METHOD OF DETECTING ARP SPOOFING ATTACKS USING ARP LOCKING AND COMPUTER-READABLE RECORDING MEDIUM STORING PROGRAM FOR EXECUTING THE METHOD
摘要
A method of detecting Address Resolution Protocol (ARP) spoofing attack, includes initializing an ARP cache if an IP address of the ARP cache is consistent with any one of the IP addresses of the candidate senders and a MAC address of the ARP cache is not consistent with a MAC address of a candidate sender of which IP address is consistent with that of the ARP cache. The method further includes blocking an inbound packet having an ARP response if an IP address of a sender sending the ARP response is consistent with any one of the IP addresses of the candidate senders and a MAC address of the sender is not consistent with a MAC address of the candidate sender of which IP address is consistent with that of the sender sending the ARP response.
申请公布号
WO2012108687(A2)
申请公布日期
2012.08.16
申请号
WO2012KR00930
申请日期
2012.02.08
申请人
AHNLAB., INC.;KIM, JOOSAENG;HAN, TAESOO;KIM, JONG HYUN