An Active Host-Based Intrusion Detection System for ARP-Related Attacks and its Verification

Artigo Acesso aberto

An Active Host-Based Intrusion Detection System for ARP-Related Attacks and its Verification

2011; Volume: 3; Issue: 3 Linguagem: Inglês

10.5121/ijnsa.2011.3311

ISSN

0975-2307

Autores

Ferdous Ahmed Barbhuiya, Santosh Biswas, Sukumar Nandi,

Tópico(s)

Advanced Authentication Protocols Security

Resumo

Spoofing with falsified IP-MAC pair is the first step in most of the LAN based-attacks. Address Resolution Protocol (ARP) is stateless, which is the main cause that makes spoofing possible. Several network level and host level mechanisms have been proposed to detect and mitigate ARP spoofing but each of them has their own drawback. In this paper we propose a Host-based Intrusion Detection system for LAN attacks, which works without any extra constraint like static IP-MAC, modifying ARP etc. The proposed scheme is verified under all possible attack scenarios. The scheme is successfully validated in a test bed with various attack scenarios and the results show the effectiveness of the proposed technique.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

An Active Host-Based Intrusion Detection System for ARP-Related Attacks and its Verification