摘要
ARP欺骗是攻击者通过将假的ARP数据包发送到局域网中,使得应该到达目的 IP的数据包被错误地发送给攻击者。基于ARP欺骗攻击的危害性大,窃取用户隐私信息,影响网络传输效率,通过详细分析ARP欺骗的攻击原理及特点、阐述ARP欺骗的主要类型,采用软件Cain对局域网中的计算机进行ARP欺骗仿真实验,经过仿真实验分析,表明ARP欺骗行为不会影响用户正常通信,隐蔽性强,再结合网络分析软件Wireshark捕获通信数据包,经过对数据包分析可以发现实施ARP欺骗的过程和可疑主机,进一步给出对实施ARP欺骗主机的准确检测方法。
ARP spoofing is the attack which attacker sends fake ARP packets to the local area network,and causes the destination IP is sent to the attacker incorrectly. Based on the great harmfulness of ARP spoofing attack, stealing the user's privacy information, and affecting the network transmission efficiency,this paper analysis the principle and characteristics of ARP spoofing attack and expounds the main types of ARP spoofing,uses the software Cain to simulate the ARP spoofing in the LAN,shows the ARP spoofing will not affect the user's normal communication and has strong concealment then this paper communicates data packet capture with network analysis software wireshark,Showing the process of implementing ARP spoofing and suspicious hosts through the analysis of the data packets and giving method for the accurate identification of suspicious hosts further.
出处
《电子设计工程》
2018年第2期18-21,共4页
Electronic Design Engineering
基金
全军重大课题(AWS14J011)
