In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
6th International Workshop on Digital Forensics and Incident Analysis (WDFIA 2011)
Title: Active Detection and Prevention of Sophisticated ARP-Poisoning Man-in-the-Middle Attacks on Switched Ethernet LANs
Author(s): Ahmed Patel, Kenan Kalajdzic
Keywords: ARP, ARP Poisoning, Man-in-the-Middle Attacks, Intrusion Prevention, LAN
Abstract: In this paper we describe two novel methods for active detection and prevention of ARP-poisoning-based Man-in-the-Middle (MitM) attacks on switched Ethernet LANs. As a stateless and inherently insecure protocol, ARP has been used as a relatively simple means to launch Denial-of-Service (DoS) and MitM attacks on local networks and multiple solutions have been proposed to detect and prevent these types of attacks. MitM attacks are particularly dangerous, because they allow an attacker to monitor network traffic and break the integrity of data being sent over the network. We introduce backward compatible techniques to prevent ARP poisoning and deal with sophisticated stealth MitM programs.
Download count: 2043
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.