Sniffing Packets on LAN without ARP Spoofing

Chomsiri, Thawatchai

doi:10.1109/iccit.2008.318

Cited by 24 publications

(9 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Address Resolution Protocol has no states thus it provides very few securities to the caching system. Some top-notch researches referring from Ataullah and Chauhan (2012), Altunbasak et al (2004), Subashini and Kavitha (2011), Alabady (2009), Caceres and Padmanabhan (1998), Ford (2005), Pansa and Chomsiri (2008), Chomsiri (2008), Salim et al (2012), Demuth and Leitner (2005) shows the stateof-art (SoA) of using those security weaknesses for conducting a perfect MITM attack. Suppose, we have next network: the attacker 'X' (IP = 10.0.x.x3, MAC = EE:EE:EE:EE:EE:X3), victim 'A' (IP = 10.0.x.x1, MAC = AA:AA:AA:AA:AA:X1), and victim 'B' (IP = 10.0.x.x2, MAC = BB:BB:BB:BB:BB:X2).…”

Section: Spoofing: Most Common Mitmmentioning

confidence: 99%

Man-in-the-middle-attack: Understanding in simple words

Mallik¹,

Ahsan²,

Shahadat³

et al. 2019

10.5267/j.ijdns

View full text Add to dashboard Cite

These days cyberattack is a serious criminal offense and it is a hotly debated issue moreover. A man-in-the-middle-attack is a kind of cyberattack where an unapproved outsider enters into an online correspondence between two users, remains escaped the two parties. The malware that is in the middle-attack often monitors and changes individual/classified information that was just realized by the two users. A man-in-the-middle-attack as a protocol is subjected to an outsider inside the system, which can access, read and change secret information without keeping any tress of manipulation. This issue is intense, and most of the cryptographic systems without having a decent authentication security are threatened to be hacked by the malware named 'men-in-themiddle-attack' (MITM/MIM). This paper essentially includes the view of understanding the term of 'men-in-the-middle-attack'; the current work is mainly emphasized to accumulate related data/information in a single article so that it can be a reference to conduct research further on this topic at college/undergraduate level. This paper likewise audits most cited research and survey articles on 'man-in-the-middle-attack' recorded on 'Google Scholar'. The motivation behind this paper is to help the readers for understanding and familiarizing the topic 'man-in-the-middle attack'.

show abstract

Section: Spoofing: Most Common Mitmmentioning

confidence: 99%

Man-in-the-middle-attack: Understanding in simple words

Mallik¹,

Ahsan²,

Shahadat³

et al. 2019

10.5267/j.ijdns

View full text Add to dashboard Cite

show abstract

“…ARP Spoofing is an attack scheme that exploits flaws in the ARP protocol to cheat its MAC address as the MAC addresses of other users. By exploiting the vulnerability of ARP Request Broadcasting, attackers can obtain accurate information about all Host IP-MAC address mappings on the network [20,21].…”

Section: Sniffing and Spoofingmentioning

confidence: 99%

Design of a Symmetry Protocol for the Efficient Operation of IP Cameras in the IoT Environment

et al. 2019

View full text Add to dashboard Cite

The rapid development of Internet technology and the spread of various smart devices have enabled the creation of a convenient environment used by people all around the world. It has become increasingly popular, with the technology known as the Internet of Things (IoT). However, both the development and proliferation of IoT technology have caused various problems such as personal information leakage and privacy violations due to attacks by hackers. Furthermore, countless devices are connected to the network in the sense that all things are connected to the Internet, and network attacks that have thus far been exploited in the existing PC environment are now also occurring frequently in the IoT environment. In fact, there have been many security incidents such as DDoS attacks involving the hacking of IP cameras, which are typical IoT devices, leakages of personal information and the monitoring of numerous persons without their consent. While attacks in the existing Internet environment were PC-based, we have confirmed that various smart devices used in the IoT environment—such as IP cameras and tablets—can be utilized and exploited for attacks on the network. Even though it is necessary to apply security solutions to IoT devices in order to prevent potential problems in the IoT environment, it is difficult to install and execute security solutions due to the inherent features of small devices with limited memory space and computational power in this aforementioned IoT environment, and it is also difficult to protect certificates and encryption keys due to easy physical access. Accordingly, this paper examines potential security threats in the IoT environment and proposes a security design and the development of an intelligent security framework designed to prevent them. The results of the performance evaluation of this study confirm that the proposed protocol is able to cope with various security threats in the network. Furthermore, from the perspective of energy efficiency, it was also possible to confirm that the proposed protocol is superior to other cryptographic protocols. Thus, it is expected to be effective if applied to the IoT environment.

show abstract

“…Shirali-Shahreza and Shirali-Shahreza [2] telah menggunakan CAPTCHA 2 tetapi baru dikhususkan pada aplikasi mobile. Pembahasan untuk aplikasi web telah dilakukan namun masih mengandalkan cookies web browser sebagai pelindung [3]dimanacookies dapat diretas, selain itu ancaman penyadapan pada jaringan juga masih terbuka [4][5][6]. Sebelumnya Saelensminde and Boonjing [7]…”

Section: Pendahuluanunclassified

ONE TIME PASSWORDLESS and IP ADDRESS AUTHENTICATION METHOD for WEB APPLICATION

Suprayogi

2015

View full text Add to dashboard Cite

Penelitian yang membahas model autentikasi pengguna, mulai dari autentikasi tradisional menggunakan username dan password hingga metode multi-factorauthenticationtelah sering dilakukan. Namun model autentikasi tersebut masih menggunakan password, dimana manusia memiki keterbatasan untuk mengingat sehingga resiko kehilangan password kerap terjadi. Selain itu pencurian data pada jaringan komputer masih marak dilakukan sehingga perlu pendekatan lain dalam autentikasi pengguna terhadap sistem. Passwordlessauthentication adalah model autentikasi yang mulai dikenalkan, hanya saja proses implementasinya masih terbatas. Paper ini berusaha meningkatkan metode passwordless dengan tambahan time limit, session, dan ipaddress dalam melakukan autentikasi pengguna. Hasilnya, pengguna tidak perlu membuat dan mengingat password. Pengguna cukup memanfaatkan layanan email untuk proses registrasi dan login, kemudian ipaddress menjamin bahwa hanya pengguna tersebut yang dapat mengakses layanan website.

show abstract

Sniffing Packets on LAN without ARP Spoofing

Cited by 24 publications

References 5 publications

Man-in-the-middle-attack: Understanding in simple words

Man-in-the-middle-attack: Understanding in simple words

Design of a Symmetry Protocol for the Efficient Operation of IP Cameras in the IoT Environment

ONE TIME PASSWORDLESS and IP ADDRESS AUTHENTICATION METHOD for WEB APPLICATION

Contact Info

Product

Resources

About