Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks

Mohamed Al-Hemairy; Saad Amin; Zouheir Trabelsi

doi:10.1109/CTIT.2009.5423112

Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks

Mohamed Al-Hemairy, Saad Amin, Zouheir Trabelsi

Department of Information System and Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

16 Citations (Scopus)

Abstract

The Address Resolution Protocol (ARP) is used by computers to map network addresses (IP) to physical addresses [MAC] and we can't imagine a communications between networks without the support of ARP protocol. However, ARP had been misused by many malicious hosts for illegitimate penetration; ARP Spoofing is one example for such illegal access. ARP Spoofing can enable malicious hosts to perform Man-in-the-Middle attacks [MiM] as well as a Denial of Service attacks [DoS]. Unfortunately, ARP Spoofing has not been focused by security experts or solutions, e.g, Intrusion Detection Systems or Intrusion Protection Systems [IDS/IPS]. In this research we evaluate the most famous & expensive detection and prevention [IDS/IPS] systems for detecting all types of ARP spoofing attacks and introduce an algorithm which can be implemented in IDS/IPS systems to enhance it's security.

Original language	English
Title of host publication	Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009
Pages	225-230
Number of pages	6
DOIs	https://doi.org/10.1109/CTIT.2009.5423112
Publication status	Published - 2009
Event	2009 International Conference on the Current Trends in Information Technology, CTIT 2009 - Dubai, United Arab Emirates Duration: Dec 15 2009 → Dec 16 2009

Publication series

Name	Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009

Other

Other	2009 International Conference on the Current Trends in Information Technology, CTIT 2009
Country/Territory	United Arab Emirates
City	Dubai
Period	12/15/09 → 12/16/09

ASJC Scopus subject areas

General Computer Science
Control and Systems Engineering

Access to Document

10.1109/CTIT.2009.5423112

Cite this

Al-Hemairy, M., Amin, S., & Trabelsi, Z. (2009). Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks. In Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009 (pp. 225-230). Article 5423112 (Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009). https://doi.org/10.1109/CTIT.2009.5423112

Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks. / Al-Hemairy, Mohamed; Amin, Saad; Trabelsi, Zouheir.
Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009. 2009. p. 225-230 5423112 (Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Al-Hemairy, M, Amin, S & Trabelsi, Z 2009, Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks. in Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009., 5423112, Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009, pp. 225-230, 2009 International Conference on the Current Trends in Information Technology, CTIT 2009, Dubai, United Arab Emirates, 12/15/09. https://doi.org/10.1109/CTIT.2009.5423112

Al-Hemairy M, Amin S, Trabelsi Z. Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks. In Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009. 2009. p. 225-230. 5423112. (Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009). doi: 10.1109/CTIT.2009.5423112

Al-Hemairy, Mohamed ; Amin, Saad ; Trabelsi, Zouheir. / Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks. Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009. 2009. pp. 225-230 (Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009).

@inproceedings{15daaed95d774066bf598db1124ffac3,

title = "Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks",

abstract = "The Address Resolution Protocol (ARP) is used by computers to map network addresses (IP) to physical addresses [MAC] and we can't imagine a communications between networks without the support of ARP protocol. However, ARP had been misused by many malicious hosts for illegitimate penetration; ARP Spoofing is one example for such illegal access. ARP Spoofing can enable malicious hosts to perform Man-in-the-Middle attacks [MiM] as well as a Denial of Service attacks [DoS]. Unfortunately, ARP Spoofing has not been focused by security experts or solutions, e.g, Intrusion Detection Systems or Intrusion Protection Systems [IDS/IPS]. In this research we evaluate the most famous & expensive detection and prevention [IDS/IPS] systems for detecting all types of ARP spoofing attacks and introduce an algorithm which can be implemented in IDS/IPS systems to enhance it's security.",

author = "Mohamed Al-Hemairy and Saad Amin and Zouheir Trabelsi",

year = "2009",

doi = "10.1109/CTIT.2009.5423112",

language = "English",

isbn = "9781424457557",

series = "Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009",

pages = "225--230",

booktitle = "Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009",

note = "2009 International Conference on the Current Trends in Information Technology, CTIT 2009 ; Conference date: 15-12-2009 Through 16-12-2009",

}

TY - GEN

T1 - Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks

AU - Al-Hemairy, Mohamed

AU - Amin, Saad

AU - Trabelsi, Zouheir

PY - 2009

Y1 - 2009

N2 - The Address Resolution Protocol (ARP) is used by computers to map network addresses (IP) to physical addresses [MAC] and we can't imagine a communications between networks without the support of ARP protocol. However, ARP had been misused by many malicious hosts for illegitimate penetration; ARP Spoofing is one example for such illegal access. ARP Spoofing can enable malicious hosts to perform Man-in-the-Middle attacks [MiM] as well as a Denial of Service attacks [DoS]. Unfortunately, ARP Spoofing has not been focused by security experts or solutions, e.g, Intrusion Detection Systems or Intrusion Protection Systems [IDS/IPS]. In this research we evaluate the most famous & expensive detection and prevention [IDS/IPS] systems for detecting all types of ARP spoofing attacks and introduce an algorithm which can be implemented in IDS/IPS systems to enhance it's security.

AB - The Address Resolution Protocol (ARP) is used by computers to map network addresses (IP) to physical addresses [MAC] and we can't imagine a communications between networks without the support of ARP protocol. However, ARP had been misused by many malicious hosts for illegitimate penetration; ARP Spoofing is one example for such illegal access. ARP Spoofing can enable malicious hosts to perform Man-in-the-Middle attacks [MiM] as well as a Denial of Service attacks [DoS]. Unfortunately, ARP Spoofing has not been focused by security experts or solutions, e.g, Intrusion Detection Systems or Intrusion Protection Systems [IDS/IPS]. In this research we evaluate the most famous & expensive detection and prevention [IDS/IPS] systems for detecting all types of ARP spoofing attacks and introduce an algorithm which can be implemented in IDS/IPS systems to enhance it's security.

UR - http://www.scopus.com/inward/record.url?scp=77951128717&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77951128717&partnerID=8YFLogxK

U2 - 10.1109/CTIT.2009.5423112

DO - 10.1109/CTIT.2009.5423112

M3 - Conference contribution

AN - SCOPUS:77951128717

SN - 9781424457557

T3 - Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009

SP - 225

EP - 230

BT - Proceedings of the 2009 International Conference on the Current Trends in Information Technology, CTIT 2009

T2 - 2009 International Conference on the Current Trends in Information Technology, CTIT 2009

Y2 - 15 December 2009 through 16 December 2009

ER -

Towards more sophisticated ARP spoofing detection/prevention systems in LAN networks

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this