Implementation of ARP Spoofing for IOT Devices Using Cryptography AES and ECDSA Algorithms

The Internet of Things is the network of numerous devices and communicate with an internet by using the IP address. The IOT objects shares the information using wireless connection. During the data transmission, that can be distorted by the Hackers by knowing their IP address. In IOT (Internet of Things), the wireless communication between the devices makes the users to be vulnerable. So, the hackers may spoof the MAC address of the communicating devices. The receiver MAC address is identified and then false MAC (Media Access Control) address is created by the hacker. Then, attackers replaces the original MAC address in the ARP (Address Resolution Protocol) table of the sender. So,the hackers may impersonate like the sender. Therefore, Cryptographic algorithms like AES (Advanced Encryption Standard) for confidentiality and ECDSA (Elliptic Curve Digital Signature Algorithm) for Authentication are applied in the proposed algorithm to safeguard the data as well as the devices from the hackers. The following attacks such as Man-in-the-Middle, Denial -of -Service (DOS) and ARP spoofing are strongly prevented in the proposed algorithm. Thus, the implementation of an algorithm is carried out in Ubuntu Linux environment with installing Python dependencies. This algorithm affords an efficient way to thwart ARP (Address Resolution Protocol) spoofing by the hackers for IOT devices.

Download Full-text

Forensik Jaringan Terhadap Serangan ARP Spoofing menggunakan Metode Live Forensic

Jurnal Telekomunikasi dan Komputer ◽

10.22441/incomtech.v10i2.8757 ◽

2020 ◽

Vol 10 (2) ◽

pp. 111

Author(s):

M. Nasir Hafizh ◽

Imam Riadi ◽

Abdul Fadlil

Keyword(s):

Denial Of Service ◽

Distributed Denial Of Service ◽

Ip Address ◽

Address Resolution Protocol ◽

Man In The Middle ◽

Arp Spoofing ◽

Live Forensics

Pada jaringan komputer, protokol yang bertugas untuk untuk menerjemahkan IP address menjadi MAC Address adalah Address Resolution Protocol (ARP). Sifat stateless pada protokol ARP, menyebabkan protokol ARP memiliki celah dari segi keamanan. Celah ini dapat menimbulkan serangan terhadap ARP Protocol, disebabkan karena ARP request yang dikirimkan secara broadcast, sehingga semua host yang berada pada satu broadcast domain dapat merespon pesan ARP tersebut walaupun pesan tersebut bukan ditujukan untuknya. Serangan inilah yang biasa disebut dengan ARP Spoofing. Serangan ini dapat berimbas pada serangan-serangan yang lain, seperti serangan Man In The Middle Attack, Packet Sniffing, dan Distributed Denial of Service. Metode Live Forensic digunakan untuk mengidentifikasi dan mendeteksi serangan ketika sistem dalam keadaan menyala. Berdasarkan hasil penelitian yang dilakukan terbukti bahwa dengan penggunaan metode Live Forensics, investigator dapat dengan cepat mendeteksi suatu serangan dan mengidentifikasi penyerangnya.

Download Full-text

Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Electronics ◽

10.3390/electronics8101095 ◽

2019 ◽

Vol 8 (10) ◽

pp. 1095 ◽

Cited By ~ 1

Author(s):

Zawar Shah ◽

Steve Cosgrove

Keyword(s):

Performance Metrics ◽

Denial Of Service ◽

Software Defined Networking ◽

Local Area ◽

Attack Detection ◽

Future Research ◽

Media Access Control ◽

Media Access ◽

Address Resolution Protocol ◽

Time Calculation

Address Resolution Protocol (ARP) is a widely used protocol that provides a mapping of Internet Protocol (IP) addresses to Media Access Control (MAC) addresses in local area networks. This protocol suffers from many spoofing attacks because of its stateless nature and lack of authentication. One such spoofing attack is the ARP Cache Poisoning attack, in which attackers poison the cache of hosts on the network by sending spoofed ARP requests and replies. Detection and mitigation of ARP Cache Poisoning attack is important as this attack can be used by attackers to further launch Denial of Service (DoS) and Man-In-The Middle (MITM) attacks. As with traditional networks, an ARP Cache Poisoning attack is also a serious concern in Software Defined Networking (SDN) and consequently, many solutions are proposed in the literature to mitigate this attack. In this paper, a detailed survey on various solutions to mitigate ARP Cache Poisoning attack in SDN is carried out. In this survey, various solutions are classified into three categories: Flow Graph based solutions; Traffic Patterns based solutions; IP-MAC Address Bindings based solutions. All these solutions are critically evaluated in terms of their working principles, advantages and shortcomings. Another important feature of this survey is to compare various solutions with respect to different performance metrics, e.g., attack detection time, ARP response time, calculation of delay at the Controller etc. In addition, future research directions are also presented in this survey that can be explored by other researchers to propose better solutions to mitigate the ARP Cache Poisoning attack in SDN.

Download Full-text

Mathematical model on distributed denial of service attack through Internet of things in a network

Nonlinear Engineering ◽

10.1515/nleng-2017-0094 ◽

2019 ◽

Vol 8 (1) ◽

pp. 486-495 ◽

Cited By ~ 3

Author(s):

Bimal Kumar Mishra ◽

Ajit Kumar Keshri ◽

Dheeresh Kumar Mallick ◽

Binay Kumar Mishra

Keyword(s):

Mathematical Model ◽

Internet Of Things ◽

Equilibrium Points ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Different Types ◽

Service Attack ◽

Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

Download Full-text

Prevention and Detection of ARP Spoofing and Man-In-The-Middle Attacks using EDMAC-IP Algorithm

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f8211.059120 ◽

2020 ◽

Vol 9 (1) ◽

pp. 1736-1740

Keyword(s):

The Other ◽

Address Resolution Protocol ◽

Man In The Middle ◽

Timing Data ◽

Arp Spoofing ◽

Normal Utilization

The great Man-in - the-Middle assault is centered around convincing two has that the other host is the machine in the center. In the event that the framework utilizes DNS to order the other host or address goals convention (ARP) ridiculing on the LAN, this might be accomplished with an area name parody. This paper targets presenting and delineating ARP ridiculing and its job in Man-in - the-Middle assaults. The expression "Man-in - the-Middle" is normal utilization—it doesn't imply that these assaults must be utilized by individuals. Maybe progressively sensible wording would be Teenager-in - theMiddle or Monkey-in - the-Middle. Progressively contact the assault can be identified using timing data much of the time. The most widely recognized kind of assaults happen because of reserve harming of Address Resolution Protocol (ARP), DNS satirizing, meeting commandeering, and SSL seizing

Download Full-text

Recent Advancements in Intrusion Detection Systems for the Internet of Things

Security and Communication Networks ◽

10.1155/2019/4301409 ◽

2019 ◽

Vol 2019 ◽

pp. 1-19 ◽

Cited By ~ 6

Author(s):

Zeeshan Ali Khan ◽

Peter Herrmann

Keyword(s):

Internet Of Things ◽

Intrusion Detection ◽

Ad Hoc ◽

Denial Of Service ◽

Research Work ◽

Intrusion Detection Systems ◽

Future Research ◽

Detection Systems ◽

Iot Applications ◽

Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

Download Full-text

SlowITe, a Novel Denial of Service Attack Affecting MQTT

Sensors ◽

10.3390/s20102932 ◽

2020 ◽

Vol 20 (10) ◽

pp. 2932

Author(s):

Ivan Vaccari ◽

Maurizio Aiello ◽

Enrico Cambiaso

Keyword(s):

Internet Of Things ◽

Denial Of Service ◽

The Internet ◽

Message Queue ◽

Plain Text ◽

Denial Of Service Attack ◽

Service Attack ◽

Iot Devices ◽

The Internet Of Things ◽

Low Rate

Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources.

Download Full-text

Architecture for Secure Communication Among IoT Devices with Ethereum Blockchain

10.3233/apc210250 ◽

2021 ◽

Author(s):

Bawankar Chetan D ◽

Sanjeev Kumar Sharma

Keyword(s):

Internet Of Things ◽

Information Transmission ◽

Open System ◽

Secure Communication ◽

Denial Of Service ◽

Peer To Peer ◽

System Innovation ◽

Distributed Denial Of Service ◽

Iot Devices ◽

The Relationship

The paper aims to clarify the relationship between Internet-of-Things devices and Ethereum blockchain. It proposes the arrangement to ensure information transmission among parties in an open system of IoT must be secure using Ethereum. The accompanying joining strategy utilized terminal gadgets as system innovation and Ethereum blockchain stage that delivered back-end, which guarantees high security, accessibility, and protection, supplanting conventional back-end frameworks. The following issues should be considered to prevent the malicious hub from attacking, resist distributed denial-of-service attacks, and prevent firmware backdoor access. This paper proposed a system in which the Peer-to-Peer authentication model, where every IoT node in the system must be authenticated and verified by the proposed framework. The paper provides empirical insights into IoT nodes manufactured in bulk, and they are remaining with their default username and password.

Download Full-text

String Matching untuk Mendeteksi Serangan Sniffing (ARP Spoofing) pada IDS Snort

Jurnal CoSciTech (Computer Science and Information Technology) ◽

10.37859/coscitech.v1i2.2180 ◽

2020 ◽

Vol 1 (2) ◽

pp. 44-49

Author(s):

Ilham Firdaus ◽

Januar Al Amien ◽

Soni Soni

Keyword(s):

Computer Network ◽

Denial Of Service ◽

String Matching ◽

Network Attacks ◽

Test Application ◽

Man In The Middle ◽

Black Box Testing ◽

Arp Spoofing ◽

Computer Network Attacks ◽

Sniffing Technique

Sniffing technique (ARP Spoofing) is an attack that sends fake ARP packets or ARP packets that have been modified according to the network address attacker's to poison the victim's ARP cache table. ARP spoofing attack is a dangerous attack because it can monitor the activities of victims in searching the browser and can steal social logins, office and other accounts. This attack supports the occurrence of other computer network attacks such as Denial of service, Man in the middle attack, host impersonating and others. Sniffing attacks are generally found in places that provide public Wi-Fi such as campus, libraries, cafes, and others. IDS Snort can detect sniffing attacks (Arp Spoofing). String Matching Method KMP algorithm is applied to detect attacks on snort logging files to provide alerts (messages) to users. Tests carried out are black box testing to test application functionality, and accuracy testing. All application functionality was successful, and testing the accuracy of the match between manual calculations for string matching and accurate application.

Download Full-text

Critical Issues in the Invasion of the Internet of Things (IoT)

Advances in Data Mining and Database Management - Handbook of Research on Big Data and the IoT ◽

10.4018/978-1-5225-7432-3.ch010 ◽

2019 ◽

pp. 174-196 ◽

Cited By ~ 1

Author(s):

Shravani Devarakonda ◽

Malka N. Halgamuge ◽

Azeem Mohammad

Keyword(s):

Internet Of Things ◽

Denial Of Service ◽

Security And Privacy ◽

The Internet ◽

Man In The Middle ◽

Critical Issues ◽

Service Attack ◽

Active Attacks ◽

Privacy Issues ◽

The Internet Of Things

In this chapter, the authors collected data from issues related to threats in the applications of IoT-based technologies that describe the security and privacy issues from 30 peer reviewed publications from 2014 to 2017. Further, they analyzed each threat type and its percentages in each application of the internet of things. The results indicated that the applications of smart transportation (20%) face the highest amount of security and privacy issues followed by smart home (19%) and smart cities (18%) compared to the rest of the applications. Further, they determined that the biggest threats were denial of service attack (9%) followed by eavesdropping (5%), man in the middle (4%), and replay (4%). Denial of service attacks and man in the middle attack are active attacks that can severely damage human life whereas eavesdropping is a passive attack that steals information. This study has found that privacy issues have the biggest impacts on people. Therefore, researchers need to find possible solutions to these threats to improve the quality of IoT applications.

Download Full-text

Cyber-Physical System and Internet of Things Security

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch018 ◽

2021 ◽

pp. 328-357

Author(s):

Thomas Ulz ◽

Sarah Haas ◽

Christian Steger

Keyword(s):

Internet Of Things ◽

Public Awareness ◽

Denial Of Service ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Industrial Iot ◽

Confidential Data ◽

Iot Devices ◽

The Internet Of Things

An increase of distributed denial-of-service (DDoS) attacks launched by botnets such as Mirai has raised public awareness regarding potential security weaknesses in the Internet of Things (IoT). Devices are an attractive target for attackers because of their large number and due to most devices being online 24/7. In addition, many traditional security mechanisms are not applicable for resource constraint IoT devices. The importance of security for cyber-physical systems (CPS) is even higher, as most systems process confidential data or control a physical process that could be harmed by attackers. While industrial IoT is a hot topic in research, not much focus is put on ensuring information security. Therefore, this paper intends to give an overview of current research regarding the security of data in industrial CPS. In contrast to other surveys, this work will provide an overview of the big CPS security picture and not focus on special aspects.

Download Full-text