Sciweavers

SECURWARE
2007
IEEE

A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments

14 years 6 months ago
A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments
A Man-in-the-Middle (MitM) attack is, in the scope of a LAN, a technique where an attacker is able to redirect all traffic between two hosts of that same LAN for packet sniffing or data manipulation, without the end hosts being aware of it. Usually these attacks exploit security flaws in the implementation of the ARP protocol at hosts. Up to now, detecting such attacks required setting up a machine with special-purpose software for this task. As an additional problem, few Intrusion Detection Systems (IDS) are able to prevent MitM attacks. In this work we present a low-cost embedded IDS which, when plugged into a switch or hub, is able to detect and/or prevent MitM attacks automatically and efficiently. Since our system is limited to a micro-controller and a network interface, it can be produced at a very low cost, which is attractive for large scale production and deployment.
Jorge Belenguer, Carlos Miguel Tavares Calafate
Added 04 Jun 2010
Updated 04 Jun 2010
Type Conference
Year 2007
Where SECURWARE
Authors Jorge Belenguer, Carlos Miguel Tavares Calafate
Comments (0)