µ¥ÀÌÅͺ£À̽º ¿¬±¸È¸Áö(SIGDB)
ÇѱÛÁ¦¸ñ(Korean Title) |
³×Æ®¿öÅ© ÆÐŶ µ¥ÀÌÅͺ£À̽º ºÐ¼®À» ÅëÇÑ Ãë¾à¼º ÅäÆú·ÎÁö ¸Ê »ý¼º ¹æ¾È |
¿µ¹®Á¦¸ñ(English Title) |
Vulnerability Topology Map Generation through Network Packet Database Analysis |
ÀúÀÚ(Author) |
½ÅÁø¸í
°ûäÇå
À̽ÂÇå
±ÇÁØÈ£
ÃÖÀ±È£
Jinmyeong Shin
Chae-Heon Gwak
Seungheon Lee
Joonho Kwon
Yoon-Ho Choi
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 33 NO. 03 PP. 0072 ~ 0088 (2017. 12) |
Çѱ۳»¿ë (Korean Abstract) |
½º¸¶Æ®ÆùÀÇ µîÀå, IoTÀÇ ´ëµÎ·Î ÀÎÇØ ³ª³¯ÀÌ ³×Æ®¿öÅ©¿¡ ¿¬°áµÇ´Â ±â±âµéÀÇ Á¾·ù°¡ ´Ù¾çÇØÁö°í ±× ¼ö°¡ Áõ°¡ÇÏ°í ÀÖ´Ù. °¢ ±â±âµéÀº Àú¸¶´Ù °íÀ¯ÀÇ Ãë¾àÁ¡µéÀ» °¡Áö°í ÀÖÀ¸¸ç ±× Ãë¾àÁ¡µéÀº ¾ÇÀÇÀû Àǵµ¸¦ °¡Áø °ø°ÝÀÚµéÀÇ Ç¥ÀûÀÌ µÈ´Ù. µû¶ó¼ ³×Æ®¿öÅ© °ü¸®ÀÚ´Â ÀÌ·± °ø°ÝÀÚµé·ÎºÎÅÍ ³×Æ®¿öÅ©ÀÇ ¾ÈÀüÀ» º¸ÀåÇϱâ À§ÇØ ³×Æ®¿öÅ©¿¡ Á¸ÀçÇÏ´Â ±â±âµéÀÇ Á¤º¸¿Í Ãë¾àÁ¡À» ÆľÇÇÏ¿© °ø°Ý¿¡ ´ëºñÇÒ ÇÊ¿ä°¡ ÀÖ´Ù. ±×·¯³ª ±âÁ¸ÀÇ Ãë¾à¼º Ž»öµµ±¸µéÀº ÇÁ·Îºê¸¦ ÀÌ¿ëÇÏ¿© ±â±âµéÀÇ Ãë¾àÁ¡ Á¤º¸¸¦ ¼öÁýÇϱ⠶§¹®¿¡ ºÐ¼® ÁøÇà Áß ´ë»ó°ú Ç×»ó ¿¬°á µÇ¾îÀÖ¾î¾ß ÇÏ°í ´ë»óÀ» ¸í½ÃÀûÀ¸·Î ÁöÁ¤ÇÏ´Â µî ºÐ¼®¿¡ ÀÖ¾î ¸¹Àº Á¦¾àÁ¶°ÇÀÌ µû¸¥´Ù. µû¶ó¼ º» ³í¹®Àº IDS(Intrusion Detection System)ÀÇ ¹ßÀü¿¡ µû¶ó ÇÔ²² ¹ßÀüÇØ¿Â DPI(Deep Packet Inspection)±â¼úÀ» Ãë¾àÁ¡ ºÐ¼®¿¡ Àû¿ëÇÏ¿©, Á¢¼Ó ÁßÀÎ ±â±âÀÇ Á¤º¸¸¦ ÀνÄÇÏ°í ÇØ´ç ±â±âÀÇ Ãë¾àÁ¡À» ºÐ¼®ÇÏ¿© Ãë¾à¼º ÅäÆú·ÎÁö ¸ÊÀ» ÀÚµ¿ »ý¼ºÇÏ´Â ÇÁ·Î±×·¥ÀÇ ¼³°è ¹× ±¸ÇöÀ» ±â¼úÇÑ´Ù. ÀÌ·± ¹æ½ÄÀÇ ³×Æ®¿öÅ© Ãë¾à¼º ºÐ¼®¹æ¹ýÀº ³×Æ®¿öÅ© °ü¸®¿¡ ÆíÀǼºÀ» Á¦°øÇÒ »Ó¸¸ ¾Æ´Ï¶ó ħÀÔ Å½Áö ¹× Â÷´ÜÀ» À§ÇÑ ½Ã½ºÅÛÀÇ È¿À²¼º Çâ»ó¿¡µµ µµ¿òÀÌ µÉ °ÍÀ¸·Î ±â´ëµÈ´Ù. |
¿µ¹®³»¿ë (English Abstract) |
Since appearance of smart phones and IoT, the number of devices connected on network is being increasing. Each device has their own vulnerabilities, and malicious user can exploit these vulnerabilities. Therefore, in order to ensure the security of the network from the malicious users, the network administrator needs to know information and vulnerabilities of the devices existing in the network and prepare for the attack. But, existing vulnerability scanners have many constraints such that they should be reachable to target and need specifying of target device. As a solution to this problem, we describes the design and implementation of a system that collects and analyzes packets from network, recognizes the information of the devices connected to the network, and automatically generates vulnerability topology map based on DPI(Deep Packet Inspection) analysis. This method of network vulnerability analysis is expected not only to provide convenience to network management but also to improve system efficiency for intrusion detection and prevention. |
Å°¿öµå(Keyword) |
Vulnerability detection
Vulnerability topology
Network management
Device analysis
Network security
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|