A Survey of Ethernet LAN Security

Ethernet is the survivor of the LAN wars. It is hard to find an IP packet that has not passed over an Ethernet segment. One important reason for this is Ethernet's simplicity and ease of configuration. However, Ethernet has always been known to be an insecure technology. Recent successful malwa...

Full description

Saved in:
Bibliographic Details
Published inIEEE Communications surveys and tutorials Vol. 15; no. 3; pp. 1477 - 1491
Main Authors Kiravuo, Timo, Sarela, Mikko, Manner, Jukka
Format Journal Article
LanguageEnglish
Published IEEE 01.01.2013
Subjects
Data security
Ethernet networks
IP networks
Local area networks
Ports (Computers)
Routing protocols
Security
Switches
Online AccessGet full text

Cover

More Information
Summary:Ethernet is the survivor of the LAN wars. It is hard to find an IP packet that has not passed over an Ethernet segment. One important reason for this is Ethernet's simplicity and ease of configuration. However, Ethernet has always been known to be an insecure technology. Recent successful malware attacks and the move towards cloud computing in data centers demand that attention be paid to the security aspects of Ethernet. In this paper, we present known Ethernet related threats and discuss existing solutions from business, hacker, and academic communities. Major issues, like insecurities related to Address Resolution Protocol and to self-configurability, are discussed. The solutions fall roughly into three categories: accepting Ethernet's insecurity and circling it with firewalls; creating a logical separation between the switches and end hosts; and centralized cryptography based schemes. However, none of the above provides the perfect combination of simplicity and security befitting Ethernet.
ISSN:1553-877X
DOI:10.1109/SURV.2012.121112.00190