An Active Host-Based Detection Mechanism for ARP-Related Attacks

Capítulo de livro Revisado por pares

An Active Host-Based Detection Mechanism for ARP-Related Attacks

2010; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-642-17878-8_44

ISSN

1865-0937

Autores

Ferdous Ahmed Barbhuiya, S. Roopa, Ritesh Ratti, Neminath Hubballi, Santosh Biswas, Arijit Sur, Sukumar Nandi, Vedantham Ramachandran,

Tópico(s)

IPv6, Mobility, Handover, Networks, Security

Resumo

Most of the LAN based-attacks involves the spoofing of the victim host with falsified IP-MAC pairs. MAC Spoofing is possible because of the stateless nature of the Address Resolution Protocol (ARP), which is responsible for resolving IP Addresses to MAC Addresses. Several mechanisms have been proposed to detect and mitigate ARP spoofing attempts both at the network level and at the host level, but each of them have their own drawback. In this paper we propose a Host-based Intrusion Detection system for LAN attacks which work without any extra constraint like static IP-MAC, modifying ARP etc. The scheme is successfully validated in a test bed with various attack scenarios and the results show the effectiveness of the proposed technique.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

An Active Host-Based Detection Mechanism for ARP-Related Attacks