Title :
A hardware approach for detecting the ARP attack
Author :
Dessouky, M.M. ; Elkilany, W. ; Alfishawy, N.
Author_Institution :
Comput. Sci. Dept., Menoufeya Univ., Menouf, Egypt
Abstract :
This paper describes Address Resolution Protocol (ARP) and the ARP cache poisoning (ARP SPOOFING) problem and presents a proposed architecture for detecting the ARP attacks. In addition, it discusses a set of techniques used to detect the ARP poisoning attacks on switched Ethernet networks. A new practical technique by adding external hardware element to the LAN network to work as sniffer is suggested. These external elements are combined in architecture for practical implementation in production network. Results from laboratory and real-world detection experiments using several popular attack tools are also presented. The obtained practical results illustrate that the practical board works successfully for detecting the ARP attack.
Keywords :
cache storage; computer network security; local area networks; protocols; ARP attack detection; ARP cache poisoning problem; ARP spoofing problem; address resolution protocol; hardware approach; switched Ethernet networks; Access protocols; Broadcasting; Computer science; Ethernet networks; Hardware; Local area networks; Media Access Protocol; Open systems; Production; Unicast;
Conference_Titel :
Informatics and Systems (INFOS), 2010 The 7th International Conference on
Conference_Location :
Cairo
Print_ISBN :
978-1-4244-5828-8
