Hands-on lab exercises implementation of DoS and MiM attacks using ARP cache poisoning

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    13 Citations (Scopus)

    Abstract

    The field of academic security education today is dominated by defensive techniques. However, recently, offensive techniques which were originally developed by hackers, are gaining widespread approval. Many information security educators believe that teaching offensive methods yields better security professionals than teaching defensive techniques alone. In addition, every course in IT security should be accompanied by a basic discussion of legal implications and ethics. In this paper, we describe a case study of the implementation of comprehensive hands-on lab exercises that are essential to security education. The lab exercises are about how to perform Denial of Service (DoS) and Man-in-the-Middle (MiM) attacks using ARP (Address Resolution Protocol) cache poisoning. The available defense techniques for detecting and preventing malicious ARP cache poisoning activities are also presented. The consequence of offering offensive lab exercises is that the overall students performance improved; but a major ethical concern has been identified. That is, the number of injected malicious ARP packets in the university network, from the students'laptops, increases considerably each time the students experiment the attacks in an isolated network laboratory environment.

    Original languageEnglish
    Title of host publicationProceedings of the 2011 Information Security Curriculum Development Conference, InfoSecCD'11
    Pages74-83
    Number of pages10
    DOIs
    Publication statusPublished - Nov 23 2011
    Event2011 Information Security Curriculum Development Conference, InfoSecCD'11 - Kennesaw, GA, United States
    Duration: Sep 30 2011Oct 1 2011

    Publication series

    NameProceedings of the 2011 Information Security Curriculum Development Conference, InfoSecCD'11

    Other

    Other2011 Information Security Curriculum Development Conference, InfoSecCD'11
    Country/TerritoryUnited States
    CityKennesaw, GA
    Period9/30/1110/1/11

    Keywords

    • Arp cache poisoning
    • Denial of service (DoS) attack
    • Man-in-the-middle (MiM) attack
    • Sniffer

    ASJC Scopus subject areas

    • Information Systems
    • Safety, Risk, Reliability and Quality
    • Education

    Fingerprint

    Dive into the research topics of 'Hands-on lab exercises implementation of DoS and MiM attacks using ARP cache poisoning'. Together they form a unique fingerprint.

    Cite this