RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks
The motion of address resolution protocol (ARP) is done without any problem in a general environment, but it is not considered from the security aspect; therefore, it risks being threatened by an attack from the network called ARP spoofing or ARP poisoning. The attacker can approach the transmission data between hosts by disguising itself as a different host through an ARP spoofing attack and can isolate the host as the target of an attack from the network. In this paper, we propose a routing trace-based network security system for preventing ARP spoofing attacks. Our proposed system includes detection, protection, and recovery techniques to prevent an ARP spoofing attack in the internal network. Whether an ARP spoofing attack occurs is confirmed through the periodic monitoring of the ARP table and a routing trace. The system can prevent ARP spoofing attacks without modifications to the ARP or the addition of cryptographic measures. In addition, it provides security and efficiency by overcoming the weak points of the existing researches.
KeywordsNetwork security Routing trace ARP spoofing
This work was sponsored by the Korea Ministry of Science, ICT and Future Plan under Cyber targeted attack recognition and trace-back technology (SINBAPT) Project [13-921-06-001].
Special thanks are due to Min Su Song (SeoulTech) for assistance in the preparation of this article.
- 1.Lone IA, Ali J, Lone K (2013) IDARP: ID-based address resolution protocol. Int J Comput Technol 4(2):277–283Google Scholar
- 2.Wu L, Yu T, Wu D, Cheng J (2011) The research and implementation of ARP monitoring and protection. Proc Internet Technol Appl:1–4Google Scholar
- 3.Philip R (2007) Securing wireless networks from ARP cache poisoning. Master’s Projects, San Jose State University, p 131Google Scholar
- 4.Abad CL, Bonilla RI (2007) An analysis on the schemes for detecting and preventing ARP cache poisoning attacks. Distrib Comput Syst Workshops:60Google Scholar
- 6.Obaidat MS, Zarai F (2012) Novel algorithm for secured mobility and IP traceability for WLAN networks. J Convergence 3(2):1–8Google Scholar
- 7.Singh R, Singh P, Duhan M (2014) An effective implementation of security based algorithmic approach in mobile adhoc networks. Human-centric Comput Inform Sci 4(1):1–14Google Scholar
- 9.Bruschi D, Ornaghi A, Rosti E (2003) S-ARP: a secure address resolution protocol. Proc Comput Secur Appl Conf:66–74Google Scholar
- 11.Xing W, Zhao Y, Li T (2010) Research on the defense against ARP spoofing attacks based on WinPcap. In: Proceedings of Second International Workshop on Education Technology and Computer Science (ETCS2010), pp 762–765Google Scholar
- 12.Limmaneewichid P, Lilakiatsakun W (2011) P-ARP: a novel enhanced authentication scheme for securing ARP. In: Proceeding of 2011 International Conference on Telecommunication Technology and Applications, vol 5, pp 83–87Google Scholar
- 14.Song MS, Lee JD, Jeong J-S, Jeong H-Y, Park JH (2014) DS-ARP: a new detection scheme for ARP spoofing attacks based on routing trace for ubiquitous environments. SCIE 2014:7 Article ID 264654Google Scholar