Architecture and Protocols for Secure LAN by Using a Software-Level Certificate and Cancellation of ARP Protocol

Pansa, Detchasit; Chomsiri, Thawatchai

doi:10.1109/iccit.2008.345

Cited by 10 publications

(6 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are many well-researched works of literature where spoofing defending system is discussed. Among them T. Demuth et al, 2005, D. Pansa et al, 2008, Z. Trabelsi et al, 2007and R. Philip et al, 2007 are mostly considerable (D. Pansa and T. Chomsiri, 2008;T. Demuth and A. Leitner, 2005; Z.…”

Section: Fig 2 Spoofing Methods Between Two Clientsmentioning

confidence: 99%

“…Address Resolution Protocol has no states thus it provides very few securities to the caching system. Some top-notch researches referring from Ataullah and Chauhan (2012), Altunbasak et al (2004), Subashini and Kavitha (2011), Alabady (2009), Caceres and Padmanabhan (1998), Ford (2005), Pansa and Chomsiri (2008), Chomsiri (2008), Salim et al (2012), Demuth and Leitner (2005) shows the stateof-art (SoA) of using those security weaknesses for conducting a perfect MITM attack. Suppose, we have next network: the attacker 'X' (IP = 10.0.x.x3, MAC = EE:EE:EE:EE:EE:X3), victim 'A' (IP = 10.0.x.x1, MAC = AA:AA:AA:AA:AA:X1), and victim 'B' (IP = 10.0.x.x2, MAC = BB:BB:BB:BB:BB:X2).…”

Section: Spoofing: Most Common Mitmmentioning

confidence: 99%

“…Medium of Communication Protocol Concerns Demuth et al, 2005 Server Based Communication ARP Can't work for wireless communications. Pansa et al, 2008 Server Based/ Host Based ARP, DHCP Compatible for DoS, DHCP but has a single point of failure. Trabelsi et al, 2007 Host Based ARP Level of importance of each host is very difficult to decide.…”

Section: Referencesmentioning

confidence: 99%

See 2 more Smart Citations

Man-in-the-middle-attack: Understanding in simple words

Mallik¹,

Ahsan²,

Shahadat³

et al. 2019

10.5267/j.ijdns

View full text Add to dashboard Cite

These days cyberattack is a serious criminal offense and it is a hotly debated issue moreover. A man-in-the-middle-attack is a kind of cyberattack where an unapproved outsider enters into an online correspondence between two users, remains escaped the two parties. The malware that is in the middle-attack often monitors and changes individual/classified information that was just realized by the two users. A man-in-the-middle-attack as a protocol is subjected to an outsider inside the system, which can access, read and change secret information without keeping any tress of manipulation. This issue is intense, and most of the cryptographic systems without having a decent authentication security are threatened to be hacked by the malware named 'men-in-themiddle-attack' (MITM/MIM). This paper essentially includes the view of understanding the term of 'men-in-the-middle-attack'; the current work is mainly emphasized to accumulate related data/information in a single article so that it can be a reference to conduct research further on this topic at college/undergraduate level. This paper likewise audits most cited research and survey articles on 'man-in-the-middle-attack' recorded on 'Google Scholar'. The motivation behind this paper is to help the readers for understanding and familiarizing the topic 'man-in-the-middle attack'.

show abstract

Section: Fig 2 Spoofing Methods Between Two Clientsmentioning

confidence: 99%

Section: Spoofing: Most Common Mitmmentioning

confidence: 99%

See 1 more Smart Citation

Man-in-the-middle-attack: Understanding in simple words

Mallik¹,

Ahsan²,

Shahadat³

et al. 2019

10.5267/j.ijdns

View full text Add to dashboard Cite

show abstract

“…Furthermore, addition of cryptographic features in ARP may lead to some performance overhead. Pansa and Chomsiri [28] proposed revision of the dynamic host configuration protocol (DHCP) definition to include authentication of network devices and inclusion of mapping information between IP and MAC addresses. Although flawless in concept, it would cause serious compatibility problems because DHCP is one of the most popular protocols.…”

Section: Server-based Approachesmentioning

confidence: 99%

ASA: agent-based secure ARP cache management

Kim

Hong

et al. 2012

IET Commun.

View full text Add to dashboard Cite

Address resolution protocol (ARP) is widely used to maintain mapping between data link (e.g. MAC) and network (e.g. IP) layer addresses. Although most hosts rely on automated and dynamic management of ARP cache entries, current implementation is well-known to be vulnerable to spoofing or denial of service (DoS) attacks. There are many tools that exploit vulnerabilities of ARP protocols, and past proposals to address the weaknesses of the 'original' ARP design have been unsatisfactory. Suggestions that ARP protocol definition be modified would cause serious and unacceptable compatibility problems. Other proposals require customised hardware be installed to monitor malicious ARP traffic, and many organisations cannot afford such cost. This study demonstrates that one can effectively eliminate most threats caused by the ARP vulnerabilities by installing anti-ARP spoofing agent (ASA), which intercepts unauthenticated exchange of ARP packets and blocks potentially insecure communications. The proposed approach requires neither modification of kernel ARP software nor installation of traffic monitors. Agent uses user datagram protocol (UDP) packets to enable networking among hosts in a transparent and secure manner. The authors implemented agent software on Windows XP and conducted an experiment. The results showed that ARP hacking tools could not penetrate hosts protected by ASA.

show abstract

“…However, search methods do not solve the ARP spoofing attack if the attacker is intelligent and customized its protocol stack, and this approach requires extra administration efforts. A technique that depends on installing a new DHCP server for use as a MAC-IP database center was proposed by [13]. However, DHCP is widely used and cannot be modified which makes this solution unrealistic.…”

Section: Related Workmentioning

confidence: 99%

Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense

Sukkar¹,

Saifan²,

Khwaldeh³

et al. 2016

View full text Add to dashboard Cite

Networks have become an integral part of today's world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP) protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the weaknesses of this protocol to deceive a victim's machine and a router through creating a sort of Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will pass first through the attacker's machine. This enables the attacker to inspect victim's data packets, extract valuable data (like passwords) that belong to the victim and manipulate these data packets. We suggest and implement a defense mechanism and tool that counters this attack, warns the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as an operating system to implement both the attack and the defense tools. The results show the success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient way.

show abstract

Architecture and Protocols for Secure LAN by Using a Software-Level Certificate and Cancellation of ARP Protocol

Abstract: This research presents a design of "architecture and protocols" for the LAN security preventing the process of MAC Address spoofing, ARP Spoof and MITM. Each Network Card is designed to have a Certificate, a

Cited by 10 publications

References 2 publications

Man-in-the-middle-attack: Understanding in simple words

Man-in-the-middle-attack: Understanding in simple words

ASA: agent-based secure ARP cache management

Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense

Contact Info

Product

Resources

About