In wired networks, Medium Access Control (MAC) spoofing is a well-known and extensively studied class of network security attacks in which an adversary impersonates a legitimate host by falsifying its MAC address. Despite existing defense stan- dards, such attacks remain relevant in contemporary networks. MAC spoofing can enable Man-In-The-Middle (MITM) attacks, allowing an attacker to intercept and inject traffic while posing as the victim whose MAC address has been compromised. Despite its conceptual simplicity, implementing a fully transparent MAC spoofing MITM attack is non-trivial. Existing techniques fail to maintain transparency from the victim’s perspective and may disrupt connectivity. While traffic interception is relatively straightforward, injecting traffic on behalf of the victim without affecting the victim’s normal operation is more challenging. Achieving such transparency typically requires custom code and specialized libraries that may lack portability across platforms or operate in user space rather than kernel space, thereby imposing performance limitations. This demo presents an implementation of a MAC spoofing-based MITM attack that enables transparent interception and injection of packets while impersonating the victim, without requiring custom code. The approach operates entirely in kernel space, leveraging Linux networking names- paces, and ensures complete transparency to both the victim host and its communication endpoint.

Demo. Re-designing MAC spoofing for transparent MITM attacks using linux network namespaces / Spadaccino, P., Servillo, S., Locatelli, P., Cuomo, F.. - (2026), pp. 1894-1895. (INFOCOM 2026 Tokyo; Japan ) [10.1109/infocom59046.2026.11571538].

Demo. Re-designing MAC spoofing for transparent MITM attacks using linux network namespaces

Spadaccino, Pietro
;
Servillo, Stefano;Locatelli, Pierluigi;Cuomo, Francesca
2026

Abstract

In wired networks, Medium Access Control (MAC) spoofing is a well-known and extensively studied class of network security attacks in which an adversary impersonates a legitimate host by falsifying its MAC address. Despite existing defense stan- dards, such attacks remain relevant in contemporary networks. MAC spoofing can enable Man-In-The-Middle (MITM) attacks, allowing an attacker to intercept and inject traffic while posing as the victim whose MAC address has been compromised. Despite its conceptual simplicity, implementing a fully transparent MAC spoofing MITM attack is non-trivial. Existing techniques fail to maintain transparency from the victim’s perspective and may disrupt connectivity. While traffic interception is relatively straightforward, injecting traffic on behalf of the victim without affecting the victim’s normal operation is more challenging. Achieving such transparency typically requires custom code and specialized libraries that may lack portability across platforms or operate in user space rather than kernel space, thereby imposing performance limitations. This demo presents an implementation of a MAC spoofing-based MITM attack that enables transparent interception and injection of packets while impersonating the victim, without requiring custom code. The approach operates entirely in kernel space, leveraging Linux networking names- paces, and ensures complete transparency to both the victim host and its communication endpoint.
2026
INFOCOM 2026
network security; MAC spoofing; man-in-the-middle
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Demo. Re-designing MAC spoofing for transparent MITM attacks using linux network namespaces / Spadaccino, P., Servillo, S., Locatelli, P., Cuomo, F.. - (2026), pp. 1894-1895. (INFOCOM 2026 Tokyo; Japan ) [10.1109/infocom59046.2026.11571538].
File allegati a questo prodotto
File Dimensione Formato  
Spadaccino_Demo-re-designing _2026.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.16 MB
Formato Adobe PDF
1.16 MB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1771042
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact