DocumentCode :
713352
Title :
Detection of MITM attack in LAN environment using payload matching
Author :
Al Abri, Dawood
Author_Institution :
Dept. of Electr. & Comput. Eng., Sultan Qaboos Univ., Muscat, Oman
fYear :
2015
fDate :
17-19 March 2015
Firstpage :
1857
Lastpage :
1862
Abstract :
Man-in-the-Middle (MITM) attack enables an attacker to monitor the communication exchange between two parties by directing the traffic between them to pass through the attacker´s machine. Most existing schemes for discovering MITM attack focus on detecting the mechanism used to direct the traffic through the attacker machine. This paper presents a new detection scheme that is based on matching the payload of frames exchanged in the network. The proposed scheme is independent of the mechanism used to launch the MITM attack. Experimental result shows that the proposed scheme can achieve excellent detection performance with proper choice of the scheme´s tuning parameters.
Keywords :
computer network security; local area networks; telecommunication traffic; LAN environment; MITM attack detection; attacker machine; man-in-the-middle attack; payload matching; traffic analysis; IP networks; Local area networks; Monitoring; Payloads; Protocols; Relays; Switches; ARP poisoning; MITM; attack; detection; security; traffic analysis;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Industrial Technology (ICIT), 2015 IEEE International Conference on
Conference_Location :
Seville
Type :
conf
DOI :
10.1109/ICIT.2015.7125367
Filename :
7125367
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=713352
بازگشت