ADDRESS RESOLUTION PROTOCOL SPOOFING ATTACK DETECTION SYSTEM CAPABLE OF DETECTING EXTERNAL ATTACKS USING A WEAK POINT OF AN ADDRESS RESOLUTION PROTOCOL

摘要

PURPOSE: An ARP(Address Resolution Protocol) spoofing attack detection system and a method thereof are provided to effectively detect an ARP spoofing attack at a switch end by using a weak point of an ARP.;CONSTITUTION: When a received ARP packet is a non-request ARP packet, a transmission module(306) generates an ARP request packet corresponding to the received non-request ARP packet. The transmission module broadcasts the generated ARP request packet. When an ARP response packet corresponding to the broadcasted ARP request packet is received, a detection module(308) determines whether the input port of the received ARP response packet is matched with the input port of the non-request ARP packet. When the input port of the received ARP response packet is not matched with the input port of the non-request ARP packet, the detection module determines the generation of the ARP spoofing attack.;COPYRIGHT KIPO 2013;[Reference numerals] (302) Reception module; (304) Packet information storage module; (306) Transmission module; (308) Detection module