Browse > Article
http://dx.doi.org/10.3745/KTCCS.2017.6.4.203

Address Auto-Resolution Network System for Neutralizing ARP-Based Attacks  

Jang, RhongHo (인하대학교 컴퓨터공학부)
Lee, KyungHee (수원대학교 전기공학과)
Nyang, DaeHun (인하대학교 컴퓨터정보공학과)
Youm, HeungYoul (순천향대학교 정보보호학과)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.6, no.4, 2017 , pp. 203-210 More about this Journal
Abstract
Address resolution protocol (ARP) is used for binding a logical address to a physical address in many network technologies. However, since ARP is an stateless protocol, it always abused for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for improving security of ARP protocol. In this paper, we present an address auto-resoultion (AAR) network system to neutralize the ARP-based attacks. The AAR turns off the communication function of ARP messages(e.g. request and reply), but does not disable the ARP table. In our system, the MAC address of destination was designed to be derived from destination IP address so that the ARP table can be managed statically without prior knowledge (e.g., IP and MAC address pairs). In general, the AAR is safe from the ARP-based attacks since it disables the ARP messages and saves network traffics due to so.
Keywords
ARP Spoofing; ARP Message Disable; Static ARP Lable; Network Bandwidth Saving; MAC Address Derivation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Attack case, Insite, http://www.insight.co.kr/article.php?Art No=30180, Oct, 2015.
2 D. Bruschi, A. Ornaghi, and E. Rosti, "S-ARP: a Secure Address Resolution Protocol," 19th Annual Computer security Application Conference (ACSAC), Las Vegas, pp. 66-74, 2003.
3 M. Oh, Y. Kim, S. Hong, and S.D. Cha, "ASA: Agent-based Secure ARP Cache Management," IET Communications, Vol.6, No.7, pp.685-693, 2012.   DOI
4 M. G. Gouda and C. Huang, "A secure address Resolution Protocol," Computer Networks, Vol 41, No.1. pp.57-71, 2003.   DOI
5 W. Lootah, W. Enck, and P. McDaniel, "TARP: Ticket- Based Address Resolution Protocol," Computer Networks, Vol.51, No.15, pp.4322-4337, Oct., 2007.   DOI
6 S. Y. Nam, D. W. Kim, and J. G. Kim, "Enhanced ARP: Preventing ARP Poisoning-Based Man-in-the-Middle Attacks," IEEE Communications Letters (ICL), Vol.14, No.2, pp.187-189, 2010.   DOI
7 P. Pandey, "Prevention of ARP spoofing: A Probe Packet based Technique," Advance Computing Conference (IACC), Ghaziabad, pp.147-153, 2013.
8 A. M. Abdelsalam, W. S. Elkilani, and K. M. Amin, "An Automated Approach for Preventing ARP spoofing Attack using Static ARP Entries," International Journal of Advanced Computer Science and Applocations (IJACSA), Vol.5, No.1, 2014.
9 D. Srinath, S. Panimalar, A. J. Simla, and J. Deepa, "Detection and Prevention of ARP spoofing using Centralized Server," International Journal of Computer Applications, Vol.113, No.19, Mar., 2015.   DOI
10 T. Alharbi, D. Durando, F. Pakzad, and M. Portmann, "Securing ARP in Software Defined Networks," 41st IEEE Conference on Local Computer Networks, Dubai, pp. 523-526, 2016.
11 D. Moon, J. Lee, Y. Jeong, and J. Park, "RTNSS: a Routing Trace-Based Network Security System for Preventing ARP Spoofing Attacks," The Journal of Supercomputing, Vol.72, No.5, pp.1740-1756, 2016.   DOI
12 Huawei Technologies Co., Ltd. "Media Access Control Address Resolution Using Internet Protocol Addresses," USA, US20160241471 A1, Aug., 2016.
13 D. Battulga, R. H. Jang, and D. H. Nyang, "An ARP-Disabled Network System for Neutralizing ARP- Based Attack," KIPS FALL, Busan, pp.234-237, 2016.
14 OpenWRT [Internet], https://openwrt.org/.
15 Ip [Internet], https://linux.die.net/man/8/ip.
16 Ifconfig [Internet], https://linux.die.net/man/8/ifconfig.
17 Arp [Internet], https://linux.die.net/man/8/arp.
18 ARPspoof [Internet], http://su2.info/doc/arpspoof.php.
19 SSLstrip [Internet], http://tools.kali.org/information-gatheri ng/sslstrip.