ARP Spoofing Based Access Control for DLNA Devices

With the prevalence of digital content and Internet, a variety of digital applications and intelligent home applications are involved in daily family life. DLNA (Digital Living Network Alliance) has provided standard guidelines to improve the interoperability of DLNA-capable devices and to enhance the usability of digital contents through DLNA Certified devices. In current DLNA specification, a DLNA device advertises its presence to everyone in the local network. Any control point application receiving the advertisement can access or control the device, and the device cannot keep its content and services away from unwanted control points. In this paper we propose an external or non-intrusive access control approach to protect devices from illegal access in DLNA networks. This approach exploits an ARP (Address Resolution Protocol) spoofing technique and a flexible list of access policies to block unauthorized DLNA requests. A software system named as DACS is implemented to realize the access control mechanism proposed in this paper. Without changing the DLNA specification, our system can be applied seamlessly with any "old" or "new" DLNA devices.