Virtual local area network over HTTP for launching an insider attack

• URL: http://arxiv.org/abs/2507.19055v1
• Date: Fri, 25 Jul 2025 08:16:19 GMT
• Title: Virtual local area network over HTTP for launching an insider attack
• Authors: Yuksel Arslan,
• Abstract summary: This paper demonstrates how an external machine can gain access to a LAN by exploiting an unused secondary IP address.<n>Despite the presence of robust external protections, such as firewalls and IDS, this form of insider attack reveals significant vulnerabilities in the way internal threats are addressed.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Computers and computer networks have become integral to virtually every aspect of modern life, with the Internet playing an indispensable role. Organizations, businesses, and individuals now store vast amounts of proprietary, confidential, and personal data digitally. As such, ensuring the security of this data from unauthorized access is critical. Common security measures, such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and antivirus software, are constantly evolving to safeguard computer systems and networks. However, these tools primarily focus on defending against external threats, leaving systems vulnerable to insider attacks. Security solutions designed to mitigate risks originating from within the organization are relatively limited and often ineffective. This paper demonstrates how a Local Area Network (LAN) can be covertly exposed to the Internet via an insider attack. Specifically, it illustrates how an external machine can gain access to a LAN by exploiting an unused secondary IP address of the attacked LAN, effectively bypassing existing security mechanisms by also exploiting Hyper Text Transfer Protocol (HTTP). Despite the presence of robust external protections, such as firewalls and IDS, this form of insider attack reveals significant vulnerabilities in the way internal threats are addressed.

Related papers

• How To Mitigate And Defend Against DDoS Attacks In IoT Devices [0.0]
  This paper analyzes the nature and impact of DDoS attacks such as those launched by the Mirai botnet.<n>It proposes layered mitigation strategies tailored to IoT environments.<n>The paper aims to help engineers and researchers understand and implement practical countermeasures to protect IoT infrastructures.
  arXiv  Detail & Related papers  (2025-07-15T22:21:19Z)
• The Hidden Dangers of Browsing AI Agents [0.0]
  This paper presents a comprehensive security evaluation of such agents, focusing on systemic vulnerabilities across multiple architectural layers.<n>Our work outlines the first end-to-end threat model for browsing agents and provides actionable guidance for securing their deployment in real-world environments.
  arXiv  Detail & Related papers  (2025-05-19T13:10:29Z)
• Open Challenges in Multi-Agent Security: Towards Secure Systems of Interacting AI Agents [0.0]
  Decentralized AI agents will soon interact across internet platforms, creating security challenges beyond traditional cybersecurity and AI safety frameworks.<n>We introduce textbfmulti-agent security, a new field dedicated to securing networks of decentralized AI agents against threats that emerge or amplify through their interactions.
  arXiv  Detail & Related papers  (2025-05-04T12:03:29Z)
• Modern DDoS Threats and Countermeasures: Insights into Emerging Attacks and Detection Strategies [49.57278643040602]
  Distributed Denial of Service (DDoS) attacks persist as significant threats to online services and infrastructure.<n>This paper offers a comprehensive survey of emerging DDoS attacks and detection strategies over the past decade.
  arXiv  Detail & Related papers  (2025-02-27T11:22:25Z)
• Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
  Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication. Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
  arXiv  Detail & Related papers  (2024-05-21T13:34:23Z)
• Defending against cybersecurity threats to the payments and banking system [0.0]
  The proliferation of cyber crimes is a huge concern for various stakeholders in the banking sector. To prevent risks of cyber-attacks on software systems, entities operating within cyberspace must be identified. This paper will examine various approaches that identify assets in cyberspace, classify the cyber threats, provide security defenses and map security measures to control types and functionalities.
  arXiv  Detail & Related papers  (2022-12-15T11:55:11Z)
• Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots [0.0]
  Security Orchestration, Automation, and Response (SOAR) Engine dynamically deploys custom honeypots inside the internal network infrastructure based on the attacker's behavior. The presence of botnet traffic and DDOS attacks on the honeypots in the network is detected, along with a malware collection system.
  arXiv  Detail & Related papers  (2022-01-14T07:57:12Z)
• TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
  We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack. Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets. TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
  arXiv  Detail & Related papers  (2021-03-10T19:03:38Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)
• Smart Home, security concerns of IoT [91.3755431537592]
  The IoT (Internet of Things) has become widely popular in the domestic environments. People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed. Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
  arXiv  Detail & Related papers  (2020-07-06T10:36:11Z)
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
  This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
  arXiv  Detail & Related papers  (2020-07-05T18:22:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.