Abstract
The Man-in-the-Middle (MiM) attack is used by attackers to perform sniffing activities in switched LAN networks. The potential damage to a network from sniffing activities can be very significant. This paper proposes a mechanism for detecting malicious hosts performing MiM attack in switched LAN networks. The proposed mechanism consists of sending trap and spoofed packets to the network's hosts, after which, malicious sniffing hosts can be identified efficiently and accurately by collecting and analyzing the response packets. The effect of the proposed mechanism on the performance of the network is discussed and shown to be minimal. The limits of current security solutions regarding their ability to detect and prevent the MiM attack in switched LAN networks, are also discussed.
Original language | English |
---|---|
Pages (from-to) | 234-243 |
Number of pages | 10 |
Journal | International Journal of Computers and Applications |
Volume | 30 |
Issue number | 3 |
DOIs | |
Publication status | Published - 2008 |
Keywords
- Address resolution protocol
- Address resolution protocol cache poisoning attack
- Intrusions detection systems
- Man-in-the-middle attack
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Computer Science Applications
- Computer Graphics and Computer-Aided Design