An Analysis of DHCP Vulnerabilities, Attacks, and Countermeasures

被引：2

作者：

AbdulGhaffar, AbdulAziz ^{[1
]}

Paul, Sumit Kumar ^{[2
]}

Matrawy, Ashraf ^{[3
]}

机构：

[1] Carleton Univ, Dept Syst & Comp Engn, Ottawa, ON, Canada

[2] Univ Ottawa, Dept Elect & Comp Engn, Ottawa, ON, Canada

[3] Carleton Univ, Sch Informat Technol, Ottawa, ON, Canada

来源：

2023 BIENNIAL SYMPOSIUM ON COMMUNICATIONS, BSC | 2023年

关键词：

DHCP; Starvation Attack; DoS Attack; Rogue server; Spoofing; Phishing attack; Replay attack; Man-in-themiddle attack;

D O I：

10.1109/BSC57238.2023.10201458

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

A large number of devices use the Dynamic Host Control Protocol (DHCP) protocol to obtain network configurations like IP address, gateway, Domain Name System (DNS) address, etc. However, the security aspect was not considered thoroughly during its design phase. As a result, it has several very lucrative vulnerabilities to many attackers. In this analysis, we discuss the major vulnerabilities of the DHCP protocol that can result in different attacks. These vulnerabilities include a lack of authentication, confidentiality, and integrity. We also explain different attacks that can be performed by exploiting these vulnerabilities, like rogue DHCP server attacks, DHCP starvation attacks, or replay attacks. Furthermore, we summarize the countermeasures proposed by the researchers to nullify and mitigate these attacks. Moreover, the advantages and drawbacks of the countermeasures are also discussed in this paper.

引用

页码：119 / 124

页数：6

共 34 条

[1] Modeling and Evaluation of Software Defined Networking Based 5G Core Network Architecture [J].

Abdulghaffar, Abdulaziz ;

Mahmoud, Ashraf ;

Abu-Amara, Marwan ;

Sheltami, Tarek .

IEEE ACCESS, 2021, 9 :10179-10198

[2] Internet of Things based multiple disease monitoring and health improvement system [J].

AbdulGhaffar, AbdulAziz ;

Mostafa, Saud Mohammad ;

Alsaleh, Ammar ;

Sheltami, Tarek ;

Shakshuki, Elhadi M. .

JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2020, 11 (03) :1021-1029

[3] Discrete Event System Framework for Fault Diagnosis with Measurement Inconsistency: Case Study of Rogue DHCP Attack [J].

Agarwal, Mayank ;

Biswas, Santosh ;

Nandi, Sukumar .

IEEE-CAA JOURNAL OF AUTOMATICA SINICA, 2019, 6 (03) :789-806

[4] DHCP attacking tools: an analysis [J].

Aldaoud, Manar ;

Al-Abri, Dawood ;

Al Maashri, Ahmed ;

Kausar, Firdous .

JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES, 2021, 17 (02) :119-129

[5]

Atkins D., 1996, PGP MESSAGE EXCHANGE

[6] Leveraging SDN to Improve the Security of DHCP [J].

Cox, Jacob H., Jr. ;

Clark, Russell J. ;

Owen, Henry L., III .

SDN-NFV SECURITY'16: PROCEEDINGS OF THE 2016 ACM INTERNATIONAL WORKSHOP ON SECURITY IN SOFTWARE DEFINED NETWORKS & NETWORK FUNCTION VIRTUALIZATION, 2016, :35-38

[7]

De Graaf K., 2013, US Patent, Patent No. [8,555,347, 8555347]

[8]

Dinu DD, 2017, P ROMANIAN ACAD A, V18, P403

[9]

Dinu DD, 2015, 2015 IEEE 10TH JUBILEE INTERNATIONAL SYMPOSIUM ON APPLIED COMPUTATIONAL INTELLIGENCE AND INFORMATICS (SACI), P405, DOI 10.1109/SACI.2015.7208238

[10]

Dinu DD, 2014, 2014 10TH INTERNATIONAL CONFERENCE ON COMMUNICATIONS (COMM)

← 1 2 3 4 →