Title :
Is Apple´s iMac Leopard Operating System Secure under ARP-Based Flooding Attacks?
Author :
Surisetty, Sirisha ; Kumar, Sanjeev
Author_Institution :
Dept. of Electr. & Comput. Eng., Univ. of Texas-Pan American, Edinburg, TX, USA
Abstract :
Apple´s iMac computers are promoted by the Apple Inc. to be secure, safe, virus free and fast computers. In this experimental paper, we evaluate the security offered by the iMac computers with its usual Leopard Operating System, against ARP-based flooding attacks in a Gigabit LAN environment. We compared the effect of ARP attacks on Leopard OS against those on the Windows XP-SP2 when installed on the same iMac platform under the same network attack environment. ARP-based flooding attacks can originate in a LAN environment, which can impact a victim computer with a barrage of ARP requests, and there by exhausting resource of the victim computers in processing these requests. To study the impact on iMac computers, we created the ARP traffic in a controlled lab environment to test against iMac computer that first deployed Leopard OS and then later the same iMac platform was made to rather use Windows XP OS. It was found that the Apple´s iMac computer using its usual Leopard operating system crashed even under low bandwidth of ARP-based attack traffic, requiring forced reboot of the iMac computer. Interestingly, when compared with Microsoft´s Windows XP-SP2 operating system, deployed on the same iMac platform, the computer was able to sustain the attack and didn´t crash. Our discovery of this vulnerability shows that Apple´s popular operating systems namely Leopards commonly deployed on iMacs are prone to crash under ARP-based security attacks.
Keywords :
operating systems (computers); security of data; ARP based flooding attacks; ARP based security attacks; Apples iMac Leopard operating system secure; Gigabit LAN environment; LAN environment; Windows XP-SP2; network attack environment; virus free; Communication system traffic control; Computer crashes; Computer security; Control systems; Floods; Force control; Local area networks; Operating systems; System testing; Vehicle crash testing; ARP attack; DDoS attack; Leopard Operating system; Nonpaged Pool Allocs; Windows XP operating system; Wired pages allocs;
Conference_Titel :
Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4244-6726-6
DOI :
10.1109/ICIMP.2010.30