Abstract
Network survivability nowadays has priority over everything for both network design and implementation. The key focus on the network security is securing individual components as well as preventing unauthorized access to network services. Ironically, Address Resolution Protocol (ARP) poisoning and spoofing techniques can be used to prohibit unauthorized network access and resource occupations. Our work deals with simulation of intrusion traffic by explicitly generating data packets that contain ARP spoofing packets. In this paper we report experimental studies of simulation efficiency and network performance of simulated networks using a host isolation system to capture duplicate ARP spoofing attacks. The Virtual Local Area Network (VLAN) based network access control framework proposed in this paper works in parallel with the policy based real-time access control function to make the utmost use of the network resources and to provide a high-quality service to the user.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kim, H., Ahn, S., kim, S., Chung, J.: A Host Protection Framework Against Unauthorized Access for Ensuring Network Survivability. In: Jin, H., Gao, G.R., Xu, Z., Chen, H. (eds.) NPC 2004. LNCS, vol. 3222, pp. 635–643. Springer, Heidelberg (2004)
Choi, W., Kim, H., Ahn, S., Chung, J.: Dynamic Access Control Scheme for Service-based Multi-netted Asymmetric Virtual LAN. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3480, pp. 137–145. Springer, Heidelberg (2005)
Bruschi, D., Ornaghi, A., et al.: S-ARP: a Secure Address Resolution Protocol. In: Omondi, A.R., Sedukhin, S.G. (eds.) ACSAC 2003. LNCS, vol. 2823, pp. 66–74. Springer, Heidelberg (2003)
Hastings, N.E., McLean, P.A.: TCP/IP spoofing fundamentals, Computers and Communications. In: Conference Proceedings of the 1996 IEEE Fifteenth Annual International Phoenix Conference, pp. 218–224 (1996)
Ishibashi, H., Yamai, N., Abe, K., Matsuura, T.: A protection method against unauthorized access and address spoofing for open network access systems. In: Communications, Computers and signal Processing, PACRIM. 2001 IEEE Pacific Rim Conference, pp. 10–13 (2001)
McDonald, B., Znati, T., et al.: Comparative Analysis of Neighbor Greeting Protocols: ARP versus ES-IS. In: SIMULATION 1996, pp. 71–80 (April 1996)
Ruffen, D., Len, T., Yanacek, J.: Cabletron SecureFast VLAN Operational Model Version 1.8, IETF RFC 2643 (August 1999)
McGee, W.R., Vasireddy, S.R., et al.: A Framework for Ensuring Network Security. Bell Labs Technical Journal 8, 7–27 (2004)
Chakrabarti, A., Manimaran, G.: Internet Infrastructure Security: A Taxonomy, IEEE Network, 13–21 (November/December 2002)
Templeton, S.J., Levitt, K.E.: Detecting Spoofed Packets. DISCEX 2003 1, 164–175 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, H., Ahn, S., Choi, J. (2006). Performance Analysis of Dynamic Host Isolation System in Wireless Mobile Networks. In: Gavrilova, M.L., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3984. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751649_91
Download citation
DOI: https://doi.org/10.1007/11751649_91
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34079-9
Online ISBN: 978-3-540-34080-5
eBook Packages: Computer ScienceComputer Science (R0)