Download PDFOpen PDF in browser

Techniques for Detecting and Preventing IP Sniffing Amplification Attacks

EasyChair Preprint 10096

15 pagesDate: May 12, 2023

Abstract

Sniffing attack in context of network security, corresponds to theft or interception of data by capturing the network traffic using a packet sniffer (an application aimed at capturing network packets). When data is transmitted across networks, if the data packets are not encrypted, the data within the network packet can be read using a sniffer. Using a sniffer application, an attacker can analyze the network and gain information to eventually cause the network to crash or to become corrupted, or read the communications happening across the network.

Sniffing attacks can be compared to tapping of phone wires and get to know about the conversation, and for this reason, it is also referred as wiretapping applied to computer networks. Using sniffing tools, attackers can sniff sensitive information from a network, including Email traffic (SMTP, POP, IMAP traffic), Web traffic (HTTP), FTP traffic (Telnet authentication, FTP Passwords, SMB, NFS) and many more. The packet sniffer usually sniffs the network data without making any modifications in the network's packets. Packet sniffers can just watch, display, and log the traffic, and this information can be accessed by the attacker.

To prevent networks from sniffing attacks, organizations and individual users should keep away from applications that are using insecure protocols, like basic HTTP authentication, File Transfer Protocol (FTP), and Telnet. Instead, secure protocols such as HTTPS, Secure File Transfer Protocol (SFTP), and Secure Shell (SSH) should be preferred. In case there is a necessity for using any insecure protocol in any application, all the data transmission should be encrypted. If required, VPN (Virtual Private Networks) can be used to provide secure access to users. Our project will discuss this issue by discussing Techniques for Detecting and Preventing IP Sniffing amplification Attacks.

Keyphrases: Amplification Attack, IP Sniffing, network

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:10096,
  author    = {Mohammad Tabrez Quasim and Mohammed Amer Alasiri},
  title     = {Techniques for Detecting and Preventing IP Sniffing Amplification Attacks},
  howpublished = {EasyChair Preprint 10096},
  year      = {EasyChair, 2023}}
Download PDFOpen PDF in browser