Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
A secure address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
S-ARP: a Secure Address Resolution Protocol
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
A Look Back at "Security Problems in the TCP/IP Protocol Suite"
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
A Multivariate Adaptive Method for Detecting ARP Anomaly in Local Area Networks
ICSNC '06 Proceedings of the International Conference on Systems and Networks Communication
| Hi-index | 0.00 |
After the ARP protocol was drafted, a subtle weakness in the protocol was discovered. In fact, ARP provides no means to establish the authenticity of the source of incoming ARP packets. That's why any host of a LAN network can forge an ARP message containing malicious information to poison the ARP caches of target hosts. This lack of authentication mechanisms has made ARP vulnerable to a raft of IP-based impersonation, Man-in-the-Middle (MiM) and DoS attacks. In this paper we discuss a security solution to solve the ARP vulnerabilities and authenticity issues. For that purpose, a novel secure extended ARP protocol is proposed. In addition, the LAN switch has been enhanced to assume the role of "Trusted Authority" and assure the hosts authentication while exchanging ARP messages.