CrazyEngineers Logo

Computer Networks - Final Year Project

Hi, I am looking for a thesis topic that is in the field of computer networks. I have read articles and other websites to try and look for an idea but I always seem to be stuck at some point.

As an example I was considering doing my topic on man-in-the-middle attacks and relating it to Wi-Fi hotspots. In fact I also found attack tools that are capable of launching such an attack. The problem that I found in this topic is that I do not know what I will be able to contribute by doing this project.

In order to elaborate, I was reading for example a Cisco paper that explained mitigation techniques that could be used in order to protect against ARP Cache poisoning attacks (using cisco routers). I also found links to software/hardware products that are able to solve/mitigate the problem when they are implemented in wireless networks. I'm really confused because when I read this paper and other articles it seems as if the problem is solved while other articles on networking websites say that MITM attacks is still a big problem.

Could you please give me suggestions on other network topics that I could consider for my dissertation? (the dissertation also has a testing part; so I must be able to test something). Also I would appreciate if someone can give me an idea about how I could approach man-in-the-middle attacks from a point where I am able to still produce a valid thesis.

Replies

  • Kaustubh Katdare
    Kaustubh Katdare
    Thread moved to IT engineering section.
  • durga ch
    durga ch
    I seem to understand where you are coming from, but I need further deatils to conclude. For example- when you are reading cisco independent work, the solution might be limited only for cisco devices , and might not be a standardised approach, so while few other papers might suggest the problem still persists , cisco papers might state its sovled. Have you checked further, what are the loopholes in the suggestions made by cisco papers?I would suggest read the latest published information, may be in past 2 yrs nothing older than that. That should help you to assertain till what extend the work has been completed.
    As I currently browse internet for already existing solutions for the MITM attack, i can see work being done at MIT as well, (i did not read all the approaches) but selecting one of them and try to implement it.
  • ceaalop
    ceaalop
    thanks for your reply. I found this link: #-Link-Snipped-# from SANS and it describes some configuration commands that can be done on Cisco routers in order to mitigate ARP cache poisoning attacks. However the article also says that equivalent commands are also available on Brocade, HP and most other router/switches on the market. 😔

    I do not know if my thinking is right here, but I thought maybe I should test these mitigations techniques in a wireless hotspot environment and then document about whether there are any problems with them or if they work at all in such an environment. For example one technique mentioned in this website is DHCP snooping and I do not know whether such a technique can be used in a Wi-Fi hotspot scenario since it works by maintaining a table of MAC addresses and their corresponding IP addresses (similar to ARP table). Do you think that testing out these mitigations techniques in a wireless hotspot scenario and then documenting any problems with regards to factors such as performance and security still make this a valid thesis?

    With regards to the MIT research that you also mentioned I found some articles on the internet that said that MIT researchers have found a solution. Here's a detailed article if you're interested: #-Link-Snipped-#
    The other papers that I have read mostly suggested some alterations to the ARP protocol itself, however I will read some more so that I get a more information about the subject.
  • durga ch
    durga ch
    hello,

    after doing a little research over internet this is what i can contribute. DHCP snooping is just one for the ways in which MITM can 'hurt' the network. As mentioned in many documents, MITM problem can be hanlded by configuring all the ports by default as 'non-trustworthy' and reconfiguring only the port with the DHCP server as trusty port.
    For example-
    if host A and host B are conencted to a switch at ports 1 and 2 and DHCP server is conencted at port 6, the switch can be internally configured to restrict any DHCP replies from any other port than 6. Thus in case an attacker connects to port 7 and tries sending response, the switch simply discards. I beleive, this is the mitigation for MITM attacks and other network equipement manaufacturees too have their own command sets to configure the LAN switch in this fashion. This is all in wired LANs.

    Coming to wireless networks, rogue APs(access points) can be put up and the rougue AP can repsond as if its a authenticated AP to the communciating hosts. By far, I dont see a text describing mitigation of MITM in wireless networks. (I need to do further research).

    MITM techinuqes can be implemented as below:

    local area network:
    ARP poisoning
    DNS spoofing
    Port stealing
    STP mangling

    From Local to Remote(through gateway)
    ARP Poisoning
    DNS spoofing
    DHCP spoofing
    ICMP redirection
    IRDP spoofing
    route mangling

    remote:
    DNS poisoning
    traffic tunneling
    route mangling

    wireless:
    access point reassocation


    refer:- (documents are old , but give pretty good idea )
    1. #-Link-Snipped-#
    2. PDF
  • ceaalop
    ceaalop
    thanks for your detailed reply 😀 . with regards to ARP poisoning attacks as far as I know they can also be performed on wireless local area networks using tools such as Cain & Abel (there are plenty of videos on youtube showing this type of attack ).

    Although I am interested on the subject of rogue APs and evil twin setups, I would like to focus on detection/mitigation of MITM attacks in a wireless hotspot environment where the attacker sits in between the client machine and the access point (so no additional APs will be involved). Given the amount of literature that is already available on ARP cache poisoning I'll probably focus on this type of MITM attack.

    This wiki article Arp Cache Poisoning contains a whole list of software/hardware that can be used in order to mitigate ARP cache poisoning attacks; but again the problem is I do not know whether these tools will work on wireless networks as well. In the coming days I'll read more about the detection and mitigation of MITM attacks on wireless networks so as to have a clearer picture.

    Sorry about the DHCP snooping part, didn't realize that it only worked on wired LANs. 😴
  • Bashiruddin Naik
    Bashiruddin Naik
    durga
    hello,

    after doing a little research over internet this is what i can contribute. DHCP snooping is just one for the ways in which MITM can 'hurt' the network. As mentioned in many documents, MITM problem can be hanlded by configuring all the ports by default as 'non-trustworthy' and reconfiguring only the port with the DHCP server as trusty port.
    For example-
    if host A and host B are conencted to a switch at ports 1 and 2 and DHCP server is conencted at port 6, the switch can be internally configured to restrict any DHCP replies from any other port than 6. Thus in case an attacker connects to port 7 and tries sending response, the switch simply discards. I beleive, this is the mitigation for MITM attacks and other network equipement manaufacturees too have their own command sets to configure the LAN switch in this fashion. This is all in wired LANs.

    Coming to wireless networks, rogue APs(access points) can be put up and the rougue AP can repsond as if its a authenticated AP to the communciating hosts. By far, I dont see a text describing mitigation of MITM in wireless networks. (I need to do further research).

    MITM techinuqes can be implemented as below:

    local area network:
    ARP poisoning
    DNS spoofing
    Port stealing
    STP mangling

    From Local to Remote(through gateway)
    ARP Poisoning
    DNS spoofing
    DHCP spoofing
    ICMP redirection
    IRDP spoofing
    route mangling

    remote:
    DNS poisoning
    traffic tunneling
    route mangling

    wireless:
    access point reassocation


    refer:- (documents are old , but give pretty good idea )
    1. #-Link-Snipped-#
    2. PDF
    Thanks for the details!!
    I looking for this..
  • ceaalop
    ceaalop
    for anyone that is following this thread and is interested in wireless man-in-the-middle attacks, check this paper published by MIT researchers: PDF

    I'm reading it at the moment 😀

You are reading an archived discussion.

Related Posts

Help Me to Select One Topic from the List.

hai i have got 3 project topics, but i am in a confusion to select to do which one. can anyone help me. the topics are 1... usb host controlled...

Never Judge Anyone

Never Judge Anyone​ ​​ ​The doctor entered the hospital in hurry after being called in for an urgent surgery. He answered the call ASAP, changed his clothes & went directly...

Oddest Job Interview Questions Asked at Tech Companies in 2011

“How many people are using Facebook in San Francisco at 2:30 p.m. on a Friday?” — Asked at Google, Vendor Relations Manager candidate “If Germans were the tallest people in...

Introduction by Abhishek Swain - New CEan

Hello CEians, I am Abhishek Swain, a Computer Science Engineering student. I like to capture magical tech related information into my dictionary and become a technocrat. I hope that I...

The Salty Coffee!

The Salty Coffee​ ​​ ​He met her at a party. She was so outstanding, many guys chasing after her, while he was so normal, nobody paid attention to him. At...