Distributed detection method and system for ARP (Address Resolution Protocol) cheating

A technology of ARP spoofing and detection method, which is applied in the distributed detection method and system field of ARP spoofing, which can solve the problems of no system, heavy workload, easy to generate errors, etc., and achieve detection of ARP attacks and countermeasures, and efficient dynamic ARP attacks and the counter effect

Active Publication Date: 2015-09-09
INST OF INFORMATION ENG CAS
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the system has a premise that it can only deal with it after detecting ARP spoofing. If the system does not detect the actual ARP spoofing, then the system will have no effect.
This method has high requirements for network administrators, a large workload, and is prone to errors

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed detection method and system for ARP (Address Resolution Protocol) cheating
  • Distributed detection method and system for ARP (Address Resolution Protocol) cheating
  • Distributed detection method and system for ARP (Address Resolution Protocol) cheating

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The specific embodiments of the invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0036] figure 1 A schematic flowchart of a distributed detection method for ARP spoofing provided by an embodiment of the present invention is shown, as shown in figure 1 As shown, the method includes:

[0037]101. Monitor the number of first data packets containing the IP addresses of the first terminal and the second terminal in requests and responses for communication between the first terminal and the second terminal within a preset period of time, and the number of first data packets of the first terminal and the second terminal The number of second data packets communicated between the first MAC address corresponding to a terminal and the second MAC address correspond...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a distributed detection method and system for ARP (Address Resolution Protocol) cheating. The method comprises: monitoring the quantity of first data packets requested and answered for communication between a first terminal and a second terminal and including IP addresses of the first terminal and the second terminal, and the quantity of second data packets for communication between a first MAC (Multimedia Access Control) address corresponding to the first terminal and a second MAC address corresponding to the second terminal in a preset time period; judging whether the first data packets for communication between the first terminal and the second terminal have abnormal communication data packets to be verified according to the quantity of the first data packets and the quantity of the second data packets; and when the first data packets have the abnormal communication data packets to be verified, sending the abnormal communication data packets to be verified to the first terminal corresponding to the first MAC address, so that the first terminal verifies the abnormal communication data packets to be verified. The method and the system can be used for detecting ARP cheating behaviors in real time, and have high detection accuracy and high detection efficiency.

Description

technical field [0001] The invention relates to the technical field of communications, in particular to a distributed detection method and system for ARP spoofing. Background technique [0002] Man-in-the-middle attack (Man-in-the-middle attack) is a method of attacking data packets between two or more terminals in the network. When launching an attack, the attacker is located in the middle of the communication path of the legitimate terminal, and achieves the purpose of the attack by capturing, modifying, and forwarding the data packets between the two parties. [0003] The ARP protocol, full name Address Resolution Protocol, works in the second layer of the OSI seven-layer network model - the data link layer. Its function is to obtain the corresponding hardware address MAC according to the IP of the target terminal. There is a problem in the design of ARP, that is, it does not verify whether the source of the ARP message is legal, does not check whether the received respo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 朱大立庞娜范哲铭
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap