SPOOFING ATTACK DEFENSE METHOD CAPABLE OF REDUCING THE LOAD OF A BLOCKING SERVER BY SENSING AND PROTECTING A SPOOFING ATTACK IN EACH CLIENT

摘要

PURPOSE: A spoofing attack defense method is provided to rapidly defend against a spoofing attack by tracking an IP(Internet Protocol) and an MAC(Medium Access Control) address by storing the IP and MAC address beforehand.;CONSTITUTION: A blocking server collects the IP address of the connected client and an MAC address(S102). When ARP(Address Resolution Protocol) packet is inserted into the client, the client extracts the IP address and MAC address of a transmitter from the ARP packet(S106). When the ARP packet is infected, the blocking server blocks the transmission and reception of the infected ARP packet(S110). The blocking server revises corresponding IP-MAC address in the ARP table(S112).;COPYRIGHT KIPO 2013;[Reference numerals] (AA) Start; (BB) Finish; (S102) Blocking server collects the IP address of the connected client and an MAC address; (S104) APP packet inside the network is broadcasted; (S106) Client extracts the IP address and MAC address of a transmitter from the ARP packet; (S108) IP and MAC address is tested; (S110) Is it an infected ARP?; (S112) Infected ARP packet is deleted from the table, and is blocked; (S114) MAC address corresponding to the IP address is fixed; (S116) Infected ARP packet information is transmitted to the blocking server; (S118) Packet data is transmitted to the normal MAC address