Method and system for preventing local area network ARP defection attacks

A technology of ARP spoofing and local area network, applied in the direction of transmission system, digital transmission system, data exchange network, etc., can solve the problems of unable to prevent ARP, unable to form correct ARP cache table, spoofing, etc., to save network bandwidth and block ARP The effect of cheating and reducing waste

Inactive Publication Date: 2010-01-27
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF0 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] After the sticky learning feature is enabled, the ARP cache entries learned through ARP request packets or ARP response packets will not be updated before aging. After the aging time expires, the ARP cache entries will be deleted, and you can start The new learning process, this implementation method has certain problems, once the ARP attack message generates the ARP cache table before the normal ARP message, the normal host will not be able to form the correct ARP cache table in the network device, and it will not be possible to prevent The purpose of ARP spoofing, affecting the use of normal hosts

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for preventing local area network ARP defection attacks
  • Method and system for preventing local area network ARP defection attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Below in conjunction with accompanying drawing and embodiment the present invention is described in further detail:

[0028] like figure 1 Shown is the schematic flow sheet of the method of the present invention, comprises in the figure:

[0029] Step 11, matching the mapping table.

[0030] Match the IP-MAC address resolution mapping relationship in the ARP packets sent and received from the local machine with the custom IP-MAC address resolution mapping table. The custom address resolution mapping table of each terminal is always consistent with the IP-MAC address resolution mapping table in the service program. The administrator has the authority to modify the custom address resolution mapping table, and the terminal host user cannot modify it. The custom address resolution mapping table The table does not change with the information of ARP packets in the network. If the IP-MAC address mapping relationship in the sent or received ARP request message matches the IP...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for preventing local area network ARP defection attacks, which mainly comprises the following steps: disposing a defined address resolution mapping table between a network card and an operating system of a terminal host in a local area network to ensure that each terminal only has one IP and MAC mapping relation; ensuring the correctness of the mapping table by a service program; and ensuring whether the ARP is reliable or not by matching ARP packs transmitted and received by the terminal host and the mapping table. The invention also discloses a system for preventing local area network ARP defection attacks; and the terminal host can defense the ARP attacks of a local host and the outside in the local area network.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and system for preventing ARP address spoofing attacks in the network. Background technique [0002] In the current network environment, ARP (Address Resolution Protocol, Address Resolution Protocol) is an underlying protocol located in the TCP / IP protocol stack, and its function is to convert an IP address into a corresponding physical address. [0003] The basic function of the ARP protocol is to query the MAC address of the target device through the IP address of the target device to ensure the communication. [0004] The main implementation mechanism of the ARP protocol in the network is as follows: each set of hosts has an address resolution protocol ARP cache table, and the IP address and MAC address in the table correspond one-to-one, representing the mapping relationship between the IP address and the MAC address of the terminal device. The ARP message has a dyna...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/56
Inventor 朱鸣
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap