Address resolution protocol attack processing method and device

A technology of address resolution protocol and processing method, which is applied in the field of processing method and device of address resolution protocol attack, can solve problems such as network congestion, inability to process in time, bad impact of ARP attack, etc., and achieve the effect of shortening the solution time

Inactive Publication Date: 2017-10-24
北京新网数码信息技术有限公司
View PDF17 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

ARP attack is to achieve ARP spoofing by forging IP addresses and MAC addresses, which can generate a large amount of ARP traffic in the network and block the network. As long as the attacker continuously sends out forged ARP response packets, the IP in the target host's ARP cache can be changed. -MAC entries, causing network outages or man-in-the-middle attacks
[0004] The impact caused by ARP attacks is bad, affecting the user network environment, resulting in poor user experience. In the prior art, when an ARP attack occurs, it is often unable to be monitored in time, and then cannot be processed in time. Once an ARP attack occurs, it may cause damage to the user. serious consequence

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Address resolution protocol attack processing method and device
  • Address resolution protocol attack processing method and device
  • Address resolution protocol attack processing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] Embodiment 1 of the present invention provides a processing method for address resolution attacks, the process of which is as follows figure 1 As shown, the steps are as follows:

[0054] S100. Monitor a network port corresponding to each virtual local area network in at least one virtual local area network, where each virtual local area network includes at least one virtual host.

[0055] In a preferred embodiment, in the technical solution proposed in Embodiment 1 of the present invention, when there are multiple virtual local area networks, multi-threading technology is used to simultaneously monitor the corresponding network ports of the multiple virtual local area networks.

[0056] Wherein, multi-thread technology refers to the network port that can monitor a plurality of to be monitored at the same time, in prior art, generally only has the monitoring of single interface, the present invention adopts multi-thread technology to simultaneously monitor the respectiv...

Embodiment 2

[0093] Embodiment 2 of the present invention provides an address resolution protocol attack processing device, such as Figure 4 As shown, it includes: a monitoring module 401 , an extraction module 402 , a determination module 403 and an execution module 404 .

[0094] Wherein, the monitoring module 401 is configured to monitor a network port corresponding to each virtual local area network in at least one virtual local area network, and each virtual local area network includes at least one virtual host.

[0095] The monitoring module 401 is specifically used to simultaneously monitor network ports corresponding to multiple virtual local area networks by using multi-threading technology when the network includes multiple virtual local area networks.

[0096] The extracting module 402 is used to obtain the address resolution protocol ARP data packet sent by each virtual host through the network port in real time, and extract the data link layer media access control MAC address...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an address resolution protocol attack processing method and device, the method comprises the steps: a network port corresponding to each virtual local area network in at least one virtual local area network is monitored, each virtual local area network comprises at least one virtual host; an ARP (address resolution protocol) data packet sent by each virtual host through the network port is acquired in real time, and an MAC (media access control) address, a source MAC address and a source IP address of a data link layer in the ARP data packet are extracted; according to the MAC address, the source MAC address and the source IP address of the data link layer and a mapping relation between a pre-saved MAC address of a data chain layer and a pre-saved IP address of a network layer of the virtual host, an ARP attack type is determined; and according to the determined ARP attack type and a mapping relation between the preset ARP attack type and a processing instruction, the processing instruction corresponding to the ARP attack type is determined and executed. According to the embodiment of the invention, the ARP attack of the virtual host can be monitored in real time and processed in time.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to a processing method and device for address resolution protocol attacks. Background technique [0002] With the development of information technology, computer networks have brought great convenience to people's lives, making the sharing of information resources an indispensable part of people's daily life. However, some criminals use some illegal technical means to Deception attacks others in the network, among which ARP attack is a common means of network attack. [0003] ARP (Address Resolution Protocol, Address Resolution Protocol) is a network layer located in the TCP (Transmission Control Protocol, Transmission Control Protocol) / IP (Internet Protocol, protocol for interconnecting networks) protocol stack, responsible for resolving an IP address into the corresponding MAC address. ARP attack is to achieve ARP spoofing by forging IP addresses and MAC addresses...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/24
CPCH04L63/145H04L41/069H04L61/103H04L63/1416H04L63/1466
Inventor 史宁
Owner 北京新网数码信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap