Àüü
ÀüÀÚ/Àü±â
Åë½Å
ÄÄÇ»ÅÍ
·Î±×ÀÎ
ȸ¿ø°¡ÀÔ
About Us
ÀÌ¿ë¾È³»
¿¬±¸¹®Çå
±¹³» ³í¹®Áö
¿µ¹® ³í¹®Áö
±¹³» ÇÐȸÁö
Çмú´ëȸ ÇÁ·Î½Ãµù
±¹³» ÇÐÀ§ ³í¹®
³í¹®Á¤º¸
¹é¼
±³À°Á¤º¸
¿¬±¸ ù°ÉÀ½
ÇаúÁ¤º¸
°ÀÇÁ¤º¸
µ¿¿µ»óÁ¤º¸
E-Learning
¿Â¶óÀÎ Àú³Î
½ÉÈÁ¤º¸
¿¬±¸ ¹× ±â¼úµ¿Çâ
Áֿ俬±¸ÅäÇÈ
ÁÖ¿ä°úÁ¦ ¹× ±â°ü
Çؿܱâ°ü °ü·ÃÀÚ·á
¹ÙÀÌ¿À Á¤º¸±â¼ú
ÁÖ¿ä Archive Site
Æ÷Ä¿½ºiN
¿¬±¸ÀÚ Á¤º¸
¶óÀÌ¡½ºÅ¸
ÆÄ¿öiNÅͺä
¼¼ÁßÇÑ
¿¬±¸ÀÚ·á
¹®ÀÚ DB
¿ë¾î»çÀü
¾Ë¸²¸¶´ç
ºÎ½Ç ÇмúÈ°µ¿ ¿¹¹æ
³í¹®¸ðÁý
´ëȸ¾È³»
What's New
¿¬±¸ºñÁ¤º¸
±¸ÀÎÁ¤º¸
°øÁö»çÇ×
CSERIC ±¤Àå
Post-Conference
¿¬±¸ÀÚ Ä«Æä
ÀÚÀ¯°Ô½ÃÆÇ
Q&A
´Ý±â
»çÀÌÆ®¸Ê
¿¬±¸¹®Çå
±¹³» ³í¹®Áö
¿µ¹® ³í¹®Áö
±¹³» ÇÐȸÁö
Çмú´ëȸ ÇÁ·Î½Ãµù
±¹³» ÇÐÀ§ ³í¹®
³í¹®Á¤º¸
¹é¼
±³À°Á¤º¸
¿¬±¸ ù°ÉÀ½
ÇаúÁ¤º¸
°ÀÇÁ¤º¸
µ¿¿µ»óÁ¤º¸
E-Learning
¿Â¶óÀÎ Àú³Î
½ÉÈÁ¤º¸
¿¬±¸ ¹× ±â¼úµ¿Çâ
Áֿ俬±¸ÅäÇÈ
ÁÖ¿ä°úÁ¦ ¹× ±â°ü
Çؿܱâ°ü °ü·ÃÀÚ·á
¹ÙÀÌ¿À Á¤º¸±â¼ú
ÁÖ¿ä Archive Site
ÄÄÇ»ÅÍiN
¿¬±¸ÀÚ Á¤º¸
¿¬±¸ÀÚ·á
¹®ÀÚ DB
Ȧ·Î±×·¥ DB
¿ë¾î»çÀü
¾Ë¸²¸¶´ç
ºÎ½Ç ÇмúÈ°µ¿ ¿¹¹æ
³í¹®¸ðÁý
´ëȸ¾È³»
What's New
¿¬±¸ºñ Á¤º¸
±¸ÀÎÁ¤º¸
°øÁö»çÇ×
IT Daily
CSERIC ±¤Àå
Post-Conference
¿¬±¸ÀÚ Ä«Æä
ÀÚÀ¯°Ô½ÃÆÇ
Q&A
¼ºñ½º ¹Ù·Î°¡±â
¼³¹®Á¶»ç
¿¬±¸À±¸®
°ü·Ã±â°ü
Please wait....
¿¬±¸¹®Çå
±¹³» ³í¹®Áö
¿µ¹® ³í¹®Áö
±¹³» ÇÐȸÁö
Çмú´ëȸ ÇÁ·Î½Ãµù
±¹³» ÇÐÀ§ ³í¹®
³í¹®Á¤º¸
¹é¼
±¹³» ³í¹®Áö
Ȩ > ¿¬±¸¹®Çå > ±¹³» ³í¹®Áö >
Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
Current Result Document :
1
/ 4
´ÙÀ½°Ç
ÇѱÛÁ¦¸ñ(Korean Title)
DNS ½ºÇªÇÎÀ» ÀÌ¿ëÇÑ Æ÷ÅÐ ÇØÅ·°ú ÆĹÖÀÇ À§Ç輺
¿µ¹®Á¦¸ñ(English Title)
Web Server Hacking and Security Risk using DNS Spoofing and Pharming combined Attack
ÀúÀÚ(Author)
ÃÖÀç¿ø
Jae-Won Choi
¿ø¹®¼ö·Ïó(Citation)
VOL 23 NO. 11 PP. 1451 ~ 1461 (2019. 11)
Çѱ۳»¿ë
(Korean Abstract)
DNS ½ºÇªÇÎÀº °ø°ÝÀÚ°¡ Ŭ¶óÀ̾ðÆ®¿Í DNS ¼¹ö °£ Åë½Å¿¡ °³ÀÔÇÏ¿© ½ÇÁ¦ IP ÁÖ¼Ò°¡ ¾Æ´Ñ °¡Â¥ IP ÁÖ¼Ò¸¦ ÀÀ´äÇÏ¿© DNS ¼¹ö¸¦ ¼ÓÀÌ´Â °ø°ÝÀÌ´Ù. À¥ ¼¹ö ÃʱâÈ¸é º¹Á¦¿Í °£´ÜÇÑ À¥ ÇÁ·Î±×·¡¹ÖÀ¸·Î »ç¿ëÀÚ ¾ÆÀ̵ð¿Í ºñ¹Ð¹øÈ£¸¦ ÇØÅ·ÇÏ´Â ÆÄ¹Ö »çÀÌÆ® ±¸ÇöÀÌ °¡´ÉÇÏ´Ù. º» ³í¹®¿¡¼´Â ÆĹֻçÀÌÆ®·Î À¯µµÇÏ´Â DNS ½ºÇªÇΰú ÆĹֻçÀÌÆ® ±¸ÇöÀ» °áÇÕÇÑ À¥ ½ºÇªÇÎ °ø°Ý¿¡ °üÇØ ¿¬±¸ÇÏ¿´´Ù. º» ´ëÇÐÀÇ Æ÷ÅÐ ¼¹ö¸¦ ´ë»óÀ¸·Î DNS ½ºÇªÇÎ °ø°Ý ¹æ¹ý°ú ÀýÂ÷ ¹× ÆĹֻçÀÌÆ® ±¸Çö ¹æ¹ý¿¡ °üÇØ ¿¬±¸ÇÏ¿´´Ù. °æ¼ºÆ÷ÅÐÀÇ °æ¿ì SSL¿¡ ÀÇÇÑ ¾ÏÈ£È¿Í º¸¾ÈÀÎÁõÀÌ ÀÌ·ç¾îÁø À¥ ¼¹öÀÓ¿¡µµ ¿ìȸ °ø°Ý°ú ÇØÅ·ÀÌ °¡´ÉÇÏ¿´´Ù. ÇöÀç ¸¹Àº À¥ ¼¹ö°¡ º¸¾ÈÁ¶Ä¡°¡ ÀÌ·ç¾îÁ® ÀÖÁö ¾Ê°í, SSL¿¡ ÀÇÇØ º¸¾ÈÀÌ ÀÌ·ç¾îÁø À¥ ¼¹ö¶ó ÇÒÁö¶óµµ À̸¦ ¹«·ÂÈ ½Ãų ¼ö ÀÖÀ¸¹Ç·Î ÀÌÀÇ ½É°¢ÇÑ À§Çè°ú ´ëÀÀÁ¶Ä¡°¡ ²À ÇÊ¿äÇÔÀ» ¾Ë¸®°íÀÚ ÇÑ´Ù.
¿µ¹®³»¿ë
(English Abstract)
DNS spoofing is an attack in which an attacker intervenes in the communication between client and DNS server to deceive DNS server by responding to a fake IP address rather than actual IP address. It is possible to implement a pharming site that hacks user ID and password by duplicating web server¡¯s index page and simple web programming. In this paper we have studied web spoofing attack that combines DNS spoofing and pharming site implementation which leads to farming site. We have studied DNS spoofing attack method, procedure and farming site implementation method for portal server of this university. In the case of Kyungsung Portal, bypassing attack and hacking were possible even though the web server was SSL encrypted and secure authentication. Many web servers do not have security measures, and even web servers secured by SSL can be disabled. So it is necessary that these serious risks are to be informed and countermeasures are to be researched.
Å°¿öµå(Keyword)
DNS ½ºÇªÇÎ
ARP ½ºÇªÇÎ
Web ½ºÇªÇÎ
³×Æ®¿öÅ©º¸¾È
DNS Spoofing
ARP Spoofing
Web Spoofing
Network Security
ÆÄÀÏ÷ºÎ
PDF ´Ù¿î·Îµå
¸ñ·Ï
Copyright(c)
Computer Science Engineering Research Information Center
. All rights reserved.