• Àüü
  • ÀüÀÚ/Àü±â
  • Åë½Å
  • ÄÄÇ»ÅÍ
·Î±×ÀΠȸ¿ø°¡ÀÔ About Us ÀÌ¿ë¾È³»
»çÀÌÆ®¸Ê
´Ý±â

»çÀÌÆ®¸Ê

Loading..

Please wait....

±¹³» ³í¹®Áö

Ȩ Ȩ > ¿¬±¸¹®Çå > ±¹³» ³í¹®Áö > Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)

Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)

Current Result Document : 1 / 4   ´ÙÀ½°Ç ´ÙÀ½°Ç

ÇѱÛÁ¦¸ñ(Korean Title) DNS ½ºÇªÇÎÀ» ÀÌ¿ëÇÑ Æ÷ÅÐ ÇØÅ·°ú ÆĹÖÀÇ À§Ç輺
¿µ¹®Á¦¸ñ(English Title) Web Server Hacking and Security Risk using DNS Spoofing and Pharming combined Attack
ÀúÀÚ(Author) ÃÖÀç¿ø   Jae-Won Choi  
¿ø¹®¼ö·Ïó(Citation) VOL 23 NO. 11 PP. 1451 ~ 1461 (2019. 11)
Çѱ۳»¿ë
(Korean Abstract)		 DNS ½ºÇªÇÎÀº °ø°ÝÀÚ°¡ Ŭ¶óÀ̾ðÆ®¿Í DNS ¼­¹ö °£ Åë½Å¿¡ °³ÀÔÇÏ¿© ½ÇÁ¦ IP ÁÖ¼Ò°¡ ¾Æ´Ñ °¡Â¥ IP ÁÖ¼Ò¸¦ ÀÀ´äÇÏ¿© DNS ¼­¹ö¸¦ ¼ÓÀÌ´Â °ø°ÝÀÌ´Ù. À¥ ¼­¹ö ÃʱâÈ­¸é º¹Á¦¿Í °£´ÜÇÑ À¥ ÇÁ·Î±×·¡¹ÖÀ¸·Î »ç¿ëÀÚ ¾ÆÀ̵ð¿Í ºñ¹Ð¹øÈ£¸¦ ÇØÅ·ÇÏ´Â ÆÄ¹Ö »çÀÌÆ® ±¸ÇöÀÌ °¡´ÉÇÏ´Ù. º» ³í¹®¿¡¼­´Â ÆĹֻçÀÌÆ®·Î À¯µµÇÏ´Â DNS ½ºÇªÇΰú ÆĹֻçÀÌÆ® ±¸ÇöÀ» °áÇÕÇÑ À¥ ½ºÇªÇÎ °ø°Ý¿¡ °üÇØ ¿¬±¸ÇÏ¿´´Ù. º» ´ëÇÐÀÇ Æ÷ÅÐ ¼­¹ö¸¦ ´ë»óÀ¸·Î DNS ½ºÇªÇÎ °ø°Ý ¹æ¹ý°ú ÀýÂ÷ ¹× ÆĹֻçÀÌÆ® ±¸Çö ¹æ¹ý¿¡ °üÇØ ¿¬±¸ÇÏ¿´´Ù. °æ¼ºÆ÷ÅÐÀÇ °æ¿ì SSL¿¡ ÀÇÇÑ ¾Ïȣȭ¿Í º¸¾ÈÀÎÁõÀÌ ÀÌ·ç¾îÁø À¥ ¼­¹öÀÓ¿¡µµ ¿ìȸ °ø°Ý°ú ÇØÅ·ÀÌ °¡´ÉÇÏ¿´´Ù. ÇöÀç ¸¹Àº À¥ ¼­¹ö°¡ º¸¾ÈÁ¶Ä¡°¡ ÀÌ·ç¾îÁ® ÀÖÁö ¾Ê°í, SSL¿¡ ÀÇÇØ º¸¾ÈÀÌ ÀÌ·ç¾îÁø À¥ ¼­¹ö¶ó ÇÒÁö¶óµµ À̸¦ ¹«·ÂÈ­ ½Ãų ¼ö ÀÖÀ¸¹Ç·Î ÀÌÀÇ ½É°¢ÇÑ À§Çè°ú ´ëÀÀÁ¶Ä¡°¡ ²À ÇÊ¿äÇÔÀ» ¾Ë¸®°íÀÚ ÇÑ´Ù.
¿µ¹®³»¿ë
(English Abstract)		 DNS spoofing is an attack in which an attacker intervenes in the communication between client and DNS server to deceive DNS server by responding to a fake IP address rather than actual IP address. It is possible to implement a pharming site that hacks user ID and password by duplicating web server¡¯s index page and simple web programming. In this paper we have studied web spoofing attack that combines DNS spoofing and pharming site implementation which leads to farming site. We have studied DNS spoofing attack method, procedure and farming site implementation method for portal server of this university. In the case of Kyungsung Portal, bypassing attack and hacking were possible even though the web server was SSL encrypted and secure authentication. Many web servers do not have security measures, and even web servers secured by SSL can be disabled. So it is necessary that these serious risks are to be informed and countermeasures are to be researched.
Å°¿öµå(Keyword) DNS ½ºÇªÇΠ  ARP ½ºÇªÇΠ  Web ½ºÇªÇΠ  ³×Æ®¿öÅ©º¸¾È   DNS Spoofing   ARP Spoofing   Web Spoofing   Network Security  
ÆÄÀÏ÷ºÎ PDF ´Ù¿î·Îµå

¸ñ·Ï