Proposed Comprehensive Eavesdropping Detection Solution in Multi-VLAN Switched Network Based on IPFIX Flow

doi:10.5121/ijcnc.2025.17605

Volume 17, Number 6

Proposed Comprehensive Eavesdropping Detection Solution in Multi-VLAN Switched Network Based on IPFIX Flow

Authors

Viet H. Le ¹, Huy-Trung Nguyen ², Cuong V. Trinh ¹ and Tran Minh Hieu ², ¹ People’s Security Academy, Vietnam
² Research Institute of Posts and Telecommunications, Vietnam

Abstract

With the rapid development of the Internet of Things trend, the components participating in traditional computer networks are increasingly complex, and the risk of eavesdropping is increasing and difficult to detect. In this paper, an eavesdropping detection method for multi-VLAN switching networks based on IPFIX flows is presented. The proposed method will generate and send special packets to stimulate responses from potential sniffers in VLAN networks. Combined with the use of IPFIX to collect and analyse flow data from network devices, it helps detect eavesdropping devices in VLAN networks. The proposed method has been proven effective in the EVE-NG simulation environment with different test scenarios.

Keywords

Eavesdropping Detection; Multi-VLAN; IPFIX Flow.

Archives