Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense
Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense作者机构:Electrical Engineering Department The University of Jordan Amman Jordan Computer Engineering Department The University of Jordan Amman Jordan Business Information Technology Department The University of Jordan Amman Jordan Management Information Systems Department The University of Jordan Amman Jordan
出 版 物:《Communications and Network》 (通讯与网络(英文))
年 卷 期:2016年第8卷第3期
页 面:118-130页
学科分类:08[工学] 0812[工学-计算机科学与技术(可授工学、理学学位)]
主 题:Address Resolution Protocol ARP Spoofing Security Attack and Defense Man in the Middle Attack
摘 要:Networks have become an integral part of today’s world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP) protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the weaknesses of this protocol to deceive a victim’s machine and a router through creating a sort of Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will pass first through the attacker’s machine. This enables the attacker to inspect victim’s data packets, extract valuable data (like passwords) that belong to the victim and manipulate these data packets. We suggest and implement a defense mechanism and tool that counters this attack, warns the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as an operating system to implement both the attack and the defense tools. The results show the success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient way.
维普期刊数据库