Man in the middle intrusion detection

Research output: Chapter in Book/Report/Conference proceedingConference contribution

20 Citations (Scopus)


Local Area Network (LAN) security is a critical and mandatory element that network administrators must master. It is often thought of network security as protecting the network from external attacks and intrusions. However, internal attacks can also be as damaging and malicious as external ones. One of the well known attacks in networking is packet spoofing at the different network layers. This paper discusses how spoofed ARP packets can be used by malicious users to redirect and use network's traffic to launch an attack against users' hosts. Limitations of current Intrusion Detection Systems (IDSs) in detecting traffic redirection attacks are also discussed. The paper then proposes practical and efficient mechanisms for detecting such malicious attacks in a switched LAN environment. In addition, the effect of the proposed techniques on network performance is shown to be minimal given the gained benefits.

Original languageEnglish
Title of host publicationIEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference
Publication statusPublished - 2006
EventIEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference - San Francisco, CA, United States
Duration: Nov 27 2006Dec 1 2006

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference


OtherIEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference
Country/TerritoryUnited States
CitySan Francisco, CA


  • Intrusion detection systems
  • Man in the middle attacks
  • Network security

ASJC Scopus subject areas

  • General Engineering


Dive into the research topics of 'Man in the middle intrusion detection'. Together they form a unique fingerprint.

Cite this