期刊名称:The International Arab Journal of Information Technology
印刷版ISSN:1683-3198
出版年度:2012
卷号:9
期号:1
出版社:Zarqa Private University
摘要:ARP cache poisoning and putting host Network Interface Card (NIC) in promiscuous mode are ways of sniffer attacks. ARP cache poisoning attack is effective in an environment which is not broadcast in nature (like switch LAN environment) and other attack is effective in an environment which is broadcast in nature (like hub, bus, access point LAN environments). Sniffing is malicious activity performed by network user and because of this network security is at risk so detection of sniffer is essential task to maintain network security. Sniffer detection techniques can be divided into two main categories. First category’s techniques are used to detect a sniffer host that runs it’s NIC into promiscuous mode and second category’s techniques are used to detect a sniffer host that uses ARP cache poisoning for sniffing. The network configuration is hidden form users. Network users do not have any information about nature of network. Therefore, users of network may invoke such sniffer detection technique that is not effective in that environment. This may result in sharing of his private and confidential information with malicious users. In this paper we designed an intelligent invocation module that checks the nature of environment automatically and invokes appropriate sniffer detection technique for that environment. With the help of this invocation module it is possible to detect passive as well as active sniffer hosts in both environments.
关键词:Network security; sniffer; ARP cache poisoning; and IP packet routing.