Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
³×Æ®¿öÅ© Á¤º¸º¸È£½Ã½ºÅÛ ¿ìȸ °ø°Ý¿¡ ´ëÇÑ ´ëÀÀÈÆ·Ã ½Ã³ª¸®¿À |
| ¿µ¹®Á¦¸ñ(English Title) |
A Correspondence Training Scenario against Bypassing Information Protection System Attacks |
| ÀúÀÚ(Author) |
È«Á¤¼ö
¾çµ¿¹Î
À̺Àȯ
Jeong Soo Hong
Dong Min Yang
Bong Hwan Lee
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 22 NO. 05 PP. 0818 ~ 0828 (2018. 05) |
Çѱ۳»¿ë
(Korean Abstract) |
ÇöÀç ³×Æ®¿öÅ© Á¤º¸º¸È£¸¦ À§ÇÏ¿© ´Ù¾çÇÑ º¸¾È ½Ã½ºÅÛµéÀÌ °³¹ßµÇ¾î È°¿ëµÇ°í ÀÖ´Ù. º¸¾È ¼Ö·ç¼ÇÀ» µµÀÔÇÏ´Â °Í¸¸À¸·Î º¸¾È»óÀÇ À§ÇèÀ» »ó´ç¼ö ¹æÁöÇÒ ¼ö ÀÖÁö¸¸, º¸¾È ¼Ö·ç¼ÇÀº ±× ¸ñÀû°ú ±â´É¿¡ µû¶ó ÀûÀýÇÑ ÇüÅ·Π»ç¿ëµÇ¾î¾ß ÃæºÐÇÑ °¡Ä¡°¡ ¹ßÈÖµÉ ¼ö ÀÖ´Ù. Á¤º¸º¸È£½Ã½ºÅÛ¿¡ ¸¹ÀÌ »ç¿ëµÇ´Â º¸¾È ¼Ö·ç¼ÇÀ¸·Î´Â ¹æȺ®, IDS, IPS µîÀÌ ÀÖ´Ù. ±×·¯³ª ´Ù¾çÇÑ Á¤º¸º¸È£½Ã½ºÅÛÀ» µµÀÔÇÏ°í ÀÖ´õ¶óµµ À̸¦ ¿ìȸÇÏ¿© °ø°ÝÇÏ´Â ±â¹ýÀº Ç×»ó Á¸ÀçÇÑ´Ù. º» ³í¹®¿¡¼´Â Á¤º¸º¸È£½Ã½ºÅÛ¿¡¼ ¿ìȸ°ø°Ý ±â¹ý¿¡ ´ëÇÑ ´ëÀÀ ¹æ¾È°ú ¿ìȸ °ø°Ý ±â¹ýÀ» ÈƷÿ¡ Àû¿ëÇÒ ¼ö ÀÖ´Â È¿°úÀûÀÎ ÈÆ·Ã ½Ã³ª¸®¿À¸¦ Á¦¾ÈÇÑ´Ù. Á¦¾ÈÇÑ ´ëÀÀ ÈÆ·Ã ½Ã³ª¸®¿ÀÀÇ À¯È¿¼ºÀ» °ËÁõÇϱâ À§ÇØ GNS3 ³×Æ®¿öÅ© ½Ã¹Ä·¹ÀÌÅ͸¦ »ç¿ëÇÏ¿´À¸¸ç, VirtualBox¸¦ ÀÌ¿ëÇÏ¿© °¡»ó ¿î¿µÃ¼Á¦¸¦ ±¸ÃàÇÏ¿´´Ù. Á¦¾ÈÇÏ´Â ³×Æ®¿öÅ© Á¤º¸º¸È£½Ã½ºÅÛÀ» ¿ìȸÇÏ´Â °ø°Ý¿¡ ´ëÇÑ ´ëÀÀÈÆ·Ã ½Ã³ª¸®¿À´Â ½ÇÁ¦ °ø°Ý¿¡ ´ëÀÀÇϴµ¥ ¸Å¿ì È¿°úÀûÀ¸·Î È°¿ëµÉ ¼ö ÀÖ´Ù .
|
¿µ¹®³»¿ë
(English Abstract) |
Nowadays, various security systems are developed and used for protecting information on the network. Although security solutions can prevent some of the security risks, they provide high performance only if used appropriately in accordance with their purposes and functionality. Security solutions commonly used in information protection systems include firewalls, IDS, and IPS. However, despite various information protection systems are introduced, there are always techniques that can threaten the security systems through bypassing them. The purpose of this paper is to develop effective training techniques for responding to the bypass attack techniques in the information security systems and to develop effective techniques that can be applied to the training. In order to implement the test bed we have used GNS3 network simulator, and deployed it on top of virtual operating system using VirtualBox. The proposed correspondence training scenario against bypassing information protection system attacks could be very effectively used to counteract the real attacks.
|
| Å°¿öµå(Keyword) |
¿ìȸ°ø°Ý
GNS3
VirtualBox
Á¤º¸º¸È£½Ã½ºÅÛ
Bypassing Attack
GNS3
VirtualBox
Information Protection Systems
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
