Home // EMERGING 2013, The Fifth International Conference on Emerging Network Intelligence // View article

Algorithms for Network Discovery and Detection of MAC and IP Spoofing Security Attacks

Authors:
Paulo Lopes
Paulo Salvador
António Nogueira

Keywords: SNMP; Network Discovery; MAC Spoofing; IP Spoofing

Abstract:
Data Link and Network layers of the OSI model use, respectively, MAC and IP addresses to provide communication between different network devices. Since this is a widely used model, it is frequently explored for various malicious activities. MAC and IP spoofing attacks are the origin of many security threats; so, preventing them is essential to obtain a protected and trustful network. This paper presents an efficient mechanism to detect and block these attacks based on the use of the SNMP protocol, which allows remote access to network devices in order to retrieve their MIB information and is supported by most of the existing network equipment. On a first stage, network discovery is used to identify the devices that are present on the network; then, by selecting and manipulating the MIB information retrieved from these devices, appropriate algorithms are proposed to detect both IP and MAC spoofing attacks. Many performance evaluation tests were conducted and the results obtained proved that these approaches are able to quickly and efficiently detect and block these network security attacks.

Pages: 37 to 48

Copyright: Copyright (c) IARIA, 2013

Publication date: September 29, 2013

Published in: conference

ISSN: 2326-9383

ISBN: 978-1-61208-292-9

Location: Porto, Portugal

Dates: from September 29, 2013 to October 3, 2013