Advertisement

Scalable Implementation of Active Detection Mechanism for LAN Based Attacks

  • G. Bansal
  • N. Kumar
  • F. A. Barbhuiya
  • S. Biswas
  • S. Nandi
Part of the Communications in Computer and Information Science book series (CCIS, volume 196)

Abstract

The function of Address Resolution Protocol (ARP) is critical in local area networking as well as for routing Internet traffic across gateways. ARP, being a Stateless protocol, is prone to various attacks such as ARP spoofing, ARP flooding and ARP poisoning. This work discusses about an efficient scalable implementation of an Intrusion Detection System (IDS) with active detection, to detect ARP spoofing, flooding and related attacks like Man-in-the-Middle(MiTM) and Denial-of-Service(DoS) etc.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kozierok, C.M.: TCP/IP Guide, 1st edn (October 2005)Google Scholar
  2. 2.
  3. 3.
    ArpdefenderGoogle Scholar
  4. 4.
    Colasoft-capsaGoogle Scholar
  5. 5.
  6. 6.
    Abad, C.L., Bonilla, R.I.: An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks. In: ICDCSW 2007: Proceedings of the 27th International Conference on Distributed Computing Systems Workshops, p. 60 (2007)Google Scholar
  7. 7.
    Hsiao, H.W., Lin, C.S., Chang, S.Y.: Constructing an ARP attack detection system with SNMP traffic data mining. In: ICEC 2009: Proceedings of the 11th International Conference on Electronic Commerce, pp. 341–345 (2009)Google Scholar
  8. 8.
    Gouda, M.G., Huang, C.-T.: A Secure Address Resolution Protocol. Computer Networks 41(1), 57–71 (2003)CrossRefzbMATHGoogle Scholar
  9. 9.
    Lootah, W., Enck, W., McDaniel, P.: TARP: Ticket-based Address Resolution Protocol, pp. 106–116 (2005)Google Scholar
  10. 10.
    Ramachandran, V., Nandi, S.: Detecting ARP Spoofing: An Active Technique. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2005. LNCS, vol. 3803, pp. 239–250. Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Hubballi, N., Roopa, S., Ratti, R., Barbhuiya, F., Biswas, S., Sur, A., Nandi, S., Ramachandran, V.: An Active Intrusion Detection System for LAN Specific Attacks. In: Kim, T.-h., Adeli, H. (eds.) AST/UCMA/ISA/ACN 2010. LNCS, vol. 6059, pp. 129–142. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Schneider, F., Wallerich, J.: Performance evaluation of packet capturing systems for high-speed networks. In: CoNEXT 2005: Proceedings of the 2005 ACM conference on Emerging network experiment and technology, pp. 284–285 (2005)Google Scholar
  13. 13.
    Devadithya, T., Chiu, K., Lu, W.: C++ reflection for high performance problem solving environments. In: SpringSim 2007: Proceedings of the 2007 spring simulation multiconference, pp. 435–440 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • G. Bansal
    • 1
  • N. Kumar
    • 1
  • F. A. Barbhuiya
    • 1
  • S. Biswas
    • 1
  • S. Nandi
    • 1
  1. 1.Department of Computer Science and EngineeringIndian Institute of TechnologyGuwahatiIndia

Personalised recommendations