Á¤º¸°úÇÐȸ ³í¹®Áö C : ÄÄÇ»ÆÃÀÇ ½ÇÁ¦
Current Result Document :
ÇѱÛÁ¦¸ñ(Korean Title) |
DNS ½ÌũȦ Àû¿ëÀ» ÅëÇÑ ¾Ç¼ºº¿ ÇÇÇعæÁö ±â¹ý ¹× È¿°ú |
¿µ¹®Á¦¸ñ(English Title) |
Preventing Botnet Damage Technique and It |
ÀúÀÚ(Author) |
±è¿µ¹é
À̵¿·Ã
ÃÖÁß¼·
¿°Èï¿
Young Baek Kim
Dongryun Lee
Joongsup Choi
Heungyoul Youm
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 15 NO. 01 PP. 0047 ~ 0055 (2009. 01) |
Çѱ۳»¿ë (Korean Abstract) |
¾Ç¼ºº¿Àº ÇØÄ¿¿¡ ÀÇÇØ ¿ø°Ý Á¶Á¤µÇ¾î ¸í·É¿¡ ÀÇÇØ ½ºÆÔ¸ÞÀÏ ¹ß¼Û, DDoS °ø°Ý µîÀÇ ¾Ç¼ºÇàÀ§¸¦ ¼öÇàÇÏ´Â ¿ú/¹ÙÀÌ·¯½º ÀÌ´Ù. ¾Ç¼ºº¿Àº ÀÌÀüÀÇ ¿ú/¹ÙÀÌ·¯½º¿Í ´Þ¸® ±ÝÀüÀûÀÎ À̵æÀ» ¸ñÀûÀ¸·Î ÇÏ´Â °æ¿ì°¡ ¸¹Àº ¹Ý¸é °¨¿°»ç½ÇÀ» ÇÇÇØÀÚ°¡ ÀÎÁöÇϱ⠽±Áö ¾Ê¾Æ ÇÇÇØ°¡ ½É°¢ÇÑ ½ÇÁ¤ÀÌ´Ù. ÀÌ¿¡ ´ëÇÑ ´ëÀÀ ¹æ¾ÈÀ¸·Î´Â ÇØÄ¿ÀÇ ¸í·ÉÀ» Àü´ÞÇÏ´Â ¸í·É/Á¦¾î ¼¹öÀÇ Â÷´ÜÀÌ ÇÊ¿äÇÏ´Ù. ÀÌ Áß ¾Ç¼ºº¿ DNS ½ÌũȦ ±â¹ýÀÌ ±¹³»¿¡¼ Àû¿ëÇÏ°í ÀÖ´Â º¿ ´ëÀÀ ½Ã½ºÅÛÀ¸·Î, º» ³í¹®ÀÇ ¸ñÀûÀº ÀÌ ¹æ½ÄÀÇ È¿°ú¼ºÀ» Á¦½ÃÇϴµ¥ ÀÖ´Ù. º» ³í¹®¿¡¼´Â 1³â ÀÌ»óÀÇ Àå±â°£ µ¿¾È ¾Ç¼ºº¿ ¹× Botnet À» °üÂûÇÏ¿© Bot °¨¿° PCÀÇ °¨¿° Áö¼Ó½Ã°£, Bot ¸í·É/Á¦¾î ¼¹öÀÇ Æ¯¼º µîÀ» ÆľÇÇÏ°í, ¾Ç¼ºº¿ÀÇ ÇÇÇظ¦ ¹æÁöÇϱâ À§ÇÑ È¿°úÀûÀÎ ¹æ¾ÈÀÎ ¾Ç¼ºº¿ DNS ½ÌũȦÀÇ Àû¿ë °á°ú¸¦ ºÐ¼®ÇÑ´Ù. À̸¦ À§ÇÏ¿© ¿ú»ùÇà ºÐ¼® ÅøÀ» ÀÌ¿ëÇÏ¿© ÀÚµ¿ ºÐ¼®Ã¼°è¸¦ ±¸ÃàÇÏ¿´°í, À̸¦ ½Ã½ºÅÛÈ ÇÏ¿´´Ù. ¶ÇÇÑ, ºÐ¼®À» ÅëÇØ ÇöÀç ±¹³»¿¡¼ Àû¿ëµÇ°í ÀÖ´Â º¿ ´ëÀÀ ½Ã½ºÅÛÀÇ Å¸´ç¼ºÀ» °ËÁõÇÏ¿´´Ù. |
¿µ¹®³»¿ë (English Abstract) |
Bot is a kind of worm/virus that is remotely controlled by a herder. Bot can be used to launch distributed denial-of-service(DDoS) attacks or send spam e-mails etc. Launching cyber attacks using malicious Bots is motivated by increased monetary gain which is not the objective of worm/virus. However, it is very difficult for infected user to detect this infection of Botnet which becomes more serious problems. This is why botnet is a dangerous, malicious program. The Bot DNS Sinkhole is a domestic bot mitigation scheme which will be proved in this paper as one of an efficient ways to prevent malicious activities caused by bots and command/control servers. In this paper, we analysis botnet activities over more than one-year period, including Bot's lifetime, Bot command/ control server's characterizing. And we analysis more efficient ways to prevent botnet activities. We have showed that DNS sinkhole scheme is one of the most effective Bot mitigation schemes. |
Å°¿öµå(Keyword) |
º¿
º¿³Ý
½ÌũȦ
Çã´Ï³Ý
Bot
Botnet
DNS Sinkhole
Honeynet
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|