Method for realizing address resolution protocol (ARP) deception detection on switch

A technology of ARP spoofing and switches, applied in the field of network security, can solve problems affecting network operation, lack of protocol model, increase in network data volume, etc., and achieve the effect of improving network robustness

Inactive Publication Date: 2013-04-17
CHINA NAT ACAD NANOTECH & ENG
View PDF0 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among the above-mentioned methods, the first one needs to solve the security problem of the ARP proxy server to prevent the proxy server from being attacked, but in practice the proxy server is easy to become an attack target, so it is difficult to guarantee the security of the ARP proxy server; The cost

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing address resolution protocol (ARP) deception detection on switch
  • Method for realizing address resolution protocol (ARP) deception detection on switch
  • Method for realizing address resolution protocol (ARP) deception detection on switch

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0018] Embodiment: a kind of method that realizes ARP spoofing detection on switchboard, it is characterized in that concrete steps are as follows:

[0019] (1) In the switch, set up a message distribution module, an ARP spoofing detection module, an alarm module, and an ARP table; wherein the message distribution module is used to detect the message type and determine whether it is an ARP message; the ARP spoofing detection module is responsible for detecting ARP message to determine whether there is ARP spoofing; the alarm module is used to prompt the administrator; the ARP table is used to cache the IP / MAC address pair in the received ARP message, which consists of several ARP records, and each ARP record includes The IP / MAC address pair taken out in the text, and the time when the ARP message is received, the ARP table is empty when the switch is powered on;

[0020] (2) After the switch is powered on, the message distribution module enters the working state, and the messa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for realizing address resolution protocol (ARP) deception detection on a switch. The method specifically comprises the following steps of: sending switch input into a message distribution module; when the entered message is an ARP message, judging whether an ARP storm occurs by the message distribution module, if the ARP storm occurs, prompting by an alarm module, and if the ARP storm does not occur, distributing the ARP message to the ARP deception detection module; and judging whether ARP deception occurs by the ARP deception detection module through the information recorded by an ARP table, if so, recording a deception event, and prompting by the alarm module. By the adoption of the method, the disadvantages of low safety, high cost and the like in a related technology are overcome, and the problem of the ARP deception is solved in an extremely economic way.

Description

(1) Technical field: [0001] The invention relates to Ethernet transmission security, belongs to the field of network security, and is used for designing a more secure switch, in particular a method for realizing ARP deception detection on the switch. (two) background technology: [0002] In the TCP / IP protocol cluster, the function of Address Resolution Protocol (English name is Address Resolution Protocol, hereinafter referred to as ARP) is in the Internet Protocol (English name is Internet Protocol, hereinafter referred to as IP) address and media access control (English name It provides dynamic mapping between Media Access Control (hereinafter referred to as MAC) addresses, and converts 32-bit IP addresses into 48-bit MAC addresses, so that IP packets can be correctly transmitted in the link. [0003] At the beginning of the design of the ARP protocol, the hosts in the network were considered to be trusted, so the ARP protocol was designed as an agreement between trusted ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/12
Inventor 王钟颖
Owner CHINA NAT ACAD NANOTECH & ENG
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap