¸ñ(English Title) |
Implementation of Linux Apache Web Server Attack Detection Program through Real-time Log Analysis |
| ÀúÀÚ(Author) |
¹ÚÀ翬
À̼ۿ¬
ÀÌÇÏÀº
ÀÌÁ¾¿ì
Jaeyeon Park
Songyeon Lee
Haeun Lee
Jongwoo Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 24 NO. 04 PP. 0190 ~ 0197 (2018. 04) |
Çѱ۳»¿ë
(Korean Abstract) |
´Ü¼ø °Ë»ö, ¿ø°Ý äÆúÎÅÍ IoT, Ŭ¶ó¿ìµå ÄÄÇ»Æà µî ´Ù¾çÇÑ ºÐ¾ß¿¡ ³Î¸® »ç¿ëµÇ°í ÀÖ´Â À¥ ¼¹ö´Â ³ôÀº Á¢±Ù¼º ¶§¹®¿¡ ´Ù¸¥ ½Ã½ºÅÛº¸´Ù ´õ ³ôÀº º¸¾È¼ºÀÌ ÇÊ¿äÇÏ°í, ÀÌ¿¡ ¸ÂÃç ´Ù¾çÇÑ ¿¬±¸°¡ ÀÌ·ç¾îÁö°í ÀÖ´Ù. ±×·±µ¥µµ ¿¹»óÄ¡ ¸øÇÏ´Â °÷¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î ÀÎÇØ °³ÀÎÁ¤º¸ À¯Ãâ, ¼¹ö ¸¶ºñ¿Í °°Àº Áß´ëÇÑ ÇÇÇصéÀÌ Áö¼ÓÇؼ ¹ß»ýÇÑ´Ù. ƯÈ÷ ISEC 2017¿¡¼ Á¦±âµÈ º¸¾È Àü¹®°¡µéÀÇ ÀÇ°ß¿¡ µû¸£¸é, IoT ±â±âÀÇ Ãë¾à¼º, º¸¾ÈÀÌ Ãë¾àÇÑ ¿ÀǼҽºÀÇ »ç¿ë, º¸¾È ±âÃÊ ºÎÁ· µîÀÇ ÀÌÀ¯·Î º¸¾È »ç°í°¡ Áõ°¡ÇÏ°í ÀÖ´Ù. º» ³í¹®¿¡¼´Â À¥ ¼¹ö·Î µé¾î¿À´Â °ø°ÝÀ» À¥ ¼¹ö ·Î±× Â÷¿ø¿¡¼ ½Ç½Ã°£À¸·Î ŽÁöÇÏ¿© °³ÀÎÀû, »çȸÀû ÇÇÇظ¦ ÃÖ¼ÒÈÇÏ´Â °ÍÀ» ¸ñÇ¥·Î ÇÏ¿´´Ù. À̸¦ À§ÇØ ¸®´ª½º ȯ°æ¿¡¼ ¾ÆÆÄÄ¡ À¥ ¼¹ö Á¢±Ù ·Î±×¸¦ ½Ç½Ã°£À¸·Î ºÐ¼®ÇÏ¿© DDoS, SQL Injection, RFI, Webshell ¾÷·Îµå °ø°ÝÀ» ŽÁöÇÏ°í, À̸¦ °ü¸®ÀÚ¿¡°Ô ÅëÁöÇØÁÖ´Â GUI ±â¹Ý ·Î±× ŽÁö/ºä¾î¸¦ °³¹ßÇÏ¿´´Ù. ÀÌ´Â À§ÀÇ °ø°ÝµéÀ» ¸Å¿ì ³ôÀº È®·ü·Î ŽÁöÇϸç, ºü¸£°Ô µé¾î¿À´Â ·Î±×ÀÇ ´©¶ô ¶ÇÇÑ ÃÖ¼ÒÈÇÏ¿© »ç¿ëÀÚ¸¦ À¥ ¼¹ö °ø°ÝÀ¸·ÎºÎÅÍ ¾ÈÀüÇÏ°Ô ÁöÄÑÁØ´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
With wide usage in various fields, such as simple search, remote chat, IoT and cloud computing, the web requires a higher security than other systems due to its high accessibility. Therefore, various studies have been conducted accordingly to find ways to secure the web. Vulnerabilities that occur unexpectedly in the web cause serious damages, such as personal information leakage and server down. In particular, security experts from ISEC 2017 have reported that security accidents are increasing due to the weaknesses in IoT devices, usage of open sources with weak security and lack of security bases. In this paper, we aimed to minimize the individual and social damages by using a real-time web server log detector to locate web server attacks. In order to achieve this goal, we developed a GUI-based log detection/viewer. The viewer detects DDoS, SQL Injection, RFI and Webshell upload attacks through real-time analyzing of the Apache web server access log in a Linux environment, which notifies the administrator of the attack afterwards. It detects the above mentioned attacks with very high probabilities of occurring, and minimizes the loss of fast incoming logs, thus safeguarding users from Web server attacks.
|
| Å°¿öµå(Keyword) |
¸®´ª½º
À¥ ¼¹ö Á¢±Ù·Î±×
½Ç½Ã°£
DDoS
SQL Injection
RFI
Webshell ¾÷·Îµå
GTK +3
Åë°è
linux
access log
real time
DDoS
SQL injection
RFI
webshell upload
GTK + 3
analytics
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
