The Journal of Supercomputing

, Volume 72, Issue 5, pp 1740–1756 | Cite as

RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks

  • Daesung Moon
  • Jae Dong Lee
  • Young-Sik Jeong
  • Jong Hyuk Park


The motion of address resolution protocol (ARP) is done without any problem in a general environment, but it is not considered from the security aspect; therefore, it risks being threatened by an attack from the network called ARP spoofing or ARP poisoning. The attacker can approach the transmission data between hosts by disguising itself as a different host through an ARP spoofing attack and can isolate the host as the target of an attack from the network. In this paper, we propose a routing trace-based network security system for preventing ARP spoofing attacks. Our proposed system includes detection, protection, and recovery techniques to prevent an ARP spoofing attack in the internal network. Whether an ARP spoofing attack occurs is confirmed through the periodic monitoring of the ARP table and a routing trace. The system can prevent ARP spoofing attacks without modifications to the ARP or the addition of cryptographic measures. In addition, it provides security and efficiency by overcoming the weak points of the existing researches.


Network security Routing trace ARP spoofing 



This work was sponsored by the Korea Ministry of Science, ICT and Future Plan under Cyber targeted attack recognition and trace-back technology (SINBAPT) Project [13-921-06-001].

Special thanks are due to Min Su Song (SeoulTech) for assistance in the preparation of this article.


  1. 1.
    Lone IA, Ali J, Lone K (2013) IDARP: ID-based address resolution protocol. Int J Comput Technol 4(2):277–283Google Scholar
  2. 2.
    Wu L, Yu T, Wu D, Cheng J (2011) The research and implementation of ARP monitoring and protection. Proc Internet Technol Appl:1–4Google Scholar
  3. 3.
    Philip R (2007) Securing wireless networks from ARP cache poisoning. Master’s Projects, San Jose State University, p 131Google Scholar
  4. 4.
    Abad CL, Bonilla RI (2007) An analysis on the schemes for detecting and preventing ARP cache poisoning attacks. Distrib Comput Syst Workshops:60Google Scholar
  5. 5.
    Dubey T, Sahu OP (2013) Self-localized packet forwarding in wireless sensor networks. J Inform Proc Syst 9(3):477–488CrossRefGoogle Scholar
  6. 6.
    Obaidat MS, Zarai F (2012) Novel algorithm for secured mobility and IP traceability for WLAN networks. J Convergence 3(2):1–8Google Scholar
  7. 7.
    Singh R, Singh P, Duhan M (2014) An effective implementation of security based algorithmic approach in mobile adhoc networks. Human-centric Comput Inform Sci 4(1):1–14Google Scholar
  8. 8.
    Gouda MG, Huang CT (2003) A secure address resolution protocol. Int J Comput Telecommun Networking 41:57–71zbMATHGoogle Scholar
  9. 9.
    Bruschi D, Ornaghi A, Rosti E (2003) S-ARP: a secure address resolution protocol. Proc Comput Secur Appl Conf:66–74Google Scholar
  10. 10.
    Lootah W, Enck W, McDaniel P (2007) TARP: ticket-based address resolution protocol. Comput Netw 51(15):4322–4337CrossRefGoogle Scholar
  11. 11.
    Xing W, Zhao Y, Li T (2010) Research on the defense against ARP spoofing attacks based on WinPcap. In: Proceedings of Second International Workshop on Education Technology and Computer Science (ETCS2010), pp 762–765Google Scholar
  12. 12.
    Limmaneewichid P, Lilakiatsakun W (2011) P-ARP: a novel enhanced authentication scheme for securing ARP. In: Proceeding of 2011 International Conference on Telecommunication Technology and Applications, vol 5, pp 83–87Google Scholar
  13. 13.
    Oh M, Kim Y-G, Hong S, Cha SD (2012) ASA: agent-based secure ARP cache management. IET Commun 6(7):685–693CrossRefGoogle Scholar
  14. 14.
    Song MS, Lee JD, Jeong J-S, Jeong H-Y, Park JH (2014) DS-ARP: a new detection scheme for ARP spoofing attacks based on routing trace for ubiquitous environments. SCIE 2014:7 Article ID 264654Google Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Daesung Moon
    • 1
  • Jae Dong Lee
    • 2
  • Young-Sik Jeong
    • 3
  • Jong Hyuk Park
    • 2
  1. 1.Network Security Research TeamElectronics and Telecommunications Research InstituteDaejeonRepublic of Korea
  2. 2.Department of Computer Science and EngineeringSeoulTechSeoulRepublic of Korea
  3. 3.Department of Multimedia EngineeringDongguk UniversitySeoulRepublic of Korea

Personalised recommendations