Systems and Means of Informatics
2014, Volume 24, Issue 4, pp 100-110
THE PROPAGATION METHOD BY MEANS OF AN ATTACK OF THE 'MAN-IN-THE-MIDDLE' TYPE IN THE DHCP PROTOCOL
- M. V. Levykin
- M. I. Tronenko
- I. V. Shidlovsky-Moskvin
Abstract
The research of the up-to-date malicious software conducted by the authors detected that one of the main methods of their expansion is the attack to the Dynamic Host Configuration Protocol (DHCP) made in order to organize the "man-in-the-middle" scheme. However, the result of such attack is of probabilistic nature and it depends on the difference between the speeds of response of antagonistic and legal (licensed) DHCP servers. The present paper describes the concept of expansion by means of the "man-in-the-middle" attack in the DHCP protocol and its limitations, imposed by the DHCP protocol. Examination of the DHCP protocol and limitations imposed on the expansion concept in it leads to creation of the new method which executes the attack of the "man-in-the-middle" type. This new method of unavoidable attack on the DHCP protocol excludes the probability of its failure and is the main result of the present research.
[+] References (6)
- Grusho, A. A., and E.E. Timonina. 2006. Raspredelennye ataki na raspredelennye sistemy [Distributed attacks on distributed systems]. Jet Info 1(152):3-14.
- Grusho, A. A., N. A. Grusho, andE. E. Timonina. 2009. Metody zashchity informatsii ot atak s pomoshch'yu skrytykh kanalov i vrazhdebnykh programmno-apparatnykh agentov v raspredelennykh sistemakh [Methods of information protection against covert channels
attacks and malicious software/hardware agents in distributed systems]. Vestnik RGGU [Bulletin of RSUH] 10:33-45.
- Zolotukhin, M., and T. Hamalainen. 2014. DNS and DHCP spoofing. Department of Mathematical Information Technology, University of Jyvaskyla.
- Levykin, M. V. 2013. Novye printsipy modelirovaniya avtonomnykh samorasprostra- nyayushchikhsya system [New principles of modeling of autonomous self-propagating malware]. Sistemy i Sredstva Informatiki - Systems and Means of Informatics 23(1): 14-26.
- Al-Hajeri, A. 2002. DNS spoofing attack: GCIH Practical Assignment version 2.1. SANS Institute. 36 p.
- Levykin, M. V. 2011. Novye osobennosti samorasprostranyayushchikhsya vredonosnykh program [New features of self-propagating malware]. Sistemy i Sredstva Informatiki - Systems and Means of Informatics 21(2):69-72.
[+] About this article
Title
THE PROPAGATION METHOD BY MEANS OF AN ATTACK OF THE 'MAN-IN-THE-MIDDLE' TYPE IN THE DHCP PROTOCOL
Journal
Systems and Means of Informatics
Volume 24, Issue 4, pp 100-110
Cover Date
2013-11-30
DOI
10.14357/08696527140406
Print ISSN
0869-6527
Publisher
Institute of Informatics Problems, Russian Academy of Sciences
Additional Links
Key words
DHCP protocol; man-in-the-middle; local area net (LAN); guaranteed method of propagation; malicious code
Authors
M. V. Levykin  , M. I. Tronenko ,
and I. V. Shidlovsky-Moskvin 
Author Affiliations
Institute of Informatics Problems, Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119333, Russian Federation
Closed Joint Stock Company RNT, 6, 2nd Ostankinskaya Str., Moscow 129515, Russian Federation
|