A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks

Brown, J. David; Willink, Tricia J.

doi:10.1007/978-3-319-74439-1_5

A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks

J. David Brown¹⁷ &
Tricia J. Willink¹⁷

Conference paper
First Online: 20 January 2018

941 Accesses

Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST,volume 223)

Abstract

This paper examines a new application of the well-known ARP spoofing (or ARP cache poisoning) attack. Traditionally, ARP spoofing has been applied in local area networks to allow an attacker to achieve a man-in-the-middle position against target hosts, or to implement a denial of service by routing messages to non-existent hardware addresses. In this paper, we introduce a variant of ARP spoofing in which a routing loop is created in a target wireless ad hoc network. The routing loop not only results in a denial of service against the targeted hosts, but creates a resource consumption attack, where the targets waste power and occupy the channel, precluding its use by legitimate traffic. We show experimental results of an implementation and provide suggestions as to how to prevent, detect, or mitigate the attack.

Keywords

Denial of service
ARP spoofing
Ad hoc networks
Sensor networks
Routing loops
Resource consumption
DoS defences

This is a preview of subscription content, access via your institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 54.99; Price excludes VAT (USA)

Softcover Book: USD 72.00; Price excludes VAT (USA)

Learn about institutional subscriptions

References

Plummer, D.C.: An Ethernet address resolution protocol. RFC 826, November 1982 (1982). http://tools.ietf.org/html/rfc826
Cheshire, S.: IPv4 address conflict detection. RFC 5227, July 2008 (2008). http://tools.ietf.org/html/rfc5227
Arkko, J., Pignataro, C.: IANA allocation guidelines for the address resolution protocol (ARP). RFC 5494, April 2009 (2009). http://tools.ietf.org/html/rfc5494
Mangut, H.A., Al-Nemrat, A., Benzaid, C., Tawil, A.H.: ARP cache poisoning mitigation and forensics investigation. In: Proceedings of 14th IEEE International Conference on Trust, Security, Privacy in Computing and Communications, Helsinki, Finland (2015)
Google Scholar
Yang, M., Wang, Y., Ding, H.: Design of WinPcap based ARP spoofing defense system. In: Proceedings of 2014 Fourth International Conference on Instrumentation and Measurement, Computer, Communication and Control, Harbin, China (2014)
Google Scholar
Jinhua, G., Kejian, X.: ARP spoofing detection algorithm using ICMP protocol. In: Proceedings of 2013 International Conference on Computer Communication and Informatics, Coimbatore, India (2013)
Google Scholar
Salim, H., Li, Z., Tu, H., Guo, Z.: Preventing ARP spoofing attacks through gratuitous decision packet. In: Proceedings of 11th International Symposium on Distributed Computing and Applications to Business, Engineering and Science, Washington DC, USA (2012)
Google Scholar
LBL Network Research Group, Information and Computing Sciences Division, at Lawrence Berkeley National Laboratory, ARP Watch. http://www.securityfocus.com/tools/142
ISL, ARP-Guard. https://www.arp-guard.com/en/arp-guard/product.html
Zdrnja, B.: Malicious JavaScript insertion through ARP poisoning attacks. IEEE Secur. Priv. 7, 72–74 (2009)
CrossRef Google Scholar
Carter, C., Yi, S., Kravets, R.: ARP considered harmful: manycast transactions in ad hoc networks. In: Proceedings of 2003 IEEE Wireless Communications and Networking, New Orleans LA, USA (2003)
Google Scholar
Birmelé, E., et al.: Optimal listing of cycles and st-paths in undirected graphs. In: Proceedings of the Twenty-Fourth Annual ACM-SIAM Symposium on Discrete Algorithms, New Orleans LA, USA (2013)
Google Scholar
Shaffer, C.A.: A Practical Introduction to Data Structures and Algorithm Analysis. Virginia Tech, Blacksburg (2010)
Google Scholar
Sadhir, G., Hu, Y., Perrig, A.: ARP attacks in wireless ad hoc networks (2003). http://dl.icdst.org/pdfs/files/0d65ca5916c99a18d087bad19f6d1d0d.pdf
Bruschi, D., Ornaghi, A., Rosti, E.: S-ARP: a secure address resolution protocol. In: Proceedings of the 19th Annual Computer Security Applications Conference (2003)
Google Scholar

Download references

Author information

Authors and Affiliations

Defence R&D Canada, Ottawa, Canada
J. David Brown & Tricia J. Willink

Authors

J. David Brown
View author publications
You can also search for this author in PubMed Google Scholar
Tricia J. Willink
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to J. David Brown .

Editor information

Editors and Affiliations

Communications Research Centre, Ottawa, Ontario, Canada
Yifeng Zhou
Carleton University, Ottawa, Ontario, Canada
Thomas Kunz

Rights and permissions

Reprints and Permissions

Copyright information

About this paper

Cite this paper

Brown, J.D., Willink, T.J. (2018). A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks. In: Zhou, Y., Kunz, T. (eds) Ad Hoc Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 223. Springer, Cham. https://doi.org/10.1007/978-3-319-74439-1_5

Download citation

DOI: https://doi.org/10.1007/978-3-319-74439-1_5
Published: 20 January 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74438-4
Online ISBN: 978-3-319-74439-1
eBook Packages: Computer ScienceComputer Science (R0)