Title :
NIS04-4: Man in the Middle Intrusion Detection
Author :
Trabelsi, Zouheir ; Shuaib, Khaled
Author_Institution :
Coll. of Inf. Technol., UAE Univ., Al Ain
fDate :
Nov. 27 2006-Dec. 1 2006
Abstract :
Local area network (LAN) security is a critical and mandatory element that network administrators must master. It is often thought of network security as protecting the network from external attacks and intrusions. However, internal attacks can also be as damaging and malicious as external ones. One of the well known attacks in networking is packet spoofing at the different network layers. This paper discusses how spoofed ARP packets can be used by malicious users to redirect and use network´s traffic to launch an attack against users´ hosts. Limitations of current intrusion detection systems (IDSs) in detecting traffic redirection attacks are also discussed. The paper then proposes practical and efficient mechanisms for detecting such malicious attacks in a switched LAN environment. In addition, the effect of the proposed techniques on network performance is shown to be minimal given the gained benefits.
Keywords :
local area networks; security of data; telecommunication security; ARP packets; intrusion detection systems; local area network; network security; packet spoofing; Authentication; Communication system security; Cryptographic protocols; Cryptography; Electronic mail; Information security; Intrusion detection; Local area networks; Protection; Telecommunication traffic;
Conference_Titel :
Global Telecommunications Conference, 2006. GLOBECOM '06. IEEE
Conference_Location :
San Francisco, CA
Print_ISBN :
1-4244-0356-1
Electronic_ISBN :
1930-529X
DOI :
10.1109/GLOCOM.2006.282
