الفهرس 
IntroductionOnly 14 pages are availabe for public view
 |  | from | 126 |  |  |
| | | from | 126 | | |
Abstract
The need for Local Networks has been increased due to the rapid growth of its services and applications; therefore, the focus on the security of LANs becomes a more concern. Unlike the upper layers of the OSI reference model, the datalink security layer is inadequately addressed.
The recent network has some built in security features, but they are enough to ensure the local networks security. Moreover, these features require network administrator involvement and possibly some configuration errors may happen. In addition, the datalink layer protocols have no security options. Therefore, our focus will be increasing the security of the datalink layer against the most common attack that threats its operations.
Several datalink layer attacks have been detected including ARP attacks, MAC attacks, DHCP attacks, VLAN attacks, and STP attacks. Yet, the most dangerous one is ARP spoofing.
Several solutions have been proposed to mitigate the ARP spoofing attacks. Nevertheless, using static ARP entries is considered the most effective way to prevent ARP spoofing.
The main concern of the thesis is to propose a technique to prevent ARP spoofing attacks, this technique automatically configure static ARP entries and can work static and dynamic addressing schemes. The thesis will include the following chapters:
Chapter 1 presents a brief introduction to the data Link layer attacks and ARP spoofing attacks, the chapter shows the main objective and structure of the thesis.
Chapter 2 explain the datalink layer attacks, ARP attacks, MAC attacks, DHCP attacks, VLAN attacks, and STP attacks. The operations of every one of these attacks work. The methods used to mitigate each one of these attacks.
Chapter 3 this chapter is devoted for the ARP Spoofing attacks. The chapter shows the details of the ARP protocol and its operations. The chapter continue to explain ARP spoofing attacks and the different categories of solutions to prevent this attack.
Chapter 4 uncovers the details of the proposed method to prevent ARP spoofing attacks. It illustrates the proposed method model, which is composed of two ARP entities, three different protocol messages, and two protocol algorithms. Moreover, it shows the interaction between the different components of the proposed method to solve the ARP spoofing problem.
Chapter 5 deploys the proposed method at the real network, and observes if it is working as expected or not. The proposed method is tested in two different test cases (normal Case and spoofing case).
Chapter 6 shows the basics of computer systems performance analysis. In this chapter, we conduct some experiments to measure the response time at the different stages of the proposed system
Chapter 7 shows the conclusion of this thesis and the future work.