Method for preventing address resolution protocol (ARP) attack

A technology of ARP tables and ARP messages, applied in electrical components, transmission systems, etc., can solve the problems that the host cannot get, cannot communicate with the outside world, and messages cannot be processed, etc., to achieve the effect of preventing ARP attacks

Inactive Publication Date: 2011-04-27
OPZOON TECH
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, if the items sent by messages per unit time are limited, normal and legal messages will not be processed normally due to the limitation of the number of messages sent.
In the end, the hosts in the entire LAN cannot communicate with the outside world because they cannot get the gateway ARP.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for preventing address resolution protocol (ARP) attack
  • Method for preventing address resolution protocol (ARP) attack
  • Method for preventing address resolution protocol (ARP) attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0022] In the method of this embodiment, the ARP table is expanded, and two parameters are added: the number of refreshes and the refresh cycle, which respectively represent the number of times the ARP table is refreshed and the cycle of being refreshed, and are added to the static MAC in the MAC table. The time-to-live parameter. The specific process is as figure 1 shown, including:

[0023] Step S101, when a network device (such as a switch or a router) receives an ARP message, check whether the source MAC address therein is the static MAC in the MAC table, if it exists, then directly discard the ARP message, If it does not exist, it will be sent to the CPU for proces...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for preventing an address resolution protocol (ARP) attack. The method comprises the following steps that: S1, when receiving an ARP message, network equipment detects whether a source media access control (MAC) address in the ARP message has a static MAC in an MAC table or not, if so, the ARP message is directly discarded, otherwise, the ARP message is sent to a central processing unit (CPU) for processing; S2, when receiving the sent ARP message, the CPU of the network equipment adds one to the refreshing times of the ARP list of the ARP message; and S3, if the refreshing period is not reduced to 0 and when the refreshing times is up to a preset punishment value, one static MAC address is written for the source MAC address in the ARP message in the MAC table of the network equipment, and a time parameter value is set for the static MAC address. By the method, the ARP attack is effectively prevented under the condition of no influence on the normal communication between a host computer in a local area network and outside.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for preventing ARP (Address Resolution Protocol, Address Resolution Protocol) attacks. Background technique [0002] At present, for DOS (Denial of Service, denial of service) type ARP attacks, most network equipment manufacturers deal with security control schemes, which can be roughly divided into two types: [0003] 1. Limit the number of messages sent or responses per unit time to protect the CPU from being 100% occupied. [0004] 2. Increase the judgment of ARP legality to decide whether to respond to the message. [0005] On the one hand, the above-mentioned security control scheme only controls legality and quantity, and there is no means to completely prevent the sending of packets, so ARP attacks cannot be fundamentally prevented. [0006] On the other hand, although the above security control scheme protects the device CPU from being 100% occupied, i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 聂娟娟何希聪李海
Owner OPZOON TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap