Detecting ARP Spoofing: An Active Technique

Ramachandran, Vivek; Nandi, Sukumar

doi:10.1007/11593980_18

Cited by 63 publications

(32 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since ARP is a widely deployed protocol in every system, it has been subject to various attacks [12]. ARP cache poisoning is one of such attacks at the MAC layer in which an attacker modifies the address mapping in the ARP table by sending a malicious ARP reply packet to the victim machine.…”

Section: Attacks On Arpmentioning

confidence: 99%

PARP-S: A secure piggybacking-based ARP for IEEE 802.11s-based Smart Grid AMI networks

Saputro

Akkaya

2015

Computer Communications

View full text Add to dashboard Cite

Section: Attacks On Arpmentioning

confidence: 99%

PARP-S: A secure piggybacking-based ARP for IEEE 802.11s-based Smart Grid AMI networks

Saputro

Akkaya

2015

Computer Communications

View full text Add to dashboard Cite

“…The authors of [12] suggested search methods. However, search methods do not solve the ARP spoofing attack if the attacker is intelligent and customized its protocol stack, and this approach requires extra administration efforts.…”

Section: Related Workmentioning

confidence: 99%

Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense

Sukkar¹,

Saifan²,

Khwaldeh³

et al. 2016

View full text Add to dashboard Cite

Networks have become an integral part of today's world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP) protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the weaknesses of this protocol to deceive a victim's machine and a router through creating a sort of Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will pass first through the attacker's machine. This enables the attacker to inspect victim's data packets, extract valuable data (like passwords) that belong to the victim and manipulate these data packets. We suggest and implement a defense mechanism and tool that counters this attack, warns the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as an operating system to implement both the attack and the defense tools. The results show the success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient way.

show abstract

“…For instance, there are detection mechanisms that work by monitoring ARP packets and alerting administrators through passive detection (e.g., arpwatch [51]), active detection [52] and Intrusion Detection Systems (IDS) (e.g., snort [53]). However, these approaches will not be applicable to the proposed approach in this study due to the size of AMI applications and unavailability of administrators.…”

Section: Arp Attacksmentioning

confidence: 99%

“…Since ARP is a widely deployed protocol in every system, it has been subject to various attacks [52]. ARP cache poisoning is one of such attacks at the MAC layer in which an attacker modifies the address mapping in the ARP table by sending a malicious ARP reply message to the victim machine.…”

Section: Attacks On Arpmentioning

confidence: 99%

Performance Optimization of Network Protocols for IEEE 802.11s-based Smart Grid Communications

Saputro¹

View full text Add to dashboard Cite

The tunneling mechanisms in the LTE network cause a downlink traffic problem to IEEE 802.11s. For the network interoperability, at the network layer of EPC network, a novel UE access list was proposed to address this issue. At the datalink layer, to handle QoS mismatch between IEEE 802.11s and LTE network, Dual Queues approach was proposed for the Enhanced Distributed Channel Access. The effectiveness of all proposed approaches was validated through extensive simulation experiments using a network simulator. The simulation results showed that the proposed approaches outperformed the traditional TCP/IP protocols in terms of end to end delay, packet delivery ratio, throughput, and collection time.

show abstract

Detecting ARP Spoofing: An Active Technique

Cited by 63 publications

References 1 publication

PARP-S: A secure piggybacking-based ARP for IEEE 802.11s-based Smart Grid AMI networks

PARP-S: A secure piggybacking-based ARP for IEEE 802.11s-based Smart Grid AMI networks

Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense

Performance Optimization of Network Protocols for IEEE 802.11s-based Smart Grid Communications

Contact Info

Product

Resources

About