PORTABLE INTRUSION DETECTION AND PREVENTION SYSTEM FOR DHCP STARVATION ATTACK IN WIRELESS NETWORK

bahar bahar

Abstract


The DHCP service has become highly critical as it plays a pivotal role in the connectivity success of approximately 22.18% of users who access the internet through wireless networks in Indonesia. DHCP services are not exempt from security threats, one of which is a Denial of Service attack known as DHCP starvation, capable of disrupting the availability of DHCP services. A novel technique employed in this attack involves manipulating the ARP protocol when the DHCP server detects IP conflicts within the network. Researchers propose an ARP protocol-based analysis method for detection and prevention, leading to the development of a portable device that serves as an Intrusion Detection and Prevention System (IDPS). This approach aims to not only enhance effectiveness but also improve efficiency. The IDPS application is crafted using the Python, with support from Scapy and Paramiko libraries. The results of detection and prevention show an accuracy rate of 100%.


Full Text:

PDF 516-525

References


APJII, “Hasil Survei Profil Internet Indonesia 2022.” [Online]. Available: https://apjii.or.id/content/read/39/559/Hasil-Survei-Profil-Internet-Indonesia-2022.

R. E. Droms and T. Lemon, The DHCP handbook. SAMS Publishing, 2003.

C. Lin, T. Su, and Z. Wang, “Summary of high-availability DHCP service solutions,” in 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology, IEEE, 2011, pp. 12–17.

H. Mukhtar, K. Salah, and Y. Iraqi, “Mitigation of DHCP starvation attack,” Computers & Electrical Engineering, vol. 38, no. 5, pp. 1115–1128, 2012.

N. Tripathi and N. Hubballi, “A probabilistic anomaly detection scheme to detect DHCP starvation attacks,” in 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), IEEE, 2016, pp. 1–6.

N. Tripathi and N. Hubballi, “Exploiting DHCP server-side IP address conflict detection: A DHCP starvation attack,” in 2015 IEEE International Conference on Advanced Networks and Telecommuncations Systems (ANTS), IEEE, 2015, pp. 1–3.

T. J. OConnor, “Detecting and responding to data link layer attacks,” SANS Institute InfoSec Reading Room, Oct, vol. 13, 2010.

C. Toprak, C. Turker, and A. T. Erman, “Detection of DHCP starvation attacks in software defined networks: a case study,” in 2018 3rd international conference on computer science and engineering (UBMK), IEEE, 2018, pp. 636–641.

O. S. Younes, “Securing ARP and DHCP for mitigating link layer attacks,” Sādhanā, vol. 42, pp. 2041–2053, 2017.

A. Shete, A. Lahade, T. Patil, and R. Pawar, “DHCP protocol using OTP based two-factor authentication,” in 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI), IEEE, 2018, pp. 136–141.

M. Yaibuates and R. Chaisricharoen, “ICMP based malicious attack identification method for DHCP,” in The 4th Joint International Conference on Information and Communication Technology, Electronic and Electrical Engineering (JICTEE), IEEE, 2014, pp. 1–5.

N. Tripathi and N. Hubballi, “Detecting stealth DHCP starvation attack using machine learning approach,” Journal of Computer Virology and Hacking Techniques, vol. 14, pp. 233–244, 2018.

C. Nykvist, M. Larsson, A. H. Sodhro, and A. Gurtov, “A lightweight portable intrusion detection communication system for auditing applications,” International Journal of Communication Systems, vol. 33, no. 7, p. e4327, 2020.

V. Visoottiviseth, G. Chutaporn, S. Kungvanruttana, and J. Paisarnduangjan, “PITI: Protecting Internet of Things via Intrusion Detection System on Raspberry Pi,” in 2020 International Conference on Information and Communication Technology Convergence (ICTC), IEEE, 2020, pp. 75–80.

A. Setyanto, “Packet Filtering Based On Differentiated Services Code Point For DHCP Starvation Attacks Prevention,” Pekommas, vol. 4, no. 2, pp. 137–146, 2019.

M. Yaibuates and R. Chaisricharoen, “A combination of ICMP and ARP for DHCP malicious attack identification,” in 2020 Joint International Conference on Digital Arts, Media and Technology with ECTI Northern Section Conference on Electrical, Electronics, Computer and Telecommunications Engineering (ECTI DAMT & NCON), IEEE, 2020, pp. 15–19.

A. Jony, A. S. M. Miah, and M. N. Islam, “An Effective Method to Detect DHCP Starvation Attack using Port Scanning,” in 2023 International Conference on Next-Generation Computing, IoT and Machine Learning (NCIM), IEEE, 2023, pp. 1–6.

G. Kumar, “Evaluation metrics for intrusion detection systems-a study,” Evaluation, vol. 2, no. 11, pp. 11–7, 2014.




DOI: http://dx.doi.org/10.23960/jitet.v12i1.3842

Refbacks

  • There are currently no refbacks.


This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Publisher
Jurusan Teknik Elektro, Fakultas Teknik, Universitas Lampung
Jl. Prof. Soemantri Brojonegoro No. 1 Bandar Lampung 35145
Email: jitet@eng.unila.ac.id
Website : https://journal.eng.unila.ac.id/index.php/jitet

Copyright (c) Jurnal Informatika dan Teknik Elektro Terapan (JITET)
pISSN: 2303-0577   eISSN: 2830-7062