• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.4
• /
• pp.203-210
• /
• 2017

Address resolution protocol (ARP) is used for binding a logical address to a physical address in many network technologies. However, since ARP is an stateless protocol, it always abused for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for improving security of ARP protocol. In this paper, we present an address auto-resoultion (AAR) network system to neutralize the ARP-based attacks. The AAR turns off the communication function of ARP messages(e.g. request and reply), but does not disable the ARP table. In our system, the MAC address of destination was designed to be derived from destination IP address so that the ARP table can be managed statically without prior knowledge (e.g., IP and MAC address pairs). In general, the AAR is safe from the ARP-based attacks since it disables the ARP messages and saves network traffics due to so.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.10a
• /
• pp.234-237
• /
• 2016

Address Resolution Protocol (ARP) is used for mapping a network address to physical address in many network technologies. However, since ARP protocol has no security feature, it always abused by attackers for performing ARP-based attacks. Researchers presented many technologies to improve ARP protocol, but most of them require a high implementation cost or scarify the network performance for using ARP protocol securely. In this paper, we present an ARP-disabled network system to neutralize the ARP-based attacks. "ARP-disabled" means suppress the ARP messages like request, response and broadcast messages, but not the ARP table. In our system, ARP tables are used for managing static ARP entries without prior knowledge (e.g. IP, MAC list of client devices). This is possible because the MAC address was designed to be derived from IP address. In general, our system is safe from the ARP-based attacks even the attacker has a strong power. Moreover, we saved network bandwidth by disabling the ARP messages.

• Journal of information and communication convergence engineering
• /
• v.12 no.3
• /
• pp.154-160
• /
• 2014

The address resolution protocol (ARP) provides dynamic mapping between two different forms of addresses: the 32-bit Internet protocol (IP) address of the network layer and the 48-bit medium access control (MAC) address of the data link layer. A host computer finds the MAC address of the default gateway or the other hosts on the same subnet by using ARP and can then send IP packets. However, ARP can be used for network attacks, which are one of the most prevalent types of network attacks today. In this study, a new ARP algorithm that can prevent IP spoofing attacks is proposed. The proposed ARP algorithm is a broadcast ARP reply and an ARP notification. The broadcast ARP reply was used for checking whether the ARP information was forged. The broadcast ARP notification was used for preventing a normal host's ARP table from being poisoned. The proposed algorithm is backward compatible with the current ARP protocol and dynamically prevents any ARP spoofing attacks. In this study, the proposed ARP algorithm was implemented on the Linux operating system; here, we present the test results with respect to the prevention of ARP spoofing attacks.

• Journal of Convergence Society for SMB
• /
• v.4 no.1
• /
• pp.47-53
• /
• 2014

DNS spoofing, the DNS server with the address of a specific web server intercepts them in the process of translating the attacker wants to forge a Web server that is a way to access. ARP spoofing ARP request and response messages for the protocol without authentication vorticity incorrect information as to the ARP Cache Table to store the MAC addresses of their vulnerability using the MAC address of the other computer as if it were a lie technique. These DNS / ARP spoofing attacks in detail to find out about how it looks at ways to prevent. Think about the future research directions.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.1
• /
• pp.61-71
• /
• 2017

ARP Spoofing is a basic and core hacking technology for almost all sniffing. It makes change the flow of packets by faking the 2nd layer MAC address. In this paper we suggested an efficient hacking technology for sniffing remote servers in the switched network environment. The suggested 'Faked ARP Reply Unicast Spoofing' makes the bidirectional packets sniffing possible between the client and server, and it makes simplify the procedures for ARP sniffing and hacking program. In this paper we researched the network hacking and implementation technologies based on the suggested ARP spoofing. And we researched various types of servers hacking such as Root ID and PW of Telnet/FTP server, Root ID and PW of MySQL DB server, ID and PW of Web Portal Server, and account information and transaction history of Web Banking Server. And also we researched the implementation techniques of core hacking programs for the ARP Spoofing.

• Journal of the Korea Society of Computer and Information
• /
• v.3 no.3
• /
• pp.113-120
• /
• 1998

IP over ATM is developed to support IP application in ATM network. However in typical IP-ATM standard, a ARP server exists independently at one LIS, this paper designs and implements a multiple ARP server allowing that a ARP server accommodates multiple LIS. Also, this paper implements a management agent to manage ATM equipment and a ARP server which has multiple ARP function through internet-based SNMP.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.45 no.1
• /
• pp.14-26
• /
• 2008

IP over Ethernet technology widely used as Internet access uses the ARP(Address Resolution Protocol) that translates an ip address to the corresponding MAC address. recently, there are ARP security attacks that intentionally modify the IP address and its corresponding MAC address, utilizing various tools like "snoopspy". Since ARP attacks can redirect packets to different MAC address other than destination, attackers can eavesdrop packets, change their contents, or hijack the connection. Because the ARP attack is performed at data link layer, it can not be protected by security mechanisms such as Secure Shell(SSH) or Secure Sockets Layer(SSL). Thus, in this paper, we classify the ARP attack into downstream ARP spoofing attack and upstream ARP redirection attack, and propose a new security mechanism using DHCP information for acquisition of IP address. We propose a "DHCP snoop mechanism" or "DHCP sniffing/inspection mechanism" for ARP spoofing attack, and a "static binding mechanism" for ARP redirection attack. The proposed security mechanisms for ARP attacks can be widely used to reinforce the security of the next generation internet access networks including BcN.

• Molecules and Cells
• /
• v.23 no.1
• /
• pp.115-121
• /
• 2007

Root nodule formation is controlled by plant hormones such as auxin. Auxin-repressed protein (ARP) genes have been identified in various plant species but their functions are not clear. We have isolated a full-length cDNA clone (EuNOD-ARP1) showing high sequence homology to previously identified ARP genes from root nodules of Elaeagnus umbellata. Genomic Southern hybridization showed that there are at least four ARP-related genes in the genome of E. umbellata. The cDNA clone encodes a polypeptide of 120 amino acid residues with no signal peptide or organelle-targeting signals, indicating that it is a cytosolic protein. Its cytosolic location was confirmed using Arabidopsis protoplasts expressing a EuNOD-ARP1:smGFP fusion protein. Northern hybridization showed that EuNOD-ARP1 expression was higher in root nodules than in leaves or uninoculated roots. Unlike the ARP genes of strawberry and black locust, which are negatively regulated by exogenous auxin, EuNOD-ARP1 expression is induced by auxin in leaf tissue of E. umbellata. In situ hybridization revealed that EuNOD-ARP1 is mainly expressed in the fixation zone of root nodules.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.8
• /
• pp.1088-1094
• /
• 2021

This paper proposes a partial BMA (Broadcasting Multiple Access) network structure and D-ARP (Distributed Address Resolution Protocol) method in order to support full mesh routing function in the DAMA (Demand Assigned Multiple Access)-based MF-TDMA (Multi Frequency-Time Division Multiple Access) satellite system. The partial BMA network enables legacy router devices and routing protocols to be adopted in the satellite communication system, and decreases the amount of routing protocol overhead. In addition, we introduce the D-ARP method that help a spoke satellite node acquiring the MAC (Media Access Control) address from remote satellite nodes in none BMA satellite network. The D-ARP method provides the MAC address of remote nodes to each other nodes through the broadcasting-enabled satellite channel. And we lastly evaluate and analysis the network performance of the proposed approach.

• The Bulletin of The Korean Astronomical Society
• /
• v.38 no.2
• /
• pp.34.2-34.2
• /
• 2013

Star formation beyond the galaxy discs and the principles governing it have attracted a lot of recent attention and the advent of ultraviolet (UV) and mid-infrared (MIR) telescopes like the GALEX and Spitzer have enabled major advances in such studies. In order to study the HI gas properties such as the morphology, kinematics and column density distributions, and their correlation with the star forming zones, especially in the tidal bridges, tails and debris, we carried out an HI survey of a set of Spitzer-observed interacting systems using the Giant Metrewave Radio Telescope (GMRT). Here we present results from three of these systems, Arp86, Arp181 and Arp202. In Arp86, we detect excellent star-gas correlation in the star forming tidal bridges and tails. In Arp181, we find the two interacting galaxies to be highly gas depleted and the entire gas of the system is found in the form of a massive tidal debris about 70 kpc from the main galaxies. In all three cases, Arp86, Arp181 and Arp202, the tidal debris seem to host ongoing star formation. We also detect three new candidate tidal dwarf galaxies (TDG) in these systems with large quantities of gas associated with them.