발간년도 : [2014]
| 논문정보 |
|
| 논문명(한글) |
[Vol.9, No.6] Encryption of TCP Sequence Numbers for Session Hijacking Attacks |
|
| 논문투고자 |
Jae-Yeong Choi, Hyun-Chul Baek, Sang-Bok Kim, Jong-Chae Sim, Jae-Heung Park |
|
| 논문내용 |
Session hijacking attacks represent a type of attack that captures existing session information by terminating normal sessions, which are connected through a TCP 3-Way handshaking process, using RST signals. In the case of the TCP 3-Way handshaking process, different sequence signals between servers and clients are generated to carry out a cross certification for each other. In a normally connected session, attackers interrupt sessions for a normal connection between servers and clients through generating RST signals and attempt to access a system by disguising an attacker as a registered user by generating a new sequence number. In precedent studies on preventing session hijacking attacks, a method that encrypts all sequence numbers generated in accessing a system has proposed. However, this method may cause lots of overheads in a cross certification process because it encrypts all sequence numbers required for the cross certification between servers and clients. Thus, in this study the encryption process is performed using a part of the information of the cross certification numbers in order to prevent illegal session hijacking as abnormal RST signals are generated. In addition, this method prevents the recognition of sequence numbers from attackers even though a sequence number is leaked. Moreover, it is possible to perform a defense for session hijacking attacks and to partly solve the overheads, which have been issued in the conventional studies. |
|
| 첨부논문 |
|
|
|
|
|
자료실 > 논문지 
