An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks

Senda Hammouda; Zouheir Trabelsi

doi:10.1145/1582379.1582584

An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks

Senda Hammouda, Zouheir Trabelsi

Department of Information System and Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

4 Citations (Scopus)

Abstract

After the ARP protocol was drafted, a subtle weakness in the protocol was discovered. In fact, ARP provides no means to establish the authenticity of the source of incoming ARP packets. That's why any host of a LAN network can forge an ARP message containing malicious information to poison the ARP caches of target hosts. This lack of authentication mechanisms has made ARP vulnerable to a raft of IP-based impersonation, Man-in-the-Middle (MiM) and DoS attacks. In this paper we discuss a security solution to solve the ARP vulnerabilities and authenticity issues. For that purpose, a novel secure extended ARP protocol is proposed. In addition, the LAN switch has been enhanced to assume the role of "Trusted Authority" and assure the hosts authentication while exchanging ARP messages.

Original language	English
Title of host publication	Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009
Pages	942-946
Number of pages	5
DOIs	https://doi.org/10.1145/1582379.1582584
Publication status	Published - 2009
Event	2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009 - Leipzig, Germany Duration: Jun 21 2009 → Jun 24 2009

Publication series

Name	Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009

Other

Other	2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009
Country/Territory	Germany
City	Leipzig
Period	6/21/09 → 6/24/09

Keywords

ARP cache poisoning attack
ARP protocol
Man-in-the-middle attack

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications
Software

Access to Document

10.1145/1582379.1582584

Cite this

Hammouda, S., & Trabelsi, Z. (2009). An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks. In Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009 (pp. 942-946). (Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009). https://doi.org/10.1145/1582379.1582584

An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks. / Hammouda, Senda; Trabelsi, Zouheir.
Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009. 2009. p. 942-946 (Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hammouda, S & Trabelsi, Z 2009, An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks. in Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009. Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009, pp. 942-946, 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009, Leipzig, Germany, 6/21/09. https://doi.org/10.1145/1582379.1582584

Hammouda S, Trabelsi Z. An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks. In Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009. 2009. p. 942-946. (Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009). doi: 10.1145/1582379.1582584

@inproceedings{ae171c73702b4c14a697bf626ec9a06a,

title = "An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks",

abstract = "After the ARP protocol was drafted, a subtle weakness in the protocol was discovered. In fact, ARP provides no means to establish the authenticity of the source of incoming ARP packets. That's why any host of a LAN network can forge an ARP message containing malicious information to poison the ARP caches of target hosts. This lack of authentication mechanisms has made ARP vulnerable to a raft of IP-based impersonation, Man-in-the-Middle (MiM) and DoS attacks. In this paper we discuss a security solution to solve the ARP vulnerabilities and authenticity issues. For that purpose, a novel secure extended ARP protocol is proposed. In addition, the LAN switch has been enhanced to assume the role of {"}Trusted Authority{"} and assure the hosts authentication while exchanging ARP messages.",

keywords = "ARP cache poisoning attack, ARP protocol, Man-in-the-middle attack",

author = "Senda Hammouda and Zouheir Trabelsi",

year = "2009",

doi = "10.1145/1582379.1582584",

language = "English",

isbn = "9781605585697",

series = "Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009",

pages = "942--946",

booktitle = "Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009",

note = "2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009 ; Conference date: 21-06-2009 Through 24-06-2009",

}

TY - GEN

T1 - An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks

AU - Hammouda, Senda

AU - Trabelsi, Zouheir

PY - 2009

Y1 - 2009

N2 - After the ARP protocol was drafted, a subtle weakness in the protocol was discovered. In fact, ARP provides no means to establish the authenticity of the source of incoming ARP packets. That's why any host of a LAN network can forge an ARP message containing malicious information to poison the ARP caches of target hosts. This lack of authentication mechanisms has made ARP vulnerable to a raft of IP-based impersonation, Man-in-the-Middle (MiM) and DoS attacks. In this paper we discuss a security solution to solve the ARP vulnerabilities and authenticity issues. For that purpose, a novel secure extended ARP protocol is proposed. In addition, the LAN switch has been enhanced to assume the role of "Trusted Authority" and assure the hosts authentication while exchanging ARP messages.

AB - After the ARP protocol was drafted, a subtle weakness in the protocol was discovered. In fact, ARP provides no means to establish the authenticity of the source of incoming ARP packets. That's why any host of a LAN network can forge an ARP message containing malicious information to poison the ARP caches of target hosts. This lack of authentication mechanisms has made ARP vulnerable to a raft of IP-based impersonation, Man-in-the-Middle (MiM) and DoS attacks. In this paper we discuss a security solution to solve the ARP vulnerabilities and authenticity issues. For that purpose, a novel secure extended ARP protocol is proposed. In addition, the LAN switch has been enhanced to assume the role of "Trusted Authority" and assure the hosts authentication while exchanging ARP messages.

KW - ARP cache poisoning attack

KW - ARP protocol

KW - Man-in-the-middle attack

UR - http://www.scopus.com/inward/record.url?scp=70450265409&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70450265409&partnerID=8YFLogxK

U2 - 10.1145/1582379.1582584

DO - 10.1145/1582379.1582584

M3 - Conference contribution

AN - SCOPUS:70450265409

SN - 9781605585697

T3 - Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009

SP - 942

EP - 946

BT - Proceedings of the 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009

T2 - 2009 ACM International Wireless Communications and Mobile Computing Conference, IWCMC 2009

Y2 - 21 June 2009 through 24 June 2009

ER -

An enhanced secure ARP protocol and LAN switch for preveting ARP based attacks

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this