Title :
A Survey of Ethernet LAN Security
Author :
Kiravuo, Timo ; Sarela, Mikko ; Manner, Jukka
Author_Institution :
Dept. of Commun. & Networking, Aalto Univ., Aalto, Finland
fDate :
Third Quarter 2013
Abstract :
Ethernet is the survivor of the LAN wars. It is hard to find an IP packet that has not passed over an Ethernet segment. One important reason for this is Ethernet´s simplicity and ease of configuration. However, Ethernet has always been known to be an insecure technology. Recent successful malware attacks and the move towards cloud computing in data centers demand that attention be paid to the security aspects of Ethernet. In this paper, we present known Ethernet related threats and discuss existing solutions from business, hacker, and academic communities. Major issues, like insecurities related to Address Resolution Protocol and to self-configurability, are discussed. The solutions fall roughly into three categories: accepting Ethernet´s insecurity and circling it with firewalls; creating a logical separation between the switches and end hosts; and centralized cryptography based schemes. However, none of the above provides the perfect combination of simplicity and security befitting Ethernet.
Keywords :
IP networks; cryptography; firewalls; invasive software; local area networks; protocols; Ethernet LAN security; Ethernet segment; IP packet; address resolution protocol; centralized cryptography; cloud computing; data centers; firewalls; malware attacks; IP networks; Local area networks; Ports (Computers); Routing protocols; Security; Switches; Data security; Ethernet networks; Security;
Journal_Title :
Communications Surveys & Tutorials, IEEE
DOI :
10.1109/SURV.2012.121112.00190
