VOOZH about

URL: https://link.springer.com/chapter/10.1007/11506157_4?error=cookies_not_supported&code=f4c5e237-0675-402d-8fb9-3efd097a80d8

⇱ An Efficient Solution to the ARP Cache Poisoning Problem | Springer Nature Link

Skip to main content

An Efficient Solution to the ARP Cache Poisoning Problem

  • Conference paper

Abstract

ARP cache poisoning is a long standing problem which is known to be difficult to solve without compromising efficiency. The cause of this problem is the absence of authentication of the mapping between IP addresses and MAC addresses. Due to lack of the required authentication, any host on the LAN can forge an ARP reply containing malicious IP to MAC address mapping causing ARP cache poisoning. In fact, there are a number of tools freely available on the internet using which, even a newbie can launch such an attack. In this paper, we present a new cryptographic technique to make ARP secure and provide protection against ARP cache poisoning. Our technique is based on the combination of digital signatures and one time passwords based on hash chains. This hybrid system prevents the ARP cache poisoning attack while maintaining a good system performance at the same time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Preview

Unable to display preview. Download preview PDF.

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

References

  1. Barnaba, M.: Anticap (2003), http://cvs.antifork.org/cvsweb.cgi/anticap

  2. Fleck, B.: Wireless access points and arp poisoning [online document], Available at http://www.cigitallabs.com/resources/papers/download/arppoison.pdf

  3. Hunleth, F.: Secure link layer, http://www.cs.wustl.edu/fifhunleth/projects/projects.html

  4. Laubach, M.: Classical IP and ARP over ATM. RFC 1577 (1994)

  5. Ornaghi, A., Valleri, M.: A multipurpose sniffer for switched LANs, http://ettercap.sf.net

  6. Plummer, D.C.: An ethernet address resolution protocol. RFC 826 (1982)

  7. Song, D.: A suite for man in the middle attacks, http://www.monkey.org/fidugsong/dsniff

  8. Stevens, R.W.: TCP/IP Illustrated, vol. 1. Addison Wesley, Reading (2001) ISBN 0-201-63346-9

  9. Teterin, I.: Antidote, http://online.securityfocus.com/archive/1/299929

  10. Wagner, R.: Address resolution protocol spoofing and man in the middle attacks (2001), http://rr.sans.org/threats/address.php

  11. Whalen, S.: An introduction to arp spoofing [Online document] (2001), Available at http://packetstormsecurity.nl/papers/protocols/intro_to_arp_spoofing.pdf

  12. Bruschi, D., Ornaghi, A., Rosti, E.: S-ARP: a Secure Address Resolution Protocol. In: Proceedings of 19th Annual Computer Security Applications Conference (ACSAC) (2003)

  13. Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24.11, 770–772 (November 1981)

  14. Haller, N.: The S/KEY One-Time Password System. In: Proceedings of the ISOC Symposium on Network and Distributed System Security, pp 151–157 (February 1994)

  15. Stemmer, A.: CAMs Enhance Network Performance, System Design [Online document] (January 1998), Available HTTP: http://www.eedesign.com/editorial/1998/systemdesign9801.html

  16. http://cert.uni-stuttgart.de/archive/vulndev/2002/01/msg00295.html

  17. Whalen, S.H.: Towards Layer 2 Authentication: Preventing Attacks based on Address resolution Protocols Spoofing (2003) http://wp.netscape.com/eng/ssl3/draft302.txt (2002)

  18. Convery, S.: Hacking Layer 2: Fun with Ethernet Switches, Blackhat [Online document] (2002), Available HTTP: http://www.blackhat.com/presentations/bh-usa-02/bhus-02-converyswitches.pdf

  19. Micali, S.: NOVOMODO: Scalable Certificate Validation and Simplified PKI Management. In: First Annual PKI Research Workshop - Proceeding (April 2002)

  20. Hacking UNIX, a tutorial for performing various attacks including ARP poisoning attack, on UNIX systems (2003), Available at http://duho.cjb.net

  21. Tripunitara, M.V., Dutta, P.: A middleware approach to asynchronous and backward compatible detection and prevention of arp cache poisoning. In Proc. 15th Annual Computer Security Application Conference (ACSAC), pp. 303–309 (1999)

Download references

Author information

Authors and Affiliations

  1. OSP Global, Town Center, Andheri(E), Mumbai, India

    Vipul Goyal & Rohit Tripathy

Authors
  1. Vipul Goyal
  2. Rohit Tripathy

Editor information

Editors and Affiliations

  1. Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia

    Colin Boyd

  2. Information Security Institute, Queensland University of Technology, GPO Box 2434, QLD 4001, Brisbane, Australia

    Juan Manuel González Nieto

About this paper

Cite this paper

Goyal, V., Tripathy, R. (2005). An Efficient Solution to the ARP Cache Poisoning Problem. In: Boyd, C., González Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_4

Download citation

Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Publish with us

Policies and ethics