Abstract:
Nowadays, the DHCP starvation attack is a crucial attack that denied the services for the legitimate network user where the attacker mainly occupies all the IP addresses ...Show MoreMetadata
Abstract:
Nowadays, the DHCP starvation attack is a crucial attack that denied the services for the legitimate network user where the attacker mainly occupies all the IP addresses in the DHCP server pool. Most of the existing studies proposed ICMP (Internet Control Message Protocol) and the ARP (Address Resolution Protocol) based techniques to detect the DHCP starvation attack. However, the ICMP-based detection is ineffective if the client has an active host-based firewall that blocks the ICMP ECHO REQUEST, while the ARP-based detection does not work for DHCP networks separated by a DHCP relay agent and works only within the same or local network. Therefore, the objective of this research is to propose an effective technique to detect DHCP starvation attack detection through port scanning to address the limitations of ICMP and ARP-based detection methods. To attain this objective, this study first highlights the limitations of existing detection methods demonstrating insightful facts. Secondly, the study proposed a port scan-based DHCP starvation attack detection method for local and remote (relay) DHCP networks. Finally, the effectiveness and validation of the proposed techniques were demonstrated using the Multivendor Network Emulation Software (EVE-NG). The study showed that the proposed port scanning-based technique could accurately detect the DHCP starvation attack while overcoming the limitations of the ICMP and ARP techniques.
Published in: 2023 International Conference on Next-Generation Computing, IoT and Machine Learning (NCIM)
Date of Conference: 16-17 June 2023
Date Added to IEEE Xplore: 21 August 2023
ISBN Information: