Open Access   Article Go Back

Wireshark as a Tool for Detection of Various LAN Attacks

Haroon Iqbal1 , Sameena Naaz2

Section:Research Paper, Product Type: Journal Paper
Volume-7 , Issue-5 , Page no. 833-837, May-2019

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v7i5.833837

Online published on May 31, 2019

Copyright © Haroon Iqbal, Sameena Naaz . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Haroon Iqbal, Sameena Naaz, “Wireshark as a Tool for Detection of Various LAN Attacks,” International Journal of Computer Sciences and Engineering, Vol.7, Issue.5, pp.833-837, 2019.

MLA Style Citation: Haroon Iqbal, Sameena Naaz "Wireshark as a Tool for Detection of Various LAN Attacks." International Journal of Computer Sciences and Engineering 7.5 (2019): 833-837.

APA Style Citation: Haroon Iqbal, Sameena Naaz, (2019). Wireshark as a Tool for Detection of Various LAN Attacks. International Journal of Computer Sciences and Engineering, 7(5), 833-837.

BibTex Style Citation:
@article{Iqbal_2019,
author = {Haroon Iqbal, Sameena Naaz},
title = {Wireshark as a Tool for Detection of Various LAN Attacks},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {5 2019},
volume = {7},
Issue = {5},
month = {5},
year = {2019},
issn = {2347-2693},
pages = {833-837},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=4322},
doi = {https://doi.org/10.26438/ijcse/v7i5.833837}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v7i5.833837}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=4322
TI - Wireshark as a Tool for Detection of Various LAN Attacks
T2 - International Journal of Computer Sciences and Engineering
AU - Haroon Iqbal, Sameena Naaz
PY - 2019
DA - 2019/05/31
PB - IJCSE, Indore, INDIA
SP - 833-837
IS - 5
VL - 7
SN - 2347-2693
ER -

VIEWS PDF XML
1006 377 downloads 140 downloads
  
  
           

Abstract

This paper describes the importance of wireshark as a sniffing tool in a computer network. Any throttle in the performance of a network can prove to be a serious concern for network administrators, often leading to huge loss of resources. Many times the cause behind service disruptions like sudden terminal shutdown, connectivity loss, performance degradation etc go undetected because of unawareness about traffic analyzing tools or not knowing exactly why a disruption has occured and is often concluded due to poor network architecture. However, sometimes the cause behind such service disruptions could be due to external attacks which attempt to bring our web server down, send false ARP reply packets or infect our network with malware to form a part of a botnet. The first step towards taking proper action in all these cases is to determine the source of the attack and here, wireshark can be used to monitor and map network traffic. This paper shows how wireshark can prove to be extremely beneficial in such scenarios and accentuates how various local area network attacks like ARP poisoning,DOS attack,MAC flooding and DNS spoofing can be detected using wireshark and also provides some mitigation techniques for these attacks.

Key-Words / Index Term

Wireshark, LAN Attacks, Packet Sniffers, TCP/IP, Switch, Hub, Server

References

[1] C. Sanders, Practical Packet Analysis With Wireshark. .
[2] S. Mishra, L. Jena, and A. Pradhan, “Networking Devices and Topologies: A Succinct Study,” 2012.
[3] S. Hijazi and M. S. Obaidat, “Address resolution protocol spoofing attacks and security approaches: A survey,” Secur. Priv., p. e49, Dec. 2018.
[4] D. Bruschi, A. Ornaghi, and E. Rosti, “S-ARP: a secure address resolution protocol,” in 19th Annual Computer Security Applications Conference, 2003. Proceedings., pp. 66–74.
[5] M. Hamedi, Insider Attack and Cyber Security, vol. 39, no. 2. Boston, MA: Springer US, 2008.
[6] S. Pavithirakini, D. D. M. M. Bandara, C. N. Gunawardhana, K. K. S. Perera, B. G. M. M. Abeyrathne, and D. Dhammearatchi, “Improve the Capabilities of Wireshark as a tool for Intrusion Detection in DOS Attacks,” Int. J. Sci. Res. Publ., vol. 6, no. 4, p. 378, 2016.
[7] “Denial of service (DoS) attack prevention through random access channel resource reallocation,” Dec. 2010.
[8] R. Droms, “Dynamic Host Configuration Protocol,” Mar. 1997.
[9] X. Gu and R. Hunt, “Wireless LAN Attacks and Vulnerabilities,” Networks and Communication Systems. ACTA Press.
[10] L. Senecal, “Understanding and preventing attacks at layer 2 of the OSI reference model,” in 4th Annual Communication Networks and Services Research Conference (CNSR’06), 2006, p. 1 pp.
[11] J. Biswas and A. Ashutosh, “An Insight in to Network Traffic Analysis using Packet Sniffer,” Int. J. Comput. Appl., vol. 94, no. 11, pp. 39–44, 2014.
[12] S. Naaz and F. A. Badroo, “Investigating DHCP and DNS Protocols Using Wireshark Investigating DHCP and DNS Protocols Using Wireshark,” no. May 2017, pp. 0–8, 2016.