Title :
Using JPCAP to Prevent Man-in-the-Middle Attacks in a Local Area Network Environment
Author :
Fayyaz, Farrah ; Rasheed, H.
Author_Institution :
Dept. of Comput. Sci., COMSATS Inst. of Inf. Technol., Islamabad, Pakistan
Abstract :
Internal attacks are as dangerous and malicious as external attacks. A man-in-the-middle (MITM) attack is a serious problem. The attacker can hijack the connection between two communicating parties and capture the packets between them. He or she can modify, add, or prevent the data from reaching the victim. Address resolution protocol (ARP) poisoning can easily exploit the vulnerability present in ARP. Through this, an attacker can easily perform further attacks such as sniffing, denial of service, and MITM among others. The methodology to prevent MITM attacks conducted by ARP spoofing is to first assign unique IP addresses to every node on the local area network (LAN) based upon their MAC address. The algorithm by which IP addresses are assigned is DepMAC-IP proposed in 2010. For example, when working in the Windows OS environment, the existing ARP cannot be changed. The JPCAP (a Java library for capturing and sending network packets) must be used to capture ARP replies. JPCAP is open source and is licensed under GNU LGPL. It can capture Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets.
Keywords :
IP networks; access protocols; computer network security; local area networks; transport protocols; ARP spoofing; DepMAC-IP; Ethernet; GNU LGPL; ICMPv4 packets; IP address; IPv6 packet; JPCAP; LAN; MAC address; MITM attack; RARP packet; TCP packet; UDP packet; address resolution protocol; denial of service attack; external attacks; internal attacks; local area network environment; man-in-the-middle attack prevention; sniffing attack; Computer crime; Computer security; Data security; Protocols;
Journal_Title :
Potentials, IEEE
DOI :
10.1109/MPOT.2012.2187102