Paper Info
Title
Hands-on lab exercises implementation of DoS and MiM attacks using ARP cache poisoning
Abstract
The field of academic security education today is dominated by defensive techniques. However, recently, offensive techniques which were originally developed by hackers, are gaining widespread approval. Many information security educators believe that teaching offensive methods yields better security professionals than teaching defensive techniques alone. In addition, every course in IT security should be accompanied by a basic discussion of legal implications and ethics. In this paper, we describe a case study of the implementation of comprehensive hands-on lab exercises that are essential to security education. The lab exercises are about how to perform Denial of Service (DoS) and Man-in-the-Middle (MiM) attacks using ARP (Address Resolution Protocol) cache poisoning. The available defense techniques for detecting and preventing malicious ARP cache poisoning activities are also presented. The consequence of offering offensive lab exercises is that the overall students performance improved; but a major ethical concern has been identified. That is, the number of injected malicious ARP packets in the university network, from the students' laptops, increases considerably each time the students experiment the attacks in an isolated network laboratory environment.
Year
DOI
Venue
2011
10.1145/2047456.2047468
InfoSecCD
Field
DocType
Citations 
Internet privacy,Denial-of-service attack,Computer science,Computer security,Network packet,ARP spoofing,Information security,Hacker,Address Resolution Protocol,Offensive,DNS spoofing
Conference
8
PageRank 
References 
Authors
0.76
13
1
Name
Order
Citations
PageRank
Zouheir Trabelsi113627.78