Skip to main content
SpringerLink
Log in

Securing Layer 2 in Local Area Networks

  • Conference paper
Book cover Networking - ICN 2005 (ICN 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3421))

Included in the following conference series:

Abstract

Network security problems have been well known and addressed in the application, transport, or network layers. However, the Data Link Layer (Layer 2) security has not been adequately addressed yet. To secure Local or Metropolitan Area Networks, the IEEE 802.1AE Media Access Control (MAC) Security Task Group has proposed the IEEE P802.1AE Standard for Local and Metropolitan Area Networks: MAC Security (MACsec). MACsec introduces a new tag field, Security TAG (SecTAG), in Layer 2 frames. In this paper, we discuss the security concerns in Layer 2 and summarize some of the possible attacks in Layer 2 in Internet Protocol (IP) over Ethernet networks. We also provide an overview of the MACsec. Lastly, we propose to incorporate additional fields into the SecTAG to improve security in local area networks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Howard, C.: Layer 2 – The Weakest Link: Security Considerations at the Data Link Layer. Available at http://www.cisco.com/en/US/about/ac123/ac114/ac173/ac222/about_cisco_packet_feature09186a0080142deb.html

  2. Bashir, M.S.: ARP Cache Poisoning with Ettercap (August 2003), Available at http://www.giac.org/practical/GSEC/Mohammad_Bashir_GSEC.pdf

  3. Plummer, D.C.: Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware. RFC 826 (November 1982)

    Google Scholar 

  4. Rouiller, S.A.: Virtual LAN Security: weaknesses and counter measures. Available at http://www.sans.org/rr/papers/38/1090.pdf

  5. Convery, S.: Hacking Layer 2: Fun with Ethernet Switches (Blackh, at (2002), Available at http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-converyswitches.pdf

  6. IEEE P802.1AE/D2.0 Draft Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Security. Available at http://www.ieee802.org/1/files/private/ae-drafts/d2/802-1ae-d2-01.pdf

Download references

Author information

Authors and Affiliations

  1. Georgia Institute of Technology, Atlanta, GA, 30332-0250, USA

    Hayriye Altunbasak, Sven Krasser & Henry L. Owen

  2. Siemens AG, CT IC2 Corporate Technology, 81730, Munich, Germany

    Jochen Grimminger, Hans-Peter Huth & Joachim Sokol

Authors
  1. Hayriye Altunbasak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sven Krasser
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Henry L. Owen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jochen Grimminger
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hans-Peter Huth
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Joachim Sokol
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IUT, University of Haute Alsace, 34, rue du Grillenbreit, 68008, Colmar, France

    Pascal Lorenz

  2. Cisco Systems, Inc., 10 West Tasman Drive, Bldg O/2, 95134, San Jose, CA, USA

    Petre Dini

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Altunbasak, H., Krasser, S., Owen, H.L., Grimminger, J., Huth, HP., Sokol, J. (2005). Securing Layer 2 in Local Area Networks. In: Lorenz, P., Dini, P. (eds) Networking - ICN 2005. ICN 2005. Lecture Notes in Computer Science, vol 3421. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31957-3_79

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-31957-3_79

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25338-9

  • Online ISBN: 978-3-540-31957-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation