Publication Type:

Journal Article

Source:

Communications in Computer and Information Science, Springer Verlag, Volume 746, p.195-204 (2017)

ISBN:

9789811068973

URL:

https://www.scopus.com/inward/record.uri?eid=2-s2.0-85034588426&doi=10.1007%2f978-981-10-6898-0_16&partnerID=40&md5=d40e00a7816fdfb8a8f0f0398080e92c

Keywords:

Auto discovery, Auto-configuration, Computer science, Computers, DHCP servers, DHCP snooping, IP addresss, Picture archiving and communication systems, Proxy server, Web servers, Web services, WPAD

Abstract:

<p>As part of configuring a large number of systems within a network, the Proxy-Auto Configuration (PAC) file is used to have a common configuration. This is done by using the feature called Web Proxy Auto Discovery (WPAD) that helps the browser to determine the available PAC file. PAC file path is configured in DHCP servers. The attacker impersonates as the DHCP server and provides the malicious PAC file to the user. PAC file determines the proxy server to be used for a particular Uniform Resource Locator (URL). Attacker has to be on the same network as the victim or able to spoof DHCP response packets. The PAC file is retrieved from the attacker web server. The attacker replaces the PAC file with malicious PAC file that can redirect traffic to the attacker IP address. Victim is redirected to the attacker controlled proxy server. The attacker is able to view the URL the victim visits. This is performed before a secure connection is established between the client and the web server. This attack can be mitigated by using a technique called DHCP snooping in switches that can verify DHCP messages passing through the switch that prevents impersonation of DHCP server. © 2017, Springer Nature Singapore Pte Ltd.</p>

Notes:

cited By 0; Conference of 5th International Symposium on Security in Computing and Communications, SSCC 2017 ; Conference Date: 13 September 2017 Through 16 September 2017; Conference Code:204689

Cite this Research Publication

K. R. Atul and Jevitha, K. P., “Prevention of PAC File Based Attack Using DHCP Snooping”, Communications in Computer and Information Science, vol. 746, pp. 195-204, 2017.

207
PROGRAMS
OFFERED
6
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
8th
RANK(INDIA):
NIRF 2018
150+
INTERNATIONAL
PARTNERS