• DocumentCode
    713352
  • Title

    Detection of MITM attack in LAN environment using payload matching

  • Author

    Al Abri, Dawood

  • Author_Institution
    Dept. of Electr. & Comput. Eng., Sultan Qaboos Univ., Muscat, Oman
  • fYear
    2015
  • fDate
    17-19 March 2015
  • Firstpage
    1857
  • Lastpage
    1862
  • Abstract
    Man-in-the-Middle (MITM) attack enables an attacker to monitor the communication exchange between two parties by directing the traffic between them to pass through the attacker´s machine. Most existing schemes for discovering MITM attack focus on detecting the mechanism used to direct the traffic through the attacker machine. This paper presents a new detection scheme that is based on matching the payload of frames exchanged in the network. The proposed scheme is independent of the mechanism used to launch the MITM attack. Experimental result shows that the proposed scheme can achieve excellent detection performance with proper choice of the scheme´s tuning parameters.
  • Keywords
    computer network security; local area networks; telecommunication traffic; LAN environment; MITM attack detection; attacker machine; man-in-the-middle attack; payload matching; traffic analysis; IP networks; Local area networks; Monitoring; Payloads; Protocols; Relays; Switches; ARP poisoning; MITM; attack; detection; security; traffic analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Industrial Technology (ICIT), 2015 IEEE International Conference on
  • Conference_Location
    Seville
  • Type

    conf

  • DOI
    10.1109/ICIT.2015.7125367
  • Filename
    7125367
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=713352