[1]赵晓峰 汪精明 王平水.园区网ARP欺骗攻击防御模式设计与实现[J].计算机技术与发展,2007,(07):152-155.
 ZHAO Xiao-feng,WANG Jing-ming,WANG Ping-shui.Design and Implementation of Defense System for ARP Spoofing in Campus Network[J].,2007,(07):152-155.
点击复制

园区网ARP欺骗攻击防御模式设计与实现()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2007年07期
页码:
152-155
栏目:
安全与防范
出版日期:
1900-01-01

文章信息/Info

Title:
Design and Implementation of Defense System for ARP Spoofing in Campus Network
文章编号:
1673-629X(2007)07-0152-04
作者:
赵晓峰 汪精明 王平水
安徽财经大学网络中心
Author(s):
ZHAO Xiao-fengWANG Jing-mingWANG Ping-shui
Anhui University of Finance & Economics
关键词:
交换网络ARP欺骗网络攻击网络防御
Keywords:
switch networkARP spoofing network attack network defense
分类号:
TP393.08
文献标志码:
A
摘要:
地址解析协议(ARP)工作于OSI参考模型第二层,在园区网VLAN中实现IP地址到网络接口硬件地址(MAC)的映射功能,攻击者利用ARP协议安全缺陷,在网关与主机(整个网段)之间实施ARP欺骗攻击,将会对VALN内主机产生巨大安全威胁。针对此类攻击设计与实现的网络防御模式,通过IP地址与接人层交换机端口绑定、定期在VLAN广播网关MAC地址等方法,可有效阻止该类攻击发生
Abstract:
Address Resolution Protocol(ARP)works in Layer 2 of the OSI reference model. It implements the mapping between IP and MAC in VLAN of campus network. The attacker uses the ARP shortage of security, implements the ARP spoofing attack between the gateway and the host computer, will be serious threat to the security of host computer in VLAN. Design and implementation of defense system for this kind of attack, through IP address and switch port binding, broadcast gateway MAC address and so on methods, can prevent this kind of attack to occur effectively

相似文献/References:

[1]李元 吴勇 李祥.ARP协议的描述与TLA验证[J].计算机技术与发展,2010,(06):163.
 LI Yuan,WU Yong,LI Xiang.The Description and Validation of ARP Protocol Based on TLA[J].,2010,(07):163.
[2]潘晓君.基于缓存超时的ARP欺骗攻击协议的研究[J].计算机技术与发展,2009,(10):167.
 PAN Xiao-jun.Research of ARP Spoofing Attack Protocol Based on Cache Overtime[J].,2009,(07):167.

备注/Memo

备注/Memo:
安徽省2006年教育厅自然科学基金项目(2006kJ017C)赵晓峰(1970-),男,安徽蚌埠人,实验师,研究方向为网络管理、网络安全
更新日期/Last Update: 1900-01-01