计算机工程 ›› 2008, Vol. 34 ›› Issue (14): 168-170.doi: 10.3969/j.issn.1000-3428.2008.14.060

• 安全技术 • 上一篇    下一篇

基于改进协议机制的防ARP欺骗方法

黄天福,白光伟   

  1. (南京工业大学信息科学与工程学院计算机系,南京 210009)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-07-20 发布日期:2008-07-20

Method Against ARP Spoofing Based on Improved Protocol Mechanism

HUANG Tian-fu, BAI Guang-wei   

  1. (Dept. of Computer, College of Information Science & Engineering, Nanjing University of Technology, Nanjing 210009)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-07-20 Published:2008-07-20

摘要: 地址解析协议(ARP)是建立在友好通信、充分信任基础上的协议,因此,很容易受到攻击。该文介绍ARP协议工作机制、协议安全漏洞和当前已经提出的针对ARP欺骗的对策,并指出这些方法的不足之处。提出一种采用改进协议机制的方法用于防止ARP欺骗,该方法可以有效地减少利用ARP协议的网络欺骗攻击。

关键词: 地址解析协议, ARP欺骗, 协议改进

Abstract: The Address Resolution Protocol(ARP) is a protocol based on friendly communication and complete trust, so it is prone to be attacked. This paper introduces the working principle of ARP, and analyzes the security vulnerability of the existing ARP and related countermeasures. On this basis, a new method against ARP spoofing is proposed, which is based on improved protocol mechanism. The research shows the improved mechanism can reduce network spoofing attack using ARP effectively.

Key words: Address Resolution Protocol(ARP), ARP spoofing, protocol improvement

中图分类号: