Staff View: Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall

Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall

Security of data; Security systems; Address Resolution Protocol; Address resolution protocol cache poisoning; Address resolution protocol spoofing attack; Cache poisoning; Internet control message protocol protocol; Internet control message protocols; MITM; Spoofing attacks; Internet protocols

Saved in:

Bibliographic Details
Main Authors:	Al-Mwald M.N., Jamil N., Ibrahim Z.A., Cob Z.C., Abdul Rahim F.
Other Authors:	57980856700
Format:	Book Chapter
Published:	Springer Science and Business Media Deutschland GmbH 2023
Tags:	Add Tag No Tags, Be the first to tag this record!

id	my.uniten.dspace-27065
record_format	dspace
spelling	my.uniten.dspace-270652023-05-29T17:39:12Z Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall Al-Mwald M.N. Jamil N. Ibrahim Z.A. Cob Z.C. Abdul Rahim F. 57980856700 36682671900 57203863738 25824919900 57981022800 Security of data; Security systems; Address Resolution Protocol; Address resolution protocol cache poisoning; Address resolution protocol spoofing attack; Cache poisoning; Internet control message protocol protocol; Internet control message protocols; MITM; Spoofing attacks; Internet protocols Protocols define a set of rules that govern the communication between hosts connected via a network. Under normal circumstances, the operation proceeds without incident. However, attackers are always on the lookout for ways to exploit loopholes in protocols. This study aimed to investigate Address Resolution Protocol (ARP) issues and develop a technique to detect and prevent malicious ARP activity and anomalies caused by its various implementations. We propose sending three Internet Control Message Protocol (ICMP) probe packets to each host to validate the new binding, one to the previous binding and the other two to the contemporary binding. ARP packets are used together with these ICMP packets to provide multiphase validation for new entries that have no previous ARP cache entries. The asynchronous nature of the proposed scheme requires no changes to the existing protocol. In addition, the proposed technique uses a host-based firewall to block malicious hosts without affecting the ARP�s performance. � 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG. Final 2023-05-29T09:39:12Z 2023-05-29T09:39:12Z 2022 Book Chapter 10.1007/978-3-031-13181-3_12 2-s2.0-85142626234 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85142626234&doi=10.1007%2f978-3-031-13181-3_12&partnerID=40&md5=9f2b60897a7b1299ee08a73268f6c44d https://irepository.uniten.edu.my/handle/123456789/27065 155 170 Springer Science and Business Media Deutschland GmbH Scopus
institution	Universiti Tenaga Nasional
building	UNITEN Library
collection	Institutional Repository
continent	Asia
country	Malaysia
content_provider	Universiti Tenaga Nasional
content_source	UNITEN Institutional Repository
url_provider	http://dspace.uniten.edu.my/
description	Security of data; Security systems; Address Resolution Protocol; Address resolution protocol cache poisoning; Address resolution protocol spoofing attack; Cache poisoning; Internet control message protocol protocol; Internet control message protocols; MITM; Spoofing attacks; Internet protocols
author2	57980856700
author_facet	57980856700 Al-Mwald M.N. Jamil N. Ibrahim Z.A. Cob Z.C. Abdul Rahim F.
format	Book Chapter
author	Al-Mwald M.N. Jamil N. Ibrahim Z.A. Cob Z.C. Abdul Rahim F.
spellingShingle	Al-Mwald M.N. Jamil N. Ibrahim Z.A. Cob Z.C. Abdul Rahim F. Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall
author_sort	Al-Mwald M.N.
title	Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall
title_short	Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall
title_full	Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall
title_fullStr	Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall
title_full_unstemmed	Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall
title_sort	detection and prevention of arp cache poisoning in advanced persistent threats using multiphase validation and firewall
publisher	Springer Science and Business Media Deutschland GmbH
publishDate	2023
_version_	1806425678069891072
score	13.214268

Detection and Prevention of ARP Cache Poisoning in Advanced Persistent Threats Using Multiphase Validation and Firewall

Similar Items