• DocumentCode
    1610515
  • Title

    Implementation of a SNORT´s output Plug-In in reaction to ARP Spoofing´s attack

  • Author

    Boughrara, A. ; Mammar, Said

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Sci. & the Technol., Oran, Algeria
  • fYear
    2012
  • Firstpage
    643
  • Lastpage
    647
  • Abstract
    The attacks that exploit the Address Resolution Protocol (ARP) are considered as the most dangerous for the security of networks. Indeed, this attack poisons the cache ARP of the machine and makes possible all the actions of Man In the Middle (reading, modification, denial-of-service). For this, it becomes very important to prevent against this type of attack, by setting up systems able to detect it, known as Intrusion Detection Systems, and to react consequently. Among the existing IDS, we find SNORT which is the most used; but its reactions are generally in a passive way (Log, sending message ...). In this paper, we propose an approach by introducing a Plug-In making SNORT react against ARPSpoofing´s attack in real-time.
  • Keywords
    computer network security; protocols; ARP spoofing attack; IDS; SNORT; address resolution protocol; intrusion detection systems; network security; output plug-in; Educational institutions; IP networks; Intrusion detection; Network topology; Real-time systems; Toxicology; ArpSpoofing; IDS; Plug-In; SNORT;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Sciences of Electronics, Technologies of Information and Telecommunications (SETIT), 2012 6th International Conference on
  • Conference_Location
    Sousse
  • Print_ISBN
    978-1-4673-1657-6
  • Type

    conf

  • DOI
    10.1109/SETIT.2012.6481988
  • Filename
    6481988
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1610515