1. Detecting ARP Spoofing: An Active Technique, Vivek Ramachandran, Sukumar Nandi, LNCS Publication, Proceedings of the 1st International Conference on Information Security Systems [Download PDF]

    Abstract: The Address Resolution Protocol (ARP) due to its stateless- ness and lack of an authentication mechanism for verifying the identity of the sender has a long history of being prone to spoofing attacks. ARP spoofing is sometimes the starting point for more sophisticated LAN attacks like denial of service, man in the middle and session hijacking. The current methods of detection use a passive approach, monitoring the ARP traffic and looking for inconsistencies in the Ethernet to IP address mapping. The main drawback of the passive approach is the time lag between learning and detecting spoofing. This sometimes leads to the attack being discovered long after it has been orchestrated. In this paper, we present an active technique to detect ARP spoofing. We inject ARP request and TCP SYN packets into the network to probe for inconsistencies. This technique is faster, intelligent, scalable and more reliable in detecting attacks than the passive methods. It can also additionally detect the real mapping of MAC to IP addresses to a fair degree of accuracy in the event of an actual attack.


  2. Bleeding Edge Distributed Denial of Service (DDoS) Attack Mitigation Techniques for ISPs, Vivek Ramachandran, Sukumar Nandi, Proceedings of 8th International Conference on Information Technology [Download PDF]

    Abstract: Distributed Denial of Service (DDoS) attacks are increasing plaguing the Internet since their first big appearance against Yahoo in the year 2000. Using thousands of compromised slave/zombie machines, DDoS attacks are capable of attacking and tearing down the Internet's backbone thus forcing all communication across it to a grinding halt. The early DDoS attacks started as "Script Kiddie pranks", has now evolved to an organized digital crime, targeting networks of government and business establishments, with motives ranging from defamation to extortion. This paper presents various cutting edge practical countermeasures, which an Internet Service Provider (ISP) should adopt to minimize damages inflicted by DDoS attacks. It also provides a detailed study of the latest bleeding edge solution called Traffic Scrubbers. In course of this paper we discuss advantages and drawbacks of these mitigation techniques and outline a set of industry best practices, which should be followed in order to be able to mitigate DDoS attacks and minimize the casualties caused.

  3. Mapping the Internet: Record Route Revisited, Vivek Ramachandran, Sukumar Nandi, submission under progress

    Abstract: The IPv4 Record Route option was designed to accurately map the topology between any two nodes on the Internet. The IP protocol design allows only a maximum of nine IP addresses to be accommodated in the record route header field. As nine hops are insufficient to map the current extent of the Internet, the record route technique was replaced by Traceroute and Border Gateway Protocol (BGP) based techniques. These current techniques consume more bandwidth and host resources compared to record route. This paper revives the record route option by proposing various packet-marking schemes to be deployed on routers. The proposed technique also ensures a minimum of computational overhead for both routers and end hosts. It is faster, scalable and consumes lesser bandwidth compared to the Traceroute and BGP techniques.

  4. An Active Intrusion Detection System for LAN Specific Attacks, Neminath Hubballi, Roopa S, Ritesh Ratti, F A Barbhuriya, Santosh Biswas, Sukumar Nandi, Arijit Sur, Vivek Ramachandran

    Abstract: To be added soon

  5. A DES Approach to Intrusion Detection System for ARP Spoofing Attacks, Santosh Biswas, Neminath Hubballi, Roopa S, Ritesh Ratti, Sukumar Nandi, F A Barbhuriya, Arijit Sur, Vivek Ramachandran

    Abstract: To be added soon

  6. An Active Host-based Detection Mechanism for LAN Attacks, Ferdous Barbhuiya, Roopa Shiva, Ritesh Ratti, Neminath Hubballi, Santosh Biswas, Sukumar Nandi, Arijit Sur and Vivek Ramachandran

    Abstract: To be added soon