@article{ART001941626},
author={최재영 and 백현철 and KimSangBok and 심종채 and PARK JAE HEUNG},
title={Encryption of TCP Sequence Numbers for Session Hijacking Attacks},
journal={Journal of Knowledge Information Technology and Systems},
issn={1975-7700},
year={2014},
volume={9},
number={6},
pages={707-714}
TY - JOUR
AU - 최재영
AU - 백현철
AU - KimSangBok
AU - 심종채
AU - PARK JAE HEUNG
TI - Encryption of TCP Sequence Numbers for Session Hijacking Attacks
JO - Journal of Knowledge Information Technology and Systems
PY - 2014
VL - 9
IS - 6
PB - Korea Knowledge Information Technology Society
SP - 707
EP - 714
SN - 1975-7700
AB - Session hijacking attacks represent a type of attack that captures existing session information by terminating normal sessions, which are connected through a TCP 3-Way handshaking process, using RST signals. In the case of the TCP 3-Way handshaking process, different sequence signals between servers and clients are generated to carry out a cross certification for each other. In a normally connected session, attackers interrupt sessions for a normal connection between servers and clients through generating RST signals and attempt to access a system by disguising an attacker as a registered user by generating a new sequence number. In precedent studies on preventing session hijacking attacks, a method that encrypts all sequence numbers generated in accessing a system has proposed. However, this method may cause lots of overheads in a cross certification process because it encrypts all sequence numbers required for the cross certification between servers and clients. Thus, in this study the encryption process is performed using a part of the information of the cross certification numbers in order to prevent illegal session hijacking as abnormal RST signals are generated. In addition, this method prevents the recognition of sequence numbers from attackers even though a sequence number is leaked. Moreover, it is possible to perform a defense for session hijacking attacks and to partly solve the overheads, which have been issued in the conventional studies.
KW - TCP 3-Way;Session Hijacking;Data Encryption Standard;TCP/IP Sockets;Sniffing
DO -
UR -
ER -
최재영, 백현철, KimSangBok, 심종채 and PARK JAE HEUNG. (2014). Encryption of TCP Sequence Numbers for Session Hijacking Attacks. Journal of Knowledge Information Technology and Systems, 9(6), 707-714.
최재영, 백현철, KimSangBok, 심종채 and PARK JAE HEUNG. 2014, "Encryption of TCP Sequence Numbers for Session Hijacking Attacks", Journal of Knowledge Information Technology and Systems, vol.9, no.6 pp.707-714.
최재영, 백현철, KimSangBok, 심종채, PARK JAE HEUNG "Encryption of TCP Sequence Numbers for Session Hijacking Attacks" Journal of Knowledge Information Technology and Systems 9.6 pp.707-714 (2014) : 707.
최재영, 백현철, KimSangBok, 심종채, PARK JAE HEUNG. Encryption of TCP Sequence Numbers for Session Hijacking Attacks. 2014; 9(6), 707-714.
최재영, 백현철, KimSangBok, 심종채 and PARK JAE HEUNG. "Encryption of TCP Sequence Numbers for Session Hijacking Attacks" Journal of Knowledge Information Technology and Systems 9, no.6 (2014) : 707-714.
최재영; 백현철; KimSangBok; 심종채; PARK JAE HEUNG. Encryption of TCP Sequence Numbers for Session Hijacking Attacks. Journal of Knowledge Information Technology and Systems, 9(6), 707-714.
최재영; 백현철; KimSangBok; 심종채; PARK JAE HEUNG. Encryption of TCP Sequence Numbers for Session Hijacking Attacks. Journal of Knowledge Information Technology and Systems. 2014; 9(6) 707-714.
최재영, 백현철, KimSangBok, 심종채, PARK JAE HEUNG. Encryption of TCP Sequence Numbers for Session Hijacking Attacks. 2014; 9(6), 707-714.
최재영, 백현철, KimSangBok, 심종채 and PARK JAE HEUNG. "Encryption of TCP Sequence Numbers for Session Hijacking Attacks" Journal of Knowledge Information Technology and Systems 9, no.6 (2014) : 707-714.
