TY - GEN
T1 - Analysis and countermeasures of security vulnerability on portal sites
AU - Kwak, Kyoungju
AU - Lee, Kwangwoo
AU - Won, Dongho
AU - Kim, Seungjoo
PY - 2011
Y1 - 2011
N2 - Recently, major portal sites are suffering from a number of attacks and it is growing exponentially. July 2009, there has been system failure on government sites and some of the major portal sites due to the DDoS (Distributed Denial of Service) attack. Moreover, portal sites are exploited by a cross-site scripting vulnerability in 2010. To solve these problems, each portal site made an effort to eliminate the security vulnerability of the website and to protect personal information such as ID and password. However, portal sites still have the security vulnerabilities against ARP (Address Resolution Protocol) poisoning attack and the certificate spoofing attack. In this paper, we show the results of our penetration test and present the countermeasures on the ARP (Address Resolution Protocol) poisoning attack and the certificate spoofing attack.
AB - Recently, major portal sites are suffering from a number of attacks and it is growing exponentially. July 2009, there has been system failure on government sites and some of the major portal sites due to the DDoS (Distributed Denial of Service) attack. Moreover, portal sites are exploited by a cross-site scripting vulnerability in 2010. To solve these problems, each portal site made an effort to eliminate the security vulnerability of the website and to protect personal information such as ID and password. However, portal sites still have the security vulnerabilities against ARP (Address Resolution Protocol) poisoning attack and the certificate spoofing attack. In this paper, we show the results of our penetration test and present the countermeasures on the ARP (Address Resolution Protocol) poisoning attack and the certificate spoofing attack.
KW - ARP poisoning attack
KW - Certificate spoofing
KW - Portal site
UR - http://www.scopus.com/inward/record.url?scp=79956008671&partnerID=8YFLogxK
U2 - 10.1145/1968613.1968728
DO - 10.1145/1968613.1968728
M3 - Conference contribution
AN - SCOPUS:79956008671
SN - 9781450305716
T3 - Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011
BT - Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011
T2 - 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011
Y2 - 21 February 2011 through 23 February 2011
ER -