Abstract
ARP cache poisoning is a long standing problem which is known to be difficult to solve without compromising efficiency. The cause of this problem is the absence of authentication of the mapping between IP addresses and MAC addresses. Due to lack of the required authentication, any host on the LAN can forge an ARP reply containing malicious IP to MAC address mapping causing ARP cache poisoning. In fact, there are a number of tools freely available on the internet using which, even a newbie can launch such an attack. In this paper, we present a new cryptographic technique to make ARP secure and provide protection against ARP cache poisoning. Our technique is based on the combination of digital signatures and one time passwords based on hash chains. This hybrid system prevents the ARP cache poisoning attack while maintaining a good system performance at the same time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barnaba, M.: Anticap (2003), http://cvs.antifork.org/cvsweb.cgi/anticap
Fleck, B.: Wireless access points and arp poisoning [online document], Available at http://www.cigitallabs.com/resources/papers/download/arppoison.pdf
Hunleth, F.: Secure link layer, http://www.cs.wustl.edu/fifhunleth/projects/projects.html
Laubach, M.: Classical IP and ARP over ATM. RFC 1577 (1994)
Ornaghi, A., Valleri, M.: A multipurpose sniffer for switched LANs, http://ettercap.sf.net
Plummer, D.C.: An ethernet address resolution protocol. RFC 826 (1982)
Song, D.: A suite for man in the middle attacks, http://www.monkey.org/fidugsong/dsniff
Stevens, R.W.: TCP/IP Illustrated, vol. 1. Addison Wesley, Reading (2001) ISBN 0-201-63346-9
Teterin, I.: Antidote, http://online.securityfocus.com/archive/1/299929
Wagner, R.: Address resolution protocol spoofing and man in the middle attacks (2001), http://rr.sans.org/threats/address.php
Whalen, S.: An introduction to arp spoofing [Online document] (2001), Available at http://packetstormsecurity.nl/papers/protocols/intro_to_arp_spoofing.pdf
Bruschi, D., Ornaghi, A., Rosti, E.: S-ARP: a Secure Address Resolution Protocol. In: Proceedings of 19th Annual Computer Security Applications Conference (ACSAC) (2003)
Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24.11, 770–772 (November 1981)
Haller, N.: The S/KEY One-Time Password System. In: Proceedings of the ISOC Symposium on Network and Distributed System Security, pp 151–157 (February 1994)
Stemmer, A.: CAMs Enhance Network Performance, System Design [Online document] (January 1998), Available HTTP: http://www.eedesign.com/editorial/1998/systemdesign9801.html
http://cert.uni-stuttgart.de/archive/vulndev/2002/01/msg00295.html
Whalen, S.H.: Towards Layer 2 Authentication: Preventing Attacks based on Address resolution Protocols Spoofing (2003) http://wp.netscape.com/eng/ssl3/draft302.txt (2002)
Convery, S.: Hacking Layer 2: Fun with Ethernet Switches, Blackhat [Online document] (2002), Available HTTP: http://www.blackhat.com/presentations/bh-usa-02/bhus-02-converyswitches.pdf
Micali, S.: NOVOMODO: Scalable Certificate Validation and Simplified PKI Management. In: First Annual PKI Research Workshop - Proceeding (April 2002)
Hacking UNIX, a tutorial for performing various attacks including ARP poisoning attack, on UNIX systems (2003), Available at http://duho.cjb.net
Tripunitara, M.V., Dutta, P.: A middleware approach to asynchronous and backward compatible detection and prevention of arp cache poisoning. In Proc. 15th Annual Computer Security Application Conference (ACSAC), pp. 303–309 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Goyal, V., Tripathy, R. (2005). An Efficient Solution to the ARP Cache Poisoning Problem. In: Boyd, C., González Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_4
Download citation
DOI: https://doi.org/10.1007/11506157_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26547-4
Online ISBN: 978-3-540-31684-8
eBook Packages: Computer ScienceComputer Science (R0)