{"title":"一种低成本的嵌入式IDS,用于监视和防止有线局域网环境中的中间人攻击","authors":"J. Belenguer, C. M. Calafate","doi":"10.1109/SECUREWARE.2007.4385321","DOIUrl":null,"url":null,"abstract":"A man-in-the-middle (MitM) attack is, in the scope of a LAN, a technique where an attacker is able to redirect all traffic between two hosts of that same LAN for packet sniffing or data manipulation, without the end hosts being aware of it. Usually these attacks exploit security flaws in the implementation of the ARP protocol at hosts. Up to now, detecting such attacks required setting up a machine with special-purpose software for this task. As an additional problem, few intrusion detection systems (IDS) are able to prevent MitM attacks. In this work we present a low-cost embedded IDS which, when plugged into a switch or hub, is able to detect and/or prevent MitM attacks automatically and efficiently. Since our system is limited to a micro-controller and a network interface, it can be produced at a very low cost, which is attractive for large scale production and deployment.","PeriodicalId":257937,"journal":{"name":"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments\",\"authors\":\"J. Belenguer, C. M. Calafate\",\"doi\":\"10.1109/SECUREWARE.2007.4385321\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A man-in-the-middle (MitM) attack is, in the scope of a LAN, a technique where an attacker is able to redirect all traffic between two hosts of that same LAN for packet sniffing or data manipulation, without the end hosts being aware of it. Usually these attacks exploit security flaws in the implementation of the ARP protocol at hosts. Up to now, detecting such attacks required setting up a machine with special-purpose software for this task. As an additional problem, few intrusion detection systems (IDS) are able to prevent MitM attacks. In this work we present a low-cost embedded IDS which, when plugged into a switch or hub, is able to detect and/or prevent MitM attacks automatically and efficiently. Since our system is limited to a micro-controller and a network interface, it can be produced at a very low cost, which is attractive for large scale production and deployment.\",\"PeriodicalId\":257937,\"journal\":{\"name\":\"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECUREWARE.2007.4385321\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECUREWARE.2007.4385321","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A low-cost embedded IDS to monitor and prevent Man-in-the-Middle attacks on wired LAN environments
A man-in-the-middle (MitM) attack is, in the scope of a LAN, a technique where an attacker is able to redirect all traffic between two hosts of that same LAN for packet sniffing or data manipulation, without the end hosts being aware of it. Usually these attacks exploit security flaws in the implementation of the ARP protocol at hosts. Up to now, detecting such attacks required setting up a machine with special-purpose software for this task. As an additional problem, few intrusion detection systems (IDS) are able to prevent MitM attacks. In this work we present a low-cost embedded IDS which, when plugged into a switch or hub, is able to detect and/or prevent MitM attacks automatically and efficiently. Since our system is limited to a micro-controller and a network interface, it can be produced at a very low cost, which is attractive for large scale production and deployment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
