Title :
A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments
Author :
Belenguer, Jorge ; Calafate, Carlos T.
Author_Institution :
Polytech. Univ. of Valencia, Valencia
Abstract :
A man-in-the-middle (MitM) attack is, in the scope of a LAN, a technique where an attacker is able to redirect all traffic between two hosts of that same LAN for packet sniffing or data manipulation, without the end hosts being aware of it. Usually these attacks exploit security flaws in the implementation of the ARP protocol at hosts. Up to now, detecting such attacks required setting up a machine with special-purpose software for this task. As an additional problem, few intrusion detection systems (IDS) are able to prevent MitM attacks. In this work we present a low-cost embedded IDS which, when plugged into a switch or hub, is able to detect and/or prevent MitM attacks automatically and efficiently. Since our system is limited to a micro-controller and a network interface, it can be produced at a very low cost, which is attractive for large scale production and deployment.
Keywords :
local area networks; security of data; telecommunication security; ARP protocol; LAN environments; MitM attacks; intrusion detection systems; man-in-the-middle attacks; Costs; Data security; Intrusion detection; Large-scale systems; Local area networks; Monitoring; Network interfaces; Production systems; Protocols; Switches;
Conference_Titel :
Emerging Security Information, Systems, and Technologies, 2007. SecureWare 2007. The International Conference on
Conference_Location :
Valencia
Print_ISBN :
978-0-7695-2989-9
DOI :
10.1109/SECUREWARE.2007.4385321
