{"title":"一种检测ARP攻击的硬件方法","authors":"M. Dessouky, W. Elkilany, N. Alfishawy","doi":"10.21608/MJEER.2010.66506","DOIUrl":null,"url":null,"abstract":"This paper describes Address Resolution Protocol (ARP) and the ARP cache poisoning (ARP SPOOFING) problem and presents a proposed architecture for detecting the ARP attacks. In addition, it discusses a set of techniques used to detect the ARP poisoning attacks on switched Ethernet networks. A new practical technique by adding external hardware element to the LAN network to work as sniffer is suggested. These external elements are combined in architecture for practical implementation in production network. Results from laboratory and real-world detection experiments using several popular attack tools are also presented. The obtained practical results illustrate that the practical board works successfully for detecting the ARP attack.","PeriodicalId":432955,"journal":{"name":"2010 The 7th International Conference on Informatics and Systems (INFOS)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"A hardware approach for detecting the ARP attack\",\"authors\":\"M. Dessouky, W. Elkilany, N. Alfishawy\",\"doi\":\"10.21608/MJEER.2010.66506\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes Address Resolution Protocol (ARP) and the ARP cache poisoning (ARP SPOOFING) problem and presents a proposed architecture for detecting the ARP attacks. In addition, it discusses a set of techniques used to detect the ARP poisoning attacks on switched Ethernet networks. A new practical technique by adding external hardware element to the LAN network to work as sniffer is suggested. These external elements are combined in architecture for practical implementation in production network. Results from laboratory and real-world detection experiments using several popular attack tools are also presented. The obtained practical results illustrate that the practical board works successfully for detecting the ARP attack.\",\"PeriodicalId\":432955,\"journal\":{\"name\":\"2010 The 7th International Conference on Informatics and Systems (INFOS)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-03-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 The 7th International Conference on Informatics and Systems (INFOS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21608/MJEER.2010.66506\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 The 7th International Conference on Informatics and Systems (INFOS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21608/MJEER.2010.66506","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper describes Address Resolution Protocol (ARP) and the ARP cache poisoning (ARP SPOOFING) problem and presents a proposed architecture for detecting the ARP attacks. In addition, it discusses a set of techniques used to detect the ARP poisoning attacks on switched Ethernet networks. A new practical technique by adding external hardware element to the LAN network to work as sniffer is suggested. These external elements are combined in architecture for practical implementation in production network. Results from laboratory and real-world detection experiments using several popular attack tools are also presented. The obtained practical results illustrate that the practical board works successfully for detecting the ARP attack.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
