Title :
Implementation of a SNORT´s output Plug-In in reaction to ARP Spoofing´s attack
Author :
Boughrara, A. ; Mammar, Said
Author_Institution :
Dept. of Comput. Sci., Univ. of Sci. & the Technol., Oran, Algeria
Abstract :
The attacks that exploit the Address Resolution Protocol (ARP) are considered as the most dangerous for the security of networks. Indeed, this attack poisons the cache ARP of the machine and makes possible all the actions of Man In the Middle (reading, modification, denial-of-service). For this, it becomes very important to prevent against this type of attack, by setting up systems able to detect it, known as Intrusion Detection Systems, and to react consequently. Among the existing IDS, we find SNORT which is the most used; but its reactions are generally in a passive way (Log, sending message ...). In this paper, we propose an approach by introducing a Plug-In making SNORT react against ARPSpoofing´s attack in real-time.
Keywords :
computer network security; protocols; ARP spoofing attack; IDS; SNORT; address resolution protocol; intrusion detection systems; network security; output plug-in; Educational institutions; IP networks; Intrusion detection; Network topology; Real-time systems; Toxicology; ArpSpoofing; IDS; Plug-In; SNORT;
Conference_Titel :
Sciences of Electronics, Technologies of Information and Telecommunications (SETIT), 2012 6th International Conference on
Conference_Location :
Sousse
Print_ISBN :
978-1-4673-1657-6
DOI :
10.1109/SETIT.2012.6481988
