Abstract
Since the nineties, the Man-in-The-Middle (MITM) attack has been one of the most effective strategies adopted for compromising information security in network environments. In this article, we focus our attention on ARP cache poisoning, which is one of the most well-known and more adopted techniques for performing MITM attacks in Ethernet local area networks. More precisely, we will prove that, in network environments with at least one malicious host in the absence of cryptography, an ARP cache poisoning attack cannot be avoided. Subsequently, we advance ArpON, an efficient and effective solution to counteract ARP cache poisoning, and we use a model-checker for verifying its safety property. Our main finding, in accordance with the above impossibility result, is that the only event that compromises the safety of ArpON is a cache poisoning that nevertheless is removed by ArpON itself after a very short period, thus making it practically infeasible to perpetrate an ARP cache poisoning attack on network hosts where ArpON is installed.
Highlights
Since the nineties, the Man-in-The-Middle (MITM) attack has been one of the most effective strategies adopted for compromising information security on Internet
We provide the first formal definition of the Address Translation Problem addressed by the ARP protocol, and we formally prove its impossibility in the presence of a single malicious host in the more general network model, namely, the adoption of dynamic network addresses with no use of cryptography
This schema is based on the assumption that votes can be delivered almost instantaneously, but this condition may not be valid in some local area networks (LAN) environments such as wireless networks, where data rates can change on the basis of signal-to-noise ratio (SNR), i.e., auto rate fallback (ARF)
Summary
The Man-in-The-Middle (MITM) attack has been one of the most effective strategies adopted for compromising information security on Internet. MITM attacks exploit vulnerabilities at various levels of the OSI (Open System Interconnection) architecture: Man-inthe-browser attacks at application level [27], Secure Socket Layer (SSL) hijack at the transport level [19], IP spoofing at the network layer [33] and ARP Poisoning attacks at the data link layer [1] Over the years these attacks have been adapted to work with new emerging network technologies such as GSM (Global System for Mobile communications) and UMTS (Universal Mobile Telecommunications System) [16], WiFi [5] and to IoT (Internet-of-Things) systems [18].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
