Vesper: Using Echo-Analysis to Detect Man-in-the-Middle Attacks in LANs

by   Yisroel Mirsky, et al.

The Man-in-the-Middle (MitM) attack is a cyber-attack in which an attacker intercepts traffic, thus harming the confidentiality, integrity, and availability of the network. It remains a popular attack vector due to its simplicity. However, existing solutions are either not portable, suffer from a high false positive rate, or are simply not generic. In this paper, we propose Vesper: a novel plug-and-play MitM detector for local area networks. Vesper uses a technique inspired from impulse response analysis used in the domain of acoustic signal processing. Analogous to how echoes in a cave capture the shape and construction of the environment, so to can a short and intense pulse of ICMP echo requests model the link between two network hosts. Vesper uses neural networks called autoencoders to model the normal patterns of the echoed pulses, and detect when the environment changes. Using this technique, Vesper is able to detect MitM attacks with high accuracy while incurring minimal network overhead. We evaluate Vesper on LANs consisting of video surveillance cameras, servers, and PC workstations. We also investigate several possible adversarial attacks against Vesper, and demonstrate how Vesper mitigates these attacks.



There are no comments yet.


page 3

page 6

page 8

page 9

page 10

page 13

page 14

page 15


A Proactive Design to Detect Denial of Service Attacks Using SNMP-MIB ICMP Variables

Denial of Service (DOS) attack is one of the most attack that attract th...

Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection

Neural networks have become an increasingly popular solution for network...

PRISM: A Hierarchical Intrusion Detection Architecture for Large-Scale Cyber Networks

The increase in scale of cyber networks and the rise in sophistication o...

Proximity Verification Based on Acoustic Room Impulse Response

Device proximity verification has a wide range of security applications ...

Detection of Iterative Adversarial Attacks via Counter Attack

Deep neural networks (DNNs) have proven to be powerful tools for process...

Enterprise Cyber Resiliency Against Lateral Movement: A Graph Theoretic Approach

Lateral movement attacks are a serious threat to enterprise security. In...

Detection of Lying Electrical Vehicles in Charging Coordination Application Using Deep Learning

The simultaneous charging of many electric vehicles (EVs) stresses the d...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.