A secure intrusion detection and prevention (idp) framework for computer networks

Abstract

Cyberattack is a serious criminal offense that causes serious information leakage and result in tremendous loss to data of users. A man-in-the-middle-attack (MITM) is a kind of cyberattack where an unapproved outsider enters into an online correspondence between two users. MITM is one of the most well-known and widespread attacks in cybersecurity, targeting connection between two parties and directly putting into jeopardy the confidentiality and coherence of the data itself. The attacker installs a malware that is in the middle-attack which can access, read and change secret information without the knowledge of the users. This issue is intense, and most of the cryptographic systems without decent authentication security are threatened to be hacked by the malware named ‘man-in-the-middle-attack’. It is through this problem that the researcher proposes a framework known as EL_ALBI framework that combines two protocols (IPS Rule and DHCP Snooping) to detect and prevent man in the middle attacks on computer networks. El_ALBI framework was simulated using packet tracer 8.1 platform where the algorithm of the framework is implemented on the network devices including the switch and routers to prevent any attacks coming on the network. The framework is tested using the devices on the network as attacker and servers. Based on the testing parameters such as packet lost, Denial of Service and Network Availability, the results show that the framework was able to detect and prevent man in the middle attacks on computer network.