Protection of LAN-wide, P2P interactions: a holistic approach
International Journal of Communication Networks and Distributed Systems
On investigating ARP spoofing security solutions
International Journal of Internet Protocol Technology
An active intrusion detection system for LAN specific attacks
AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
A novel algorithm to prevent man in the middle attack in LAN environment
SpringSim '10 Proceedings of the 2010 Spring Simulation Multiconference
ARP spoofing: a comparative study for education purposes
2009 Information Security Curriculum Development Conference
Genuine ARP (GARP): a broadcast based stateful authentication protocol
ACM SIGSOFT Software Engineering Notes
Detection of neighbor solicitation and advertisement spoofing in IPv6 neighbor discovery protocol
Proceedings of the 4th international conference on Security of information and networks
SOCIAL: self-organizing classifier ensemble for adversarial learning
MCS'10 Proceedings of the 9th international conference on Multiple Classifier Systems
Hi-index | 0.00 |
The Address Resolution Protocol (ARP) is used by computers to map network addresses (IP) to physical addresses (MAC). The protocol has proved to work well under regular circumstances, but it was not designed to cope with malicious hosts. By performing ARP cache poisoning or ARP spoofing attacks, an intruder can impersonate another host (man-in-the-middle attack) and gain access to sensitive information. Several schemes to mitigate, detect and prevent these attacks have been proposed, but each has its limitations. In this paper we analyze each of these schemes, identify their strengths and weaknesses, and propose guidelines for the design of an alternative and (arguably) better solution to the problem of ARP cache poisoning.