![]() Agents communicate each other to orchestrate a distributed security tool to detect and mitigate ARP cache poisoning attack. We implemented a prototype of the proposed algorithm, called agent, to be run on every host within the network. To this end, this paper proposes a distributed algorithm to instantly detect ARP cache poisoning attack and discover information about host(s) used by the attacker and finally counter this attack using acquired information. We observed that suggested mechanisms are not efficient enough in detecting and mitigating this attack. In the literature, we reviewed these works to see how effective these security solutions are in detecting and countering ARP cache poisoning attack. ![]() A few research works have proposed solutions against this attack. ![]() ![]() Thus, it is crucial to detect and counter an ARP cache poisoning attack. Once an attacker succeeds in an ARP spoofing attack, they can perform a man-in-the-middle (MITM) attack to relay or modify the data or launch a denial-of-service (DoS) attack. This weak point in the ARP protocol can be used by adversaries to send spoofed ARP messages onto a Local Area Network (LAN) and poison victim's ARP cache table. The Address Resolution Protocol (ARP) has a critical function in the Internet protocol suite, however, it was not designed for security as it does not verify that a response to an ARP request really comes from an authorized party.
0 Comments
Leave a Reply. |