TARP: Ticket-based address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
An efficient solution to the ARP cache poisoning problem
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
A client/server based mechanism to prevent ARP spoofing attacks
ICSI'12 Proceedings of the Third international conference on Advances in Swarm Intelligence - Volume Part II
| Hi-index | 0.00 |
This paper discusses the Address Resolution Protocol (ARP) and the problem of ARP cache poisoning. ARP cache poisoning is the malicious act, by a host in a LAN, of introducing a spurious IP address to MAC (Ethernet) address mapping in another host's ARP cache. We discuss design constraints for a solution: the solution needs to be implemented in middleware, without access or change to any operating system source code, be backward-compatible to the existing protocol, and be asynchronous. We present our solution and implementation aspects of it in a Streams based networking subsystem. Our solution comprises two parts: a "bump in the stack" Streams module, and a separate Stream with a driver and user-level application. We also present the algorithm that is executed in the module and application to prevent ARP cache poisoning where possible, and detect and raise alarms otherwise. We then discuss some limitations with our approach and present some preliminary performance numbers for our implementation.