Method and apparatus for defending against ARP spoofing attacks
US8302190B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 24, 2009 |
| Grant date | Oct 30, 2012 |
| Priority date | — |
| Expiry date | Apr 9, 2030 |
Classification
- Technology area (CPC Y)Emerging Cross-Sectional Technologies
- CPC primaryY04S40/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method and an apparatus for defending against Address Resolution Protocol (ARP) spoofing attacks are disclosed. When a network device receives an ARP message, the network judges whether the MAC address of the received ARP message is the same as the MAC address in an ARP entry, if the MAC addresses are different, the network device determines the received ARP message as an ambiguous ARP message and starts an ARP verification process, and makes further process according to the result of the ARP verification process. In this way, when no address spoofing attacks occur, no verification messages are generated, and thus reducing signaling interactions and saving network resources; besides, spoofing attacks possibly happening at any time are avoided, which effectively prevents address spoofing attacks via random scanning and protects the normal application of the real host.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.