TARP: Ticket-based address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
VeriKey: A Dynamic Certificate Verification System for Public Key Exchanges
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
CLL: A Cryptographic Link Layer for Local Area Networks
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
Protection of LAN-wide, P2P interactions: a holistic approach
International Journal of Communication Networks and Distributed Systems
Enhanced ARP: preventing ARP poisoning-based man-in-the-middle attacks
IEEE Communications Letters
A novel algorithm to prevent man in the middle attack in LAN environment
SpringSim '10 Proceedings of the 2010 Spring Simulation Multiconference
Genuine ARP (GARP): a broadcast based stateful authentication protocol
ACM SIGSOFT Software Engineering Notes
Hands-on lab exercises implementation of DoS and MiM attacks using ARP cache poisoning
Proceedings of the 2011 Information Security Curriculum Development Conference
A security architecture for protecting LAN interactions
ISC'06 Proceedings of the 9th international conference on Information Security
IPOM'06 Proceedings of the 6th IEEE international conference on IP Operations and Management
An efficient solution to the ARP cache poisoning problem
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Performance analysis of dynamic host isolation system in wireless mobile networks
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V
Detecting ARP spoofing: an active technique
ICISS'05 Proceedings of the First international conference on Information Systems Security
A client/server based mechanism to prevent ARP spoofing attacks
ICSI'12 Proceedings of the Third international conference on Advances in Swarm Intelligence - Volume Part II
Collaborative approach to mitigating ARP poisoning-based Man-in-the-Middle attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Tapping into the communication between two hosts on aLAN has become quite simple thanks to tools that can bedownloaded from the Internet. Such tools use the AddressResolution Protocol (ARP) poisoning technique, which relies on hosts caching reply messages even though the corresponding requests were never sent. Since no message authentication is provided, any host of the LAN can forge amessage containing malicious information.This paper presents a secure version of ARP that provides protection against ARP poisoning. Each host has apublic/private key pair certified by a local trusted party onthe LAN, which acts as a Certification Authority. Messagesare digitally signed by the sender, thus preventing the injection of spurious and/or spoofed information. As a proofof concept, the proposed solution was implemented on aLinux box. Performance measurements show that PKI basedstrong authentication is feasible to secure even low levelprotocols, as long as the overhead for key validity verification is kept small.