Man-in-the-middle (MITM) attacks represent a significant threat to the confidentiality and integrity of data communications within computer networks. Such attacks occur when an attacker intercepts and potentially alters the data being exchanged between two communicating parties, thereby compromising sensitive information and transactions. Many cryptographic systems lacking robust authentication measures are susceptible to MITM attacks, underscoring the pressing need for effective security solutions.This study presents the EL_ALBI framework, an innovative approach that combines the strengths of Intrusion Prevention System (IPS) rules with DHCP Snooping protocols to detect and prevent MITM attacks in computer networks. The IPS rule component continuously analyzes network traffic, employing predefined rules and signatures to identify and block malicious activities and patterns associated with MITM attacks. At the same time, the DHCP Snooping protocol maintains a binding table of valid IP address, MAC address, and port mappings, ensuring that only authorized devices can obtain IP addresses from legitimate DHCP servers, thereby preventing unauthorized network access. The proposed framework was implemented and evaluated through simulations using Packet Tracer 8.1 network simulation software. The simulation environment consisted of network devices such as switches and routers, with designated devices acting as attackers and servers to replicate real-world MITM attack scenarios. The framework's performance was assessed based on key metrics, including packet loss, network availability, and the mitigation of denial-of-service (DoS) attacks. The results demonstrated the effectiveness of the EL_ALBI framework in reducing packet loss, maintaining network availability, and mitigating DoS attacks related to MITM incidents, surpassing the efficacy of traditional security measures. These findings highlight the potential of the proposed framework to enhance network security and protect sensitive information from unauthorized access and modification.
Loading....