An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks

Abad, Cristina L.; Bonilla, Rafael I.

doi:10.1109/icdcsw.2007.19

Cited by 86 publications

(48 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The spectrogram for this time series is shown in Figure 6 For the first fourth of the time series, a single polling period of 3 seconds is used. The corresponding frequency component is present at 1 3 Hz, which can be observed as a horizontal red line in the spectrogram. After some time, a second polling series starts, with a period of 5 seconds.…”

Section: Spectral Analysismentioning

confidence: 99%

“…Note that a malicious host masqueraded as such HMI, by spoofing its IP address, could perform the same attack. Interested readers are referred to [1] for a discussion of mechanisms that can protect against such attacks.…”

Section: Dealing With Real-world Attack Scenariosmentioning

confidence: 99%

“…Therefore, in Chapter 2 of this thesis, we present an extensive characterization of network traces collected in SCADA networks used in utility sector: water treatment and distribution facilities, and gas and electricity providers. The data collection was possible through the collaboration with industry partners, established in the context of the national Hermes, Castor and Midas projects 1 . The goal of this characterization is to expose the differences with traditional Information Technology (IT) networks, and thus motivate the need of new intrusion detection solutions.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Anomaly detection in SCADA systems : a network based approach

Barbosa¹

View full text Add to dashboard Cite

Section: Spectral Analysismentioning

confidence: 99%

Section: Dealing With Real-world Attack Scenariosmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Anomaly detection in SCADA systems : a network based approach

Barbosa¹

View full text Add to dashboard Cite

“…DAI uses a technique called DHCP-Snooping [144] to build and maintain its trusted IP-MAC address database. While DAI is one of the most promising non-cryptographic solutions to mitigate ARP spoofing attacks, its drawbacks include its proprietary nature and relatively high cost [22,145].…”

Section: Traditional Arp Spoofing Countermeasuresmentioning

confidence: 99%

“…A survey of these measures is provided in [22]. One of the most prominent and widely used ARP spoofing mitigation approaches is Dynamic ARP Inspection (DAI) [25].…”

Section: Traditional Arp Spoofing Countermeasuresmentioning

confidence: 99%

Security in software defined networks

Alharbi¹

View full text Add to dashboard Cite

Software Defined Networking (SDN) is an emerging computer network paradigm and represents one of the most promising technologies to simplify network management and configuration through increased network programmability and abstraction. In contrast to traditional networks, in SDN, the control plane, which makes decisions on how to forward traffic, is separated from the data plane, which transmits traffic to selected destinations. That makes network control (via the SDN controller) more programmable, dynamic and centralised. With the higher level of abstraction that SDN provides, network administrators can more easily configure network services and manage traffic flows without having to configure a large number of individual network devices (switches and routers). The great potential of SDN has led to significant deployments in data centres, wide area networks, etc., and it is growing at a rapid pace.Security is a critical aspect of networking in general and is particularly vital in SDN. Due to its fundamentally new architecture, SDN presents new potential security vulnerabilities and risks. Security in SDN has not received much attention yet, given that it is very distinct and unique.The goal of this PhD was to address this gap and analyse the security of the SDN infrastructure, identify vulnerabilities and weaknesses, and propose corresponding solutions and improvements. The focus was on the fundamental aspects and components of SDN, in particular the building blocks of the control plane components include Topology Discovery, Address Resolution Protocol (ARP) Handling and Virtualisation Layer. Finally, the thesis thoroughly explored and investigated the most common and effective attacks against the SDN architecture.

show abstract

A survey on security issues in services communication of Microservices‐enabled fog applications

Jin

Zhang

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

SummaryFog computing is used as a popular extension of cloud computing for a variety of emerging applications. To incorporate various design choices and customized policies in fog computing paradigm, Microservices is proposed as a new software architecture, which is easy to modify and quick to deploy fog applications because of its significant features, ie, fine granularity and loose coupling. Unfortunately, the Microservices architecture is vulnerable due to its wildly distributed interfaces that are easily attacked. However, the industry has not been fully aware of its security issues. In this paper, a survey of different security risks that pose a threat to the Microservices‐based fog applications is presented. Because a fog application based on Microservices architecture consists of numerous services and communication among services is frequent, we focus on the security issues that arise in services communication of Microservices in four aspects: containers, data, permission, and network. Containers are often used as the deployment and operational environment for Microservices. Data is communicated among services and is vital for every enterprise. Permission is the guarantee of services security. Network security is the foundation for secure communication. Finally, we propose an ideal solution for security issues in services communication of Microservices‐based fog applications.

show abstract

An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks

Cited by 86 publications

References 8 publications

Anomaly detection in SCADA systems : a network based approach

Anomaly detection in SCADA systems : a network based approach

Security in software defined networks

A survey on security issues in services communication of Microservices‐enabled fog applications

Contact Info

Product

Resources

About