Detection of MITM attack in LAN environment using payload matching

descriptionPublicationkeyboard_double_arrow_right Article , Conference object 01 Mar 2015Publisher:IEEEJournal:2015 IEEE International Conference on Industrial Technology (ICIT)

Authors: Dawood Al-Abri;

doi: 10.1109/icit.2015.7125367

Detection of MITM attack in LAN environment using payload matching

- Summary
- Metrics

Abstract

Man-in-the-Middle (MITM) attack enables an attacker to monitor the communication exchange between two parties by directing the traffic between them to pass through the attacker's machine. Most existing schemes for discovering MITM attack focus on detecting the mechanism used to direct the traffic through the attacker machine. This paper presents a new detection scheme that is based on matching the payload of frames exchanged in the network. The proposed scheme is independent of the mechanism used to launch the MITM attack. Experimental result shows that the proposed scheme can achieve excellent detection performance with proper choice of the scheme's tuning parameters.

Related Organizations

Sultan Qaboos University
Oman

Impact byBIP!

	selected citations These citations are derived from selected sources. This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).	5
	popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.	Top 10%
	influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).	Average
	impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.	Average