ARP bidirectional defense system and method

A defense system, ARP message technology, applied in transmission systems, electrical components, etc., can solve problems such as poor ARP defense capabilities, and achieve the effect of reducing the frequency of host attacks, improving security defense, and improving security.

Active Publication Date: 2019-07-16
北京华安普特网络科技有限公司
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide ARP two-way defense system and method, by arranging gateway ARP packet filter module in gateway server, and by gateway ARP packet filter module contrast gateway ARP cache mapping table to filter out abnormal ARP message; The identification unit is used to identify abnormal ARP messages and identify whether the source host is an attacking and deceiving host through the abnormal message processing module, so as to realize the safe and efficient defense of the ARP system and solve the problem of poor defense ability when the existing ARP is attacked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ARP bidirectional defense system and method
  • ARP bidirectional defense system and method
  • ARP bidirectional defense system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0036] see figure 1 As shown, the present invention is an ARP two-way defense system, comprising: a gateway server comprising a gateway ARP packet filtering module and several hosts provided with a host ARP packet filtering module; several hosts are connected to the gateway server and actively obtain the gateway MAC of the gateway server;

[0037] A gateway ARP cache mapping table is also set in the gateway server; the gateway ARP cache mapping table stores ARP req...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an ARP bidirectional defense system and method, and relates to the technical field of ARP defense. The system comprises a gateway server comprising a gateway ARP packet filtering module and a plurality of hosts provided with host ARP packet filtering modules, the plurality of hosts are connected with the gateway server and are used for actively acquiring the gateway MAC ofthe gateway server; a gateway ARP cache mapping table is also arranged in the gateway server; wherein an ARP request packet and an ARP response packet which are sent to the host through the gateway server within a preset time threshold value are stored in the gateway ARP cache mapping table. A gateway ARP packet filtering module is arranged in a gateway server, and whether an IP address and an MACaddress in an ARP message exist in a cheating record table or not is retrieved through the gateway ARP packet filtering module and used for surface monitoring of a malicious attack source host; then,the abnormal ARP message in the ARP message is identified through the gateway ARP packet filtering module and is marked as abnormity, the source host for deceptive attack is efficiently removed, andthe security is improved.

Description

technical field [0001] The invention belongs to the technical field of ARP defense, in particular to an ARP two-way defense system and method. Background technique [0002] The ARP attack problem in the local area network has been difficult to be fundamentally solved, because the current various ARP prevention measures have their own limitations. The ARP personal firewall cannot guarantee that the obtained gateway must be correct, and it cannot defend against attacks on the gateway; the binding of VLANs and switch ports does not provide any protection for the gateway. No matter how the VLAN is subdivided, once the gateway is attacked, the entire network will still be disrupted. Dropped and paralyzed, and the cost of rigid management is high; the double-binding measure has limited preventive capabilities, and management is too troublesome. [0003] The invention provides an ARP two-way defense system and method, which is dedicated to solving the problem of poor defense abili...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0254H04L63/1441
Inventor 杜小芳
Owner 北京华安普特网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap