Sniffing Detection within the Network

Krzysztof Cabaj , Marcin Gregorczyk , Wojciech Mazurczyk , Piotr Nowakowski , Piotr Żórawski

Abstract

Sniffing is a crucial part of the network attack where an intruder tries to gather as much information as possible on the devices, protocols and applications residing within the targeted network in order to discover their vulnerabilities. It is typically performed using dedicated software called sniffers and it is based on passively analyzing the traffic exchanged within the network. Due to its passive nature such malicious actions are quite hard to be discovered. That is why, in this paper we first revisit existing approaches and tools known from the state-of-the-art. Then we introduce a novel detection method which is able to identify suspicious machine using specially crafted network traffic and based on its reaction is able to infer whether sniffer is running or not.
Author Krzysztof Cabaj (FEIT / IN)
Krzysztof Cabaj,,
- The Institute of Computer Science
, Marcin Gregorczyk (FEIT / IT)
Marcin Gregorczyk,,
- The Institute of Telecommunications
, Wojciech Mazurczyk (FEIT / IT)
Wojciech Mazurczyk,,
- The Institute of Telecommunications
, Piotr Nowakowski (FEIT / IT)
Piotr Nowakowski,,
- The Institute of Telecommunications
, Piotr Żórawski (FEIT / IT)
Piotr Żórawski,,
- The Institute of Telecommunications
Pages1-8
Publication size in sheets0.5
Book Proceedings of the 14th International Conference on Availability, Reliability and Security - Ares 2019, ICPS, 2019, Association for Computing Machinery, ISBN 978-1-4503-7164-3, 780 p., DOI:10.1145/3339252
2019 ARES book.pdf / 1.15 MB / No licence information
Keywords in EnglishNetwork security, sniffing, threat detection
DOIDOI:10.1145/3339252.3341494
ProjectInternet of Radio Light. Project leader: Mazurczyk Wojciech, , Phone: + 48 22 234-77-11, start date 01-06-2017, planned end date 31-05-2020, IT/2017/horyzont2020/03, Implemented
WEiTI Horizon 2020 [Horyzont 2020]
Languageen angielski
File
2019 Mazurczyk Sniffing is a crucial part of the network.pdf 995.13 KB
Score (nominal)70
Score sourceconferenceList
ScoreMinisterial score = 70.0, 06-02-2020, ChapterFromConference
Publication indicators Scopus Citations = 0
Citation count*
Cite
Share Share

Get link to the record


* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.
Back
Confirmation
Are you sure?