Abstract
Network security problems have been well known and addressed in the application, transport, or network layers. However, the Data Link Layer (Layer 2) security has not been adequately addressed yet. To secure Local or Metropolitan Area Networks, the IEEE 802.1AE Media Access Control (MAC) Security Task Group has proposed the IEEE P802.1AE Standard for Local and Metropolitan Area Networks: MAC Security (MACsec). MACsec introduces a new tag field, Security TAG (SecTAG), in Layer 2 frames. In this paper, we discuss the security concerns in Layer 2 and summarize some of the possible attacks in Layer 2 in Internet Protocol (IP) over Ethernet networks. We also provide an overview of the MACsec. Lastly, we propose to incorporate additional fields into the SecTAG to improve security in local area networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Howard, C.: Layer 2 – The Weakest Link: Security Considerations at the Data Link Layer. Available at http://www.cisco.com/en/US/about/ac123/ac114/ac173/ac222/about_cisco_packet_feature09186a0080142deb.html
Bashir, M.S.: ARP Cache Poisoning with Ettercap (August 2003), Available at http://www.giac.org/practical/GSEC/Mohammad_Bashir_GSEC.pdf
Plummer, D.C.: Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware. RFC 826 (November 1982)
Rouiller, S.A.: Virtual LAN Security: weaknesses and counter measures. Available at http://www.sans.org/rr/papers/38/1090.pdf
Convery, S.: Hacking Layer 2: Fun with Ethernet Switches (Blackh, at (2002), Available at http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-converyswitches.pdf
IEEE P802.1AE/D2.0 Draft Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Security. Available at http://www.ieee802.org/1/files/private/ae-drafts/d2/802-1ae-d2-01.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Altunbasak, H., Krasser, S., Owen, H.L., Grimminger, J., Huth, HP., Sokol, J. (2005). Securing Layer 2 in Local Area Networks. In: Lorenz, P., Dini, P. (eds) Networking - ICN 2005. ICN 2005. Lecture Notes in Computer Science, vol 3421. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31957-3_79
Download citation
DOI: https://doi.org/10.1007/978-3-540-31957-3_79
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25338-9
Online ISBN: 978-3-540-31957-3
eBook Packages: Computer ScienceComputer Science (R0)