skip to main content
10.1145/2995959.2995975acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
short-paper

Analysis on Manipulation of the MAC Address and Consequent Security Threats

Published: 28 October 2016 Publication History

Abstract

In this paper, we analyze manipulation methods of the MAC address and consequent security threats. The Ethernet MAC address is known to be unchanged, and so is highly considered as platform-unique information. For this reason, various services are researched using the MAC address. These kinds of services are organized with MAC address as plat- form identifier or a password, and such a diverse range of security threats are caused when the MAC address is manipulated. Therefore, here we research on manipulation methods for MAC address at different levels on a computing platform and highlight the security threats resulted from modification of the MAC address. In this paper, we introduce manipulation methods on the original MAC address stored in the EEPROM on NIC (Network Interface Card) as hardware- based MAC spoofing attack, which are unknown to be general approaches. This means that the related services should struggle to detect the falsification and the results of this paper have deep significance in most MAC address-based services.

References

[1]
M. Ahmed and Z. M. Hazza. A novel algorithm to prevent man in the middle attack in LAN environment. In Proceedings of the 2010 Spring Simulation Multiconference, SpringSim 2010, Orlando, Florida, USA, April 11--15, 2010, page 106, 2010.
[2]
M. A. F. Al-Husainy. MAC address as a key for data encryption. CoRR, abs/1311.3821, 2013.
[3]
M. Ataullah and N. Chauhan. An efficient and secure solution for the problems of arp cache poisoning attacks. International Journal of Computer, Electrical, Automation, Control and Information Engineering, 6(8):989 -- 996, 2012.
[4]
Cisco. MAC Authentication Bypass Deployment Guide. Cisco Press, November 2011.
[5]
F. Fayyaz and H. Rasheed. Using JPCAP to prevent man-in-the-middle attacks in a local area network environment. IEEE potentials, 31(4):35--37, 2012.
[6]
K. Lee, K. Lee, J. Byun, S. Lee, H. Ahn, and K. Yim. Extraction of platform-unique information as an identifier. JoWUA, 3(4):85--99, 2012.
[7]
U. of Melbourne. MAC address registration. May 2014.
[8]
U. of Tufts. Network device registration. May 2014.
[9]
U. of Washington. Register for CSE network access (wired or wireless). May 2014.
[10]
U. of Yale. Netreg (device registration). May 2014.
[11]
Y. Watanabe, M. Otani, H. Eto, K. Watanabe, and S. Tadaki. A MAC address based authentication system applicable to campus-scale network. In 15th Asia-Pacific Network Operations and Management Symposium, APNOMS 2013, Hiroshima, Japan, September 25--27, 2013, pages 1--3, 2013.
[12]
H. Wu, W. Chen, and Z. Ren. Securing coockies with a mac address encrypted key ring. In 2nd International Conference on Network Security Wireless Communications and Trusted Computing (NSWCTC), pages 62--65, 2010.
[13]
W. Xing, Y. Zhao, and T. Li. Research on the defense against arp spoofing attacks based on winpcap. In Education Technology and Computer Science (ETCS), 2010 Second International Workshop on, volume 1, pages 762--765. IEEE, 2010.

Cited By

View all
  • (2023)Ethernet Device Authentication via Physical Layer FingerprintingSoutheastCon 202310.1109/SoutheastCon51012.2023.10115118(287-294)Online publication date: 1-Apr-2023
  • (2021)Study on the transaction linkage technique combined with the designated terminal for 5G-enabled IoTDigital Communications and Networks10.1016/j.dcan.2020.12.003Online publication date: Jan-2021

Index Terms

  1. Analysis on Manipulation of the MAC Address and Consequent Security Threats

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    MIST '16: Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats
    October 2016
    126 pages
    ISBN:9781450345712
    DOI:10.1145/2995959
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 28 October 2016

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. MAC address
    2. countermeasure
    3. hardware unique information
    4. security threats

    Qualifiers

    • Short-paper

    Funding Sources

    • Institute for Information & communications Technology Promotion

    Conference

    CCS'16
    Sponsor:

    Acceptance Rates

    MIST '16 Paper Acceptance Rate 8 of 22 submissions, 36%;
    Overall Acceptance Rate 21 of 54 submissions, 39%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)8
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 22 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Ethernet Device Authentication via Physical Layer FingerprintingSoutheastCon 202310.1109/SoutheastCon51012.2023.10115118(287-294)Online publication date: 1-Apr-2023
    • (2021)Study on the transaction linkage technique combined with the designated terminal for 5G-enabled IoTDigital Communications and Networks10.1016/j.dcan.2020.12.003Online publication date: Jan-2021

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media