ARP spoofing fine-grained detecting method and system

A technology of ARP spoofing and detection methods, applied in the field of fine-grained detection methods and systems of ARP spoofing, can solve the problems of no system, easy to generate errors, large workload, etc., and achieve efficient dynamic ARP attacks and countermeasures, and detect ARP attacks and counteracting effects

Active Publication Date: 2015-09-02
INST OF INFORMATION ENG CAS
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the system has a premise that it can only deal with it after detecting ARP spoofing. If the system does not detect the actual ARP spoofing, then the system will have no effect.
This method has high requirements for network administrators, a large workload, and is prone to errors

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ARP spoofing fine-grained detecting method and system
  • ARP spoofing fine-grained detecting method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The specific embodiments of the invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0035] figure 1 A schematic flowchart of a fine-grained detection method for ARP spoofing provided by an embodiment of the present invention is shown, as shown in figure 1 As shown, the method includes:

[0036] 101. Monitor the data packets of requests and responses communicated between the first terminal and the second terminal within a preset period of time, wherein the data packets include the IP address of the first terminal and the MAC address corresponding to the IP address of the first terminal address, the IP address of the second terminal, and the MAC address corresponding to the IP address of the second terminal;

[0037] 102. According to the data packet, judge...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an ARP spoofing fine-grained detecting method and system. The method comprises: monitoring a communication request and a response data packet between a first terminal and a second terminal within a preset time segment, wherein the data packet includes the IP address of the first terminal, a MAC address corresponding to the IP address of the first terminal, the IP address of the second terminal, and a MAC address corresponding to the IP address of the second terminal; determining whether an abnormal communication data packet to be verified is included in the data packet according to the data packet; and if yes, transmitting the abnormal communication data packet to be verified to the first terminal in order that the first terminal verifies the abnormal communication data packet to be verified. The method and the system may detect and find out ARP spoofing behaviors in real time, achieve high detection efficiency, guarantee one-to-one correspondence between verified IP address and the MAC address of the terminal, and achieve high-efficient and dynamic detection of ARP attack and countermeasure.

Description

technical field [0001] The invention relates to the technical field of communications, in particular to a fine-grained detection method and system for ARP spoofing. Background technique [0002] Man-in-the-middle attack (Man-in-the-middle attack) is a method of attacking data packets between two or more terminals in the network. When launching an attack, the attacker is located in the middle of the communication path of the legitimate terminal, and achieves the purpose of the attack by capturing, modifying, and forwarding the data packets between the two parties. [0003] The ARP protocol, full name Address Resolution Protocol, works in the second layer of the OSI seven-layer network model - the data link layer. Its function is to obtain the corresponding hardware address MAC according to the IP of the target terminal. There is a problem in the design of ARP, that is, it does not verify whether the source of the ARP message is legal, does not check whether the received resp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/26
Inventor 朱大立庞娜范哲铭
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap