الفهرس يوجد فقط 14 صفحة متاحة للعرض العام
 |  | from | 213 |  |  |
| | | from | 213 | | |
المستخلص
Network security has become of great concern with the rapid growth and expansion of the Internet. While there are several ways to provide security in theapplication, transport, or network layers of a network. The data link layer (Layer2) security has not yet been adequately addressed. In local networks, securityweaknesses in the data link layer enable internal attacks. Although switches androuters have some built in security features, they are not enough to fully ensurethe security of local networks. Moreover, these features require networkadministrators’ involvement and are prone to misconfiguration. In addition, datalink layer protocols used in local area networks (LANs) are not designed withbuilt-in security features. This thesis focus on increasing the security of the datalink layer over Ethernet networksThere are different types of attacks on data link layer such as Address ResolutionProtocol (ARP) spoofing, MAC flooding, attacks on Spanning Tree ProtocolSTP), attacks against DHCP, and VLAN attacks. The most dangerous attackson layer 2 are ARP spoofing and MAC flooding attacks. Several schemes tomitigate, detect and prevent these attacks have been proposed, but each has itslimitationsThe ARP poisoning attack has gained an intensive care of the researchers due toits danger. Previous work suggested many solutions to the ARP attack but it can
be noticed that several of these solutions constitute a single point of failureOthersdepend on cryptographic techniques that reduce significantly theaddresses solution performance making their adaption impractical. A set of themneeds a minor or major modification of the ARP protocol. This prevents backwardcompatibilityThis thesis proposes a detection and prevention ARP attack system forARP spoofing attacks. The system consists of a software portion and anotherhardware one. Both portions are connected to a hub. The system is connected toethernet through one of its ports. The software portion allows authentication ofusers to a centralized server. The server, in turn, retrieves logged users to theswitch. Hence filtering of untrusted users is performed by telneting the mainswitch. The hardware portion is implemented through an embedded board andrepresents a backup to the centralized serverThe Performance study has shown the efficiency and superiority of the proposedsystem, as compared to the previous work. Several performance metrics havebeen measured to show its scalability, and fast detection and prevention of theARP spoofing attacks. The system has been compared to one of the famouscommercial tools. The comparison has shown the superiority of our system, sincethe system detection time is 20 time faster than of XARP tool.