ARP spoofing: A comparative study for education purposes

Zouheir Trabelsi, Wassim El-Hajj

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    3 Citations (Scopus)

    Abstract

    ARP spoofing attack, one of the most important security topics, is usually taught in courses such as Intrusion Detection in Local Area Networks (LANs). In such a course, hands-on labs are very important as they facilitate students' learning on how to detect ARP spoofing using various types of security solutions, such as intrusion detection and prevention systems (IDS/IPS). The preparation of these hands-on labs are usually the task of Security Instructors who are required to select and use efficient security solutions for their hands-on experiments; the problem that presents itself is that most of these security instructors lack the sufficient hands-on experience and skills. For this reason and because of the diversity of the available security solutions, the security instructors are having much difficulty when selecting the adequate security solutions for their hands-on labs. This paper is a comparative study for educational purpose. It provides analysis based on practical experiments carried out on a number of security solutions regarding their ability to detect ARP spoofing. Our analysis provides means for security instructors to evaluate and select the appropriate security solutions for their hands-on labs. In addition, we clearly show that ARP spoofing has not been given enough attention by most tested security solutions, even though this attack presents a serious threat, is very harmful and more dangerously it is easy to conduct. As a solution, we propose the requirements for an ideal algorithm that can be used by security solutions to detect effectively any ARP spoofing attack.

    Original languageEnglish
    Title of host publicationProceedings of the 2009 Information Security Curriculum Development Annual Conference, InfoSecCD'09
    Pages60-66
    Number of pages7
    DOIs
    Publication statusPublished - Dec 1 2009
    Event2009 Information Security Curriculum Development Annual Conference, InfoSecCD'09 - Kennesaw, GA, United States
    Duration: Sep 25 2009Sep 26 2009

    Publication series

    NameProceedings of the 2009 Information Security Curriculum Development Annual Conference, InfoSecCD'09

    Other

    Other2009 Information Security Curriculum Development Annual Conference, InfoSecCD'09
    Country/TerritoryUnited States
    CityKennesaw, GA
    Period9/25/099/26/09

    Keywords

    • ARP spoofing
    • ARP spoofing detection
    • Denial of Service (DoS)

    ASJC Scopus subject areas

    • Computer Science Applications
    • Information Systems
    • Education

    Fingerprint

    Dive into the research topics of 'ARP spoofing: A comparative study for education purposes'. Together they form a unique fingerprint.

    Cite this