Skip to main content

A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks

  • 941 Accesses

Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST,volume 223)

Abstract

This paper examines a new application of the well-known ARP spoofing (or ARP cache poisoning) attack. Traditionally, ARP spoofing has been applied in local area networks to allow an attacker to achieve a man-in-the-middle position against target hosts, or to implement a denial of service by routing messages to non-existent hardware addresses. In this paper, we introduce a variant of ARP spoofing in which a routing loop is created in a target wireless ad hoc network. The routing loop not only results in a denial of service against the targeted hosts, but creates a resource consumption attack, where the targets waste power and occupy the channel, precluding its use by legitimate traffic. We show experimental results of an implementation and provide suggestions as to how to prevent, detect, or mitigate the attack.

Keywords

  • Denial of service
  • ARP spoofing
  • Ad hoc networks
  • Sensor networks
  • Routing loops
  • Resource consumption
  • DoS defences

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-74439-1_5
  • Chapter length: 13 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-74439-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   72.00
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

References

  1. Plummer, D.C.: An Ethernet address resolution protocol. RFC 826, November 1982 (1982). http://tools.ietf.org/html/rfc826

  2. Cheshire, S.: IPv4 address conflict detection. RFC 5227, July 2008 (2008). http://tools.ietf.org/html/rfc5227

  3. Arkko, J., Pignataro, C.: IANA allocation guidelines for the address resolution protocol (ARP). RFC 5494, April 2009 (2009). http://tools.ietf.org/html/rfc5494

  4. Mangut, H.A., Al-Nemrat, A., Benzaid, C., Tawil, A.H.: ARP cache poisoning mitigation and forensics investigation. In: Proceedings of 14th IEEE International Conference on Trust, Security, Privacy in Computing and Communications, Helsinki, Finland (2015)

    Google Scholar 

  5. Yang, M., Wang, Y., Ding, H.: Design of WinPcap based ARP spoofing defense system. In: Proceedings of 2014 Fourth International Conference on Instrumentation and Measurement, Computer, Communication and Control, Harbin, China (2014)

    Google Scholar 

  6. Jinhua, G., Kejian, X.: ARP spoofing detection algorithm using ICMP protocol. In: Proceedings of 2013 International Conference on Computer Communication and Informatics, Coimbatore, India (2013)

    Google Scholar 

  7. Salim, H., Li, Z., Tu, H., Guo, Z.: Preventing ARP spoofing attacks through gratuitous decision packet. In: Proceedings of 11th International Symposium on Distributed Computing and Applications to Business, Engineering and Science, Washington DC, USA (2012)

    Google Scholar 

  8. LBL Network Research Group, Information and Computing Sciences Division, at Lawrence Berkeley National Laboratory, ARP Watch. http://www.securityfocus.com/tools/142

  9. ISL, ARP-Guard. https://www.arp-guard.com/en/arp-guard/product.html

  10. Zdrnja, B.: Malicious JavaScript insertion through ARP poisoning attacks. IEEE Secur. Priv. 7, 72–74 (2009)

    CrossRef  Google Scholar 

  11. Carter, C., Yi, S., Kravets, R.: ARP considered harmful: manycast transactions in ad hoc networks. In: Proceedings of 2003 IEEE Wireless Communications and Networking, New Orleans LA, USA (2003)

    Google Scholar 

  12. Birmelé, E., et al.: Optimal listing of cycles and st-paths in undirected graphs. In: Proceedings of the Twenty-Fourth Annual ACM-SIAM Symposium on Discrete Algorithms, New Orleans LA, USA (2013)

    Google Scholar 

  13. Shaffer, C.A.: A Practical Introduction to Data Structures and Algorithm Analysis. Virginia Tech, Blacksburg (2010)

    Google Scholar 

  14. Sadhir, G., Hu, Y., Perrig, A.: ARP attacks in wireless ad hoc networks (2003). http://dl.icdst.org/pdfs/files/0d65ca5916c99a18d087bad19f6d1d0d.pdf

  15. Bruschi, D., Ornaghi, A., Rosti, E.: S-ARP: a secure address resolution protocol. In: Proceedings of the 19th Annual Computer Security Applications Conference (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to J. David Brown .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2018 Her Majesty the Queen in Right of Canada

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Brown, J.D., Willink, T.J. (2018). A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks. In: Zhou, Y., Kunz, T. (eds) Ad Hoc Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 223. Springer, Cham. https://doi.org/10.1007/978-3-319-74439-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-74439-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-74438-4

  • Online ISBN: 978-3-319-74439-1

  • eBook Packages: Computer ScienceComputer Science (R0)