ARP (Address Resolution Protocol) auxiliary model based on SDN (Software Defined Network)

A technology of ARP protocol and ARP request, applied in the field of ARP protocol auxiliary model based on SDN, it can solve the problems of inability to fundamentally solve ARP attacks, limited ARP traffic restriction ability, etc., achieve safe and correct ARP response, prevent and track ARP attacks , to eliminate the effect of ARP broadcast

Inactive Publication Date: 2017-03-15
COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
View PDF5 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The existing technologies represented by the above-mentioned patent risks have limited ability to restrict ARP traffic in the network, and cannot fundamentally solve ARP attacks in the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ARP (Address Resolution Protocol) auxiliary model based on SDN (Software Defined Network)
  • ARP (Address Resolution Protocol) auxiliary model based on SDN (Software Defined Network)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The key to the work of the ARP protocol auxiliary model is that the network administrator centrally manages the IP and MAC information of the hosts in the network. These key information can be manually configured by the administrator or collected from the DHCP service of the network. When the ARP datagram is sent by the host and is transmitted to the interface of the SDN switch directly connected to the host, the switch reports the data packet to the SDN controller because the flow entry fails to match. The controller hands the Layer 2 data frame wrapped with the ARP datagram to the auxiliary model of the ARP protocol for processing. On this basis, the ARP protocol auxiliary model mainly includes:

[0028]ARP datagram filtering module: used to detect the correctness of the format of the ARP message reported by the switch, and the ARP message passed through the detection enters the processing logic of the ARP request datagram processing module;

[0029] Described correc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an ARP (Address Resolution Protocol) auxiliary model based on an SDN (Software Defined Network). The ARP auxiliary model comprises an ARP datagram filtering module, an ARP request datagram processing module, an ARP response message sending module, an ARP traffic statistics and analysis module and an IP-MAC (Internet Protocol-Media Access Control) mapping table management and configuration module, wherein the ARP datagram filtering module is used for performing format correctness detection on an ARP message reported by a switch; the ARP request datagram processing module is used for answering an ARP request message; the ARP response message sending module is used for constructing and sending an ARP response datagram of a non-empty query result; the ARP traffic statistics and analysis module is used for receiving various ARP message event records and switch port information transmitted by the ARP datagram filtering module and the ARP request processing module; and the IP-MAC mapping table management and configuration module is used for providing management and configuration interfaces of an IP-MAC mapping table. When the ARP auxiliary model is applied to the SDN, ARP broadcast can be effectively isolated; ARP spoofing is prevented; an executor of the ARP spoofing is traced; and global IP-MAC information is managed and maintained.

Description

technical field [0001] The present invention relates to the field of network security and network management, in particular to an SDN-based ARP protocol auxiliary model. Background technique [0002] ARP spoofing and ARP broadcast storms have always been fundamental problems faced by network management. The ARP protocol is used to establish the mapping between the host IP and the physical address of the host in the LAN, and is an important basic protocol in the TCP / IP protocol. The ARP protocol is simple and effective but lacks security mechanisms at the same time. The threshold for network attacks is very low. After being attacked, it will lead to serious consequences such as network bandwidth consumption, switch resource occupation, session hijacking, denial of service attacks, broadcast storms, etc., and it is difficult to track the source of the attack. . In traditional computer networks, ARP spoofing and ARP broadcasting can be controlled to a certain extent, but at t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06H04L29/12H04L12/801
CPCH04L61/103H04L41/145H04L47/10H04L63/1466
Inventor 马绍良
Owner COMP APPL RES INST CHINA ACAD OF ENG PHYSICS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap