A multi-factor integration-based semi-supervised learning for address resolution protocol attack detection in SDIIoT

Nowadays, in the industrial Internet of things, address resolution protocol attacks are still rampant. Recently, the idea of applying the software-defined networking paradigm to industrial Internet of things is proposed by many scholars since this paradigm has the advantages of flexible deployment of intelligent algorithms and global coordination capabilities. These advantages prompt us to propose a multi-factor integration-based semi-supervised learning address resolution protocol detection method deployed in software-defined networking, called MIS, to specially solve the problems of limited labeled training data and incomplete features extraction in the traditional address resolution protocol detection methods. In MIS method, we design a multi-factor integration-based feature extraction method and propose a semi-supervised learning framework with differential priority sampling. MIS considers the address resolution protocol attack features from different aspects to help the model make correct judgment. Meanwhile, the differential priority sampling enables the base learner in self-training to learn efficiently from the unlabeled samples with differences. We conduct experiments based on a real data set collected from a deepwater port and a simulated data set. The experiments show that MIS can achieve good performance in detecting address resolution protocol attacks with F1-measure, accuracy, and area under the curve of 97.28%, 99.41%, and 98.36% on average. Meanwhile, compared with fully supervised learning and other popular address resolution protocol detection methods, MIS also shows the best performance.

Research of authentication failure and ARP inject attacks and methods of their detection in IEEE 802.11 networks

Nowadays, Wi-Fi technology is used everywhere in the world: in the offices of large companies, public places and in simple home premises. However, the use of a public transmission medium leads to the possibility of various attacks. This article discusses attacks such as authentication failure and Address Resolution Protocol inject. The considered attacks have shown high efficiency and danger for wireless networks. In this connection, methods of detection and protection against them were proposed. Methods. At the first stage, the concept of how attacks work, their main idea and purpose, were analyzed. At the subsequent stages, for testing, a laboratory stand was created, on which they were simulated. In the course of the experiments, the effectiveness of attacks was found out, and the main phases of attacks and the elements that contribute to their detection were graphically reflected in the article. Main results. As a result of the work done, it was possible to isolate attack vectors and identify their accompanying anomalies. Based on the research materials, mechanisms for detecting and preventing the attacks under consideration were developed. The practical part. All theoretical and experimental materials collected in the article can be used in detecting and preventing attacks on wireless networks by network administra-tors and information security specialists.

Forensik Jaringan Terhadap Serangan ARP Spoofing menggunakan Metode Live Forensic

Pada jaringan komputer, protokol yang bertugas untuk untuk menerjemahkan IP address menjadi MAC Address adalah Address Resolution Protocol (ARP). Sifat stateless pada protokol ARP, menyebabkan protokol ARP memiliki celah dari segi keamanan. Celah ini dapat menimbulkan serangan terhadap ARP Protocol, disebabkan karena ARP request yang dikirimkan secara broadcast, sehingga semua host yang berada pada satu broadcast domain dapat merespon pesan ARP tersebut walaupun pesan tersebut bukan ditujukan untuknya. Serangan inilah yang biasa disebut dengan ARP Spoofing. Serangan ini dapat berimbas pada serangan-serangan yang lain, seperti serangan Man In The Middle Attack, Packet Sniffing, dan Distributed Denial of Service. Metode Live Forensic digunakan untuk mengidentifikasi dan mendeteksi serangan ketika sistem dalam keadaan menyala. Berdasarkan hasil penelitian yang dilakukan terbukti bahwa dengan penggunaan metode Live Forensics, investigator dapat dengan cepat mendeteksi suatu serangan dan mengidentifikasi penyerangnya.

Prevention and Detection of ARP Spoofing and Man-In-The-Middle Attacks using EDMAC-IP Algorithm

The great Man-in - the-Middle assault is centered around convincing two has that the other host is the machine in the center. In the event that the framework utilizes DNS to order the other host or address goals convention (ARP) ridiculing on the LAN, this might be accomplished with an area name parody. This paper targets presenting and delineating ARP ridiculing and its job in Man-in - the-Middle assaults. The expression "Man-in - the-Middle" is normal utilization—it doesn't imply that these assaults must be utilized by individuals. Maybe progressively sensible wording would be Teenager-in - theMiddle or Monkey-in - the-Middle. Progressively contact the assault can be identified using timing data much of the time. The most widely recognized kind of assaults happen because of reserve harming of Address Resolution Protocol (ARP), DNS satirizing, meeting commandeering, and SSL seizing