Local area network security protection system and method for defending ARP spoofing and network scanning

A technology of ARP spoofing and network scanning, applied in the field of LAN security protection system, can solve the problems of poor detection ability, high false alarm rate, difficult real-time active defense, etc., and achieve the effect of preventing hijacking and sniffing and increasing difficulty

Active Publication Date: 2021-04-20
张长河
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This type of method often has a high false alarm rate, and has poor detection capabilities for concealed network scanning or ARP spoofing behavior. Attackers can use new attack methods to evade the secu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Local area network security protection system and method for defending ARP spoofing and network scanning
  • Local area network security protection system and method for defending ARP spoofing and network scanning
  • Local area network security protection system and method for defending ARP spoofing and network scanning

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0046]The technical solutions of the present invention will be described in detail below with reference to the accompanying drawings to understand the scope of the invention, but is not limited to the scope of the invention.

[0047]The defense ARP spoofing and network scanning of the present invention is mainly used in DHCP environments, against ARP spoofing and network scans in the LAN. First, the technological innovation principle of the present invention will be described. The basic technical idea of ​​the present invention is that first, the DHCP interaction phase of the IP address is first obtained at the local area network, and the DHCP server is modified to the host's IP address and the default gateway IP, so that the IP address obtained by each host monoped a network segment, ie The IP addresses of the two hosts belong to different network segments (the IP obtained by the modified IP and the default gateway IP obtained in the same network segment); secondly, randomly generate ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a local area network security protection system and method for defending against ARP spoofing and network scanning, and the basic technical idea is that the method comprises the steps: an IP address and a default gateway IP allocated to a host by a DHCP server at a DHCP interaction stage are modified when the host in a local area network obtains the IP address, wherein the IP address obtained by each host occupies one network segment alone; and ARP spoofing between hosts in the same network segment is eradicated; secondly, a plurality of inexistent disguised hosts are randomly generated in a network segment where each host IP is located, the disguised hosts can generate false flow to confuse attackers, attack trapping and false response can be performed on scanning behaviors of the attackers, and when the attackers actively scan a local area network, the attackers can touch the false hosts with a great probability, and the false host can be used for carrying out real-time early warning and blocking on scanning behaviors of an attacker; and thirdly, the default gateway IP allocated to the host is dynamically updated when the DHCP lease of the host expires for renewing, thereby increasing the difficulty of implementing ARP spoofing on the gateway.

Description

technical field [0001] The invention relates to the field of network security, in particular to a local area network security protection system and method for defending against ARP deception and network scanning. Background technique [0002] With the rapid development of information technology, the Internet has become an inaccessible part of human production and life. As of December 2018, the number of Internet users in my country reached 829 million, with a penetration rate of 59.6%, an increase of 3.8 percentage points from the end of 2017. 56.53 million new netizens were added. The number of mobile phone netizens in my country has reached 817 million, and the proportion of Internet users accessing the Internet through mobile phones is as high as 98.6%. With the development of mobile Internet technology, the large-scale popularization of wireless network technology represented by WIFI has had a profound impact on social and economic development and people's daily life. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/12
Inventor 张长河
Owner 张长河
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products