Thursday 28th of March 2024
 

A Subnet Based Intrusion Detection Scheme for Tracking down the Origin of Man-In-The-Middle Attack


S.Vidya and R.Bhaskaran

The Address Resolution Protocol (ARP), has proved to work well under regular circumstances, but it is not equipped to cope with malicious hosts. Several methods to mitigate, detect and prevent these attacks do exist for the gateways/routers and nodes. This work is focused towards developing our own tailor made Intrusion Detection technique at the subnet level and we present an algorithm that detects the source of ARP poisoning in the Man-in-the-Middle attack. It is designed to detect both the attack and the attacker. The algorithm uses filtering rules to capture the network traffic and pass the IP packets through four phases. After the first three phases, the algorithm is made to raise an alarm on potential ARP poisoning to the user, if one exists, and the fourth phase detects the source IP that has initiated the attack and raises another alarm. This method works successfully even if there is more than one MITM attacker in the subnet. There is a proof of concept implemented for this algorithm. As a result of this experiment, it was found that the Windows 7 Operating System is also vulnerable to ARP attacks as the earlier versions of Windows.

Keywords: ARP Poison, Intrusion Detection System (IDS), Media Access Control (MAC), Man-in-the-Middle (MITM) attack, Stateless protocol

Download Full-Text


ABOUT THE AUTHORS

S.Vidya
Completed M.Sc in Computer Science from SR College, Trichirappalli, TamilNadu, India in the year 1990 and M.Phil in Computer Science from Alagappa University, Karaikudi, TamilNadu, India in the year 2001. Working as Associate Professor in Computer Science in the Department of Computer Science, Fatima College, Madurai, TamilNadu, India since 1990. Areas of interest are Data Structures and Algorithms. She is currently pursuing research in Network Security. She is a Life Member of Computer Society of India and Member of ACM.

R.Bhaskaran
Completed M.Sc in Mathematics from IIT Chennai, TamilNadu, India in the year 1974 and got his Doctoral degree from Ramanujam Institute of Mathematical Sciences, Chennai, TamilNadu, India in the year 1979. Joined the School of Mathematics, Madurai Kamaraj University, Madurai in 1980. Currently he is the Chairperson of School of Mathematics. He has to his credit lots of publications including in IEEE conferences. His area of interest includes Linden Mayer System, Computer Applications, and developing software for learning Mathematics. He has guided students in both Mathematics and Computer Applications. He is a Life Member of the Indian Mathematical Society.


IJCSI Published Papers Indexed By:

 

 

 

 
+++
About IJCSI

IJCSI is a refereed open access international journal for scientific papers dealing in all areas of computer science research...

Learn more »
Join Us
FAQs

Read the most frequently asked questions about IJCSI.

Frequently Asked Questions (FAQs) »
Get in touch

Phone: +230 911 5482
Email: info@ijcsi.org

More contact details »