The address resolution protocol (ARP) is used by computers to map network addresses (IP) to physical addresses [MAC] and we can't imagine a communications between networks without the support of ARP protocol. However, ARP had been misused by many malicious hosts for illegitimate penetration; ARP Spoofing is one example for such illegal access. ARP Spoofing can enable malicious hosts to perform man-in-the-middle attacks [MiM] as well as a denial of service attacks [DoS]. Unfortunately, ARP Spoofing has not been focused by security experts or solutions, e.g. intrusion detection systems or intrusion protection systems [IDS/IPS]. In this research we evaluate the most famous & expensive detection and prevention [IDS/IPS] systems for detecting all types of ARP spoofing attacks and introduce an algorithm which can be implemented in IDS/IPS systems to enhance it's security.
展开▼