ARP cache poisoning mitigation and forensics investigation

Book chapter


Mangut, Heman Awang, Al-Nemrat, A., Benzaid, Chafika and Tawil, Abdel-Rahman H. 2015. ARP cache poisoning mitigation and forensics investigation. in: 2015 IEEE Trustcom/BigDataSE/ISPA IEEE. pp. 1392-1397
AuthorsMangut, Heman Awang, Al-Nemrat, A., Benzaid, Chafika and Tawil, Abdel-Rahman H.
Abstract

Address Resolution Protocol (ARP) cache spoofing or poisoning is an OSI layer 2 attack that exploits the statelessness vulnerability of the protocol to make network hosts susceptible to issues such as Man in the Middle attack, host impersonation, Denial of Service (DoS) and session hijacking. In this paper, a quantitative research approach is used to propose forensic tools for capturing evidences and mitigating ARP cache poisoning. The baseline approach is adopted to validate the proposed tools. The evidences captured before attack are compared against evidences captured when the network is under attack in order to ascertain the validity of the proposed tools in capturing ARP cache spoofing evidences. To mitigate the ARP poisoning attack, the security features DHCP Snooping and Dynamic ARP Inspection (DAI) are enabled and configured on a Cisco switch. The experimentation results showed the effectiveness of the proposed mitigation technique.

KeywordsAttack mitigation; ARP cache poisoning; Forensic investigation
Book title2015 IEEE Trustcom/BigDataSE/ISPA
Page range1392-1397
Year2015
PublisherIEEE
Publication dates
Print03 Dec 2015
Publication process dates
Deposited27 Feb 2017
Event14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-15)
ISBN978-1-4673-7952-6
978-1-4673-7951-9
Digital Object Identifier (DOI)https://doi.org/10.1109/Trustcom.2015.536
Web address (URL)http://doi.org/10.1109/Trustcom.2015.536
Additional information

© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Accepted author manuscript
License
CC BY-NC-ND
Permalink -

https://repository.uel.ac.uk/item/853qz

Download files

Accepted author manuscript
ARP Cache Poisoning.pdf
License: CC BY-NC-ND

  • 62
    total views
  • 357
    total downloads
  • 3
    views this month
  • 31
    downloads this month

Export as

Related outputs

Variance Ranking for Multi-Classed Imbalanced Datasets: A Case Study of One-Versus-All
Ebenuwa, S., Sharif, S., Al-Nemrat, A., Al-Bayatti, A. H., Alalwan, N., Alzahrani, A. I. and Alfarraj, O. 2019. Variance Ranking for Multi-Classed Imbalanced Datasets: A Case Study of One-Versus-All. Symmetry. 11 (Art. 1504). https://doi.org/10.3390/sym11121504
A Dynamic Access Control Model Using Authorising Workflow and Task-Role-Based Access Control
Uddin, M., Islam, S. and Al-Nemrat, A. 2019. A Dynamic Access Control Model Using Authorising Workflow and Task-Role-Based Access Control. IEEE Access. 7 (Art. 166676). https://doi.org/10.1109/ACCESS.2019.2947377
Variance Ranking Attributes Selection Techniques for Binary Classification Problem in Imbalance Data
Ebenuwa, S., Sharif, M., Alazab, Mamoun and Al-Nemrat, A. 2019. Variance Ranking Attributes Selection Techniques for Binary Classification Problem in Imbalance Data. IEEE Access. 7, pp. 24649-24666. https://doi.org/10.1109/ACCESS.2019.2899578
Deep Learning Approach for Intelligent Intrusion Detection System
Vinayakumar, R., Alazab, Mamoun, Soman, K. P., Poornachandran, Prabaharan, Al-Nemrat, A. and Venkatraman, Sitalakshmi 2019. Deep Learning Approach for Intelligent Intrusion Detection System. IEEE Access. 7, pp. 41525-41550. https://doi.org/10.1109/ACCESS.2019.2895334
Content Discovery Advertisements: An Explorative Analysis
Jadhav Balaji, R., Baravalle, Andres, Al-Nemrat, A. and Falcarin, P. 2017. Content Discovery Advertisements: An Explorative Analysis. in: Jahankhani, Hamid, Carlile, Alex, Emmett, David, Hosseinian-Far, Amin, Brown, Guy, Sexton, Graham and Jamal, Arshad (ed.) Global Security, Safety and Sustainability - The Security Challenges of the Connected World Springer Verlag.
Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment
Tawil, Abdel-Rahman H., Taweel, Adel, Naeem, U., Montebello, Matthew, Bashroush, R. and Al-Nemrat, A. 2014. Integration operators for generating RDF/OWL-based user defined mediator views in a grid environment. Journal of Intelligent Information Systems. 43 (1), pp. 1-32. https://doi.org/10.1007/s10844-013-0300-5
Security countermeasures in the cyber-world
Bendovschi, Andreea and Al-Nemrat, A. 2016. Security countermeasures in the cyber-world. in: 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF) IEEE. pp. 1-7
Measuring sustainability for an effective Information System audit from public organization perspective
Lope Abdul Rahman, Alifah Aida, Islam, S. and Al-Nemrat, A. 2015. Measuring sustainability for an effective Information System audit from public organization perspective. in: Research Challenges in Information Science (RCIS), 2015 IEEE 9th International Conference on IEEE. pp. 42-51
Cybercrime Profiling: Decision-Tree Induction, Examining Perceptions of Internet Risk and Cybercrime Victimisation
Al-Nemrat, A. and Benzaid, Chafika 2015. Cybercrime Profiling: Decision-Tree Induction, Examining Perceptions of Internet Risk and Cybercrime Victimisation. in: 2015 IEEE Trustcom/BigDataSE/ISPA IEEE. pp. 1380-1385
Intelligent Detection of MAC Spoofing Attack in 802.11 Network
Benzaid, Chafika, Boulgheraif, Abderrahman, Dahmane, Fatma Zohra, Al-Nemrat, A. and Zeraoulia, Khaled 2016. Intelligent Detection of MAC Spoofing Attack in 802.11 Network. in: Proceedings of the 17th International Conference on Distributed Computing and Networking ACM.
Forensic Malware Analysis: The Value of Fuzzy Hashing Algorithms in Identifying Similarities
Sarantinos, Nikolaos, Benzaid, Chafika, Arabiat, Omar and Al-Nemrat, A. 2017. Forensic Malware Analysis: The Value of Fuzzy Hashing Algorithms in Identifying Similarities. in: 2016 IEEE Trustcom/BigDataSE/ISPA IEEE. pp. 1782-1787
A Scalable Malware Classification based on Integrated Static and Dynamic Features
Bounouh, Tewfik, Brahimi, Zakaria, Al-Nemrat, A. and Benzaid, Chafika 2017. A Scalable Malware Classification based on Integrated Static and Dynamic Features. 11th International Conference on Global Security, Safety, and Sustainability (ICGS3) 2017. London, UK 18 - 20 Jan 2017 Springer International Publishing. https://doi.org/10.1007/978-3-319-51064-4_10
Fast authentication in wireless sensor networks
Benzaid, Chafika, Lounis, Karim, Al-Nemrat, A., Badache, Nadjib and Alazab, Mamoun 2014. Fast authentication in wireless sensor networks. Future Generation Computer Systems. 55, pp. 362-375.
An Analysis of Honeypot Programs and the Attack Data Collected
Moore, Chris and Al-Nemrat, A. 2015. An Analysis of Honeypot Programs and the Attack Data Collected. in: Jahankhani, Hamid, Carlile, Alex, Akhgar, Babak, Taal, Amie, Hessami, Ali G. and Hosseinian-Far, Amin (ed.) Global Security, Safety and Sustainability: Tomorrow's Challenges of Cyber Security Springer International Publishing.