Browse > Article

The core information protection mechanism in the BcN(Broadband Convergence Network)  

Oh, Sek-Hoan (KT Corp.)
Lee, Jae-Yong (Division of Electrical and Computer Engineering, Chungnam National University)
Kim, Byung-Chul (Division of Electrical and Computer Engineering, Chungnam National University)
Publication Information
Journal of the Institute of Electronics Engineers of Korea TC / v.45, no.1, 2008 , pp. 14-26 More about this Journal
Abstract
IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.
Keywords
ARP attack; eavesdrop; session hijecking; network security;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Address Resolution Protocol, RFC 826: http://www.ietf.org/rfc/rfc903.txt
2 Hastings, N.E, TCP/IP spoofing fundamentals, Computers and Communications, 1996, Conference Proceedings of the 1996 IEEE Fifteenth Annual International Phoenix Conference (1996) 218-224
3 M. Laubach. 'Classical IP and ARP over ATM' RFC1577, Jan.1994
4 최원우, 정진욱, 안성진, 'A Study on Network Security Problems Analysis of ARP Mechanism', 한국 응용 수학회, Aug 2004
5 William Stallings, 'Network Security Essentials Application and Standards Second Edition', 2002
6 정진욱, 김현철, 조상홍, '컴퓨터 네트워크' 생능 출판사, 2002
7 S. Kent and R. Atkinson, Security architecture for th Internet Protocol, RFC 2401, 1998
8 Fred Halsall, 'Data Communications, Computer Networks and Open Systems', ADDISON WESLEY, 1996
9 Miscellaneous Security: hacking tools. http://www.experts-exchange.com/Security/Misc/Q_21287353.html
10 Sanjeev Kumar, IEEE Senior Member, USA, Impact of Distributed Denial of Service (DDoS) Due to ARP Storm
11 DHCP Relay Agent Information Option (RFC 3046): http://www.ietf.org/rfc/rfc3046.txt
12 A. Householder and B. King. Securing an internet name server. http://www.cert.org/archive
13 Dynamic Host Configuration Protocol (RFC 1531): http://www.ietf.org/rfc/rfc1531.txt