Conference Paper

An Active Intrusion Detection System for LAN Specific Attacks.

DOI: 10.1007/978-3-642-13577-4_11 Conference: Advances in Computer Science and Information Technology, AST/UCMA/ISA/ACN 2010 Conferences, Miyazaki, Japan, June 23-25, 2010. Joint Proceedings
Source: DBLP

ABSTRACT Local Area Network (LAN) based attacks are due to compromised hosts in the network and mainly involve spoofing with falsified
IP-MAC pairs. Since Address Resolution Protocol (ARP) is a stateless protocol such attacks are possible. Several schemes have
been proposed in the literature to circumvent these attacks, however, these techniques either make IP-MAC pairing static,
modify the existing ARP, patch operating systems of all the hosts etc. In this paper we propose an Intrusion Detection System
(IDS) for LAN specific attacks without any extra constraint like static IP-MAC, changing the ARP etc. The proposed IDS is
an active detection mechanism where every pair of IP-MAC are validated by a probing technique. The scheme is successfully
validated in a test bed and results also illustrate that the proposed technique minimally adds to the network traffic.