摘要
ARP协议,即地址解析协议,由于协议存在的漏洞导致ARP欺骗几乎无法避免。为探讨如何解决这一问题,通过理论研究和实证,论文从主动和被动两个模块提出了ARP检测与防御的方法。主要思路是利用基于Linux的开源路由器系统OpenWRT定制路由器,对网络流量进行监测,一旦主机网络流量达到一定阈值时,通过对其进行检查来判断源主机是否遭受ARP欺骗,以维护局域网的安全运行。
ARP,the Address resolution protocol,owing to the loopholes of the protocol,leads to ARP spoofing almost impossible to avoid.In order to explore how to solve this problem,through theoretical research and empirical analysis,this paper puts forward ARP detection and defense methods from two modules of active and passive.The main idea is to use the open source router system customized OpenWRT router based on Linux,monitoring the network traffic.Once the host network traffic reaches a certain threshold,,we will examine and determine whether the host is deceived,to maintain the safe operation of LAN.
作者
陈军
孙义博
岳婷
Chen Jun;Sun Yi-bo;Yue Ting(Department of Information Security and Internet Technology Study, University of Chinese People’s Public Security, Beijing 102623)
出处
《网络空间安全》
2018年第1期51-55,共5页
Cyberspace Security
