摘要
局域网中攻击者利用ARP欺骗对网段内主机进行攻击,严重威胁着局域网的安全。本文通过对攻击者常使用的监听、截获和恶意攻击等ARP欺骗方法的分析,对基于ARP欺骗原理的匹配IP法、数据帧检测法、Echo时间法、ARP应答分析法和工具软件检测法等检测方法进行总结,提出制定ARP缓存更新策略、利用交换设备进行控制等多种防范ARP欺骗的策略,并提出了一种新的防范ARP欺骗算法,从而达到拒绝ARP欺骗、保护网络安全目的。
Attackers using ARP spoofing attack network segment host In the LAN,which threaten the LAN security seriously.This paper analyzed the common tricks such as monitor,intercept,and malicious attacks which attackers used,and summarized the IP matched methods based on ARP cheat theory,data frame detection method,Echo time method,ARP response analysis method,tools detection method and so on.A prevent ARP spoofing algorithm is proposed in this paper,which made use of ARP cache update policy,switching equipment control and other strategies to prevent ARP spoofing.This algorithm can reject ARP spoofing,achieve the goals of maintaining network security.
出处
《东北农业大学学报》
CAS
CSCD
北大核心
2012年第8期74-77,共4页
Journal of Northeast Agricultural University
基金
黑龙江省科技厅项目(GC07A103)