Malicious JavaScript Insertion through ARP Poisoning Attacks

Bojan Zdrnja

doi:10.1109/MSP.2009.72

Security&Privacy
2009
Issue No. 3 - May/June
Abstract - Malicious JavaScript Insertion through ARP Poisoning Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Bojan Zdrnja

Malicious JavaScript Insertion through ARP Poisoning Attacks

May/June 2009 (vol. 7 no. 3)

pp. 72-74

	ASCII Text	x
	Bojan Zdrnja, "Malicious JavaScript Insertion through ARP Poisoning Attacks," IEEE Security & Privacy, vol. 7, no. 3, pp. 72-74, May/June, 2009.

	BibTex	x
	@article{ 10.1109/MSP.2009.72, author = {Bojan Zdrnja}, title = {Malicious JavaScript Insertion through ARP Poisoning Attacks}, journal ={IEEE Security & Privacy}, volume = {7}, number = {3}, issn = {1540-7993}, year = {2009}, pages = {72-74}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2009.72}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security & Privacy TI - Malicious JavaScript Insertion through ARP Poisoning Attacks IS - 3 SN - 1540-7993 SP72 EP74 EPD - 72-74 A1 - Bojan Zdrnja, PY - 2009 KW - arp poisoning KW - Address Resolution Protocol KW - ARP KW - network KW - security KW - malicious javascript insertion KW - security & privacy KW - attack trends VL - 7 JA - IEEE Security & Privacy ER -

Bojan Zdrnja, INFIGO IS

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2009.72

Details about ARP poisoning attacks as well as countermeasures have been known for years. Yet, most networks are still vulnerable to these attacks because they haven't implemented defenses. This article explains how ARP poisoning attacks work and analyzes how such attacks are exploited in the wild against Web hosting companies, where the ARP poisoning attacks are used for real-time network traffic modification.

1. D.C. Plummer, An Ethernet Address Resolution Protocol, RFC 826, Nov. 1982; http://tools.ietf.org/htmlrfc826.
2. C. Seifert, "Know Your Enemy: Behind the Scenes of Malicious Web Servers," Honeynet Project, Nov. 2007; www.honeynet.org/paperswek.
3. B. Zdrnja, "Massive ARP Spoofing Attacks on Web Sites," SANS Internet Storm Center, Mar. 2009; http://isc.sans.orgdiary.html?storyid=6001
4. Y. Bhaiji, Network Security Technologies and Solutions, CCIE Professional Development Series, Cisco Press, 2008.

Index Terms:

arp poisoning, Address Resolution Protocol, ARP, network, security, malicious javascript insertion, security & privacy, attack trends

Citation:

Bojan Zdrnja, "Malicious JavaScript Insertion through ARP Poisoning Attacks," IEEE Security & Privacy, vol. 7, no. 3, pp. 72-74, May-June 2009, doi:10.1109/MSP.2009.72

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.