JICCE (Çѱ¹Á¤º¸Åë½ÅÇÐȸ)
Current Result Document :
ÇѱÛÁ¦¸ñ(Korean Title) |
ARP Modification for Prevention of IP Spoofing |
¿µ¹®Á¦¸ñ(English Title) |
ARP Modification for Prevention of IP Spoofing |
ÀúÀÚ(Author) |
Jung-Ha Kang
Yang Sun Lee
Jae Young Kim
Eun-Gi Kim
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 12 NO. 03 PP. 0154 ~ 0160 (2014. 09) |
Çѱ۳»¿ë (Korean Abstract) |
|
¿µ¹®³»¿ë (English Abstract) |
The address resolution protocol (ARP) provides dynamic mapping between two different forms of addresses: the 32-bit Internet protocol (IP) address of the network layer and the 48-bit medium access control (MAC) address of the data link layer. A host computer finds the MAC address of the default gateway or the other hosts on the same subnet by using ARP and can then send IP packets. However, ARP can be used for network attacks, which are one of the most prevalent types of network attacks today. In this study, a new ARP algorithm that can prevent IP spoofing attacks is proposed. The proposed ARP information was forged. The broadcast ARP notification was used for preventing a normal host's ARP table from being poisoned. The proposed algorithm is backward compatible with the current ARP protocol and dynamically prevents any ARP spoofing attacks. In this study, the proposed ARP algorithm was implemented on the Linux operating system; here, we present the test results with respect to the prevention of ARP spoofing attacks.
|
Å°¿öµå(Keyword) |
ARP cache
ARP poison
ARP spoofing
MITM
network attactk
spoofing detection
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|