Malicious JavaScript Insertion through ARP Poisoning Attacks

Security&Privacy
2009
Issue No. 3 - May/June
Abstract - Malicious JavaScript Insertion through ARP Poisoning Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Bojan Zdrnja

May/June 2009 (vol. 7 no. 3)

pp. 72-74

	ASCII Text	x
	Bojan Zdrnja, "Malicious JavaScript Insertion through ARP Poisoning Attacks," IEEE Security and Privacy, vol. 7, no. 3, pp. 72-74, May/June, 2009.

	BibTex	x
	@article{ 10.1109/MSP.2009.72, author = {Bojan Zdrnja}, title = {Malicious JavaScript Insertion through ARP Poisoning Attacks}, journal ={IEEE Security and Privacy}, volume = {7}, number = {3}, issn = {1540-7993}, year = {2009}, pages = {72-74}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2009.72}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security and Privacy TI - Malicious JavaScript Insertion through ARP Poisoning Attacks IS - 3 SN - 1540-7993 SP72 EP74 EPD - 72-74 A1 - Bojan Zdrnja, PY - 2009 KW - arp poisoning KW - Address Resolution Protocol KW - ARP KW - network KW - security KW - malicious javascript insertion KW - security & privacy KW - attack trends VL - 7 JA - IEEE Security and Privacy ER -

Bojan Zdrnja, INFIGO IS

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2009.72

Details about ARP poisoning attacks as well as countermeasures have been known for years. Yet, most networks are still vulnerable to these attacks because they haven't implemented defenses. This article explains how ARP poisoning attacks work and analyzes how such attacks are exploited in the wild against Web hosting companies, where the ARP poisoning attacks are used for real-time network traffic modification.

1. D.C. Plummer, An Ethernet Address Resolution Protocol, RFC 826, Nov. 1982; http://tools.ietf.org/htmlrfc826.
2. C. Seifert, "Know Your Enemy: Behind the Scenes of Malicious Web Servers," Honeynet Project, Nov. 2007; www.honeynet.org/paperswek.
3. B. Zdrnja, "Massive ARP Spoofing Attacks on Web Sites," SANS Internet Storm Center, Mar. 2009; http://isc.sans.orgdiary.html?storyid=6001
4. Y. Bhaiji, Network Security Technologies and Solutions, CCIE Professional Development Series, Cisco Press, 2008.

Index Terms:

arp poisoning, Address Resolution Protocol, ARP, network, security, malicious javascript insertion, security & privacy, attack trends

Citation:

Bojan Zdrnja, "Malicious JavaScript Insertion through ARP Poisoning Attacks," IEEE Security and Privacy, vol. 7, no. 3, pp. 72-74, May/June 2009, doi:10.1109/MSP.2009.72

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.