ResearchBib Share Your Research, Maximize Your Social Impacts
Sign for Notice Everyday Sign up >> Login

Detection of ARP Spoofing Attack Using ICMP Protocol?

Journal: International Journal of Computer Science and Mobile Computing - IJCSMC (Vol.3, No. 5)

Publication Date:

Authors : ; ;

Page : 1055-1060

Keywords : ARP cache; ARP protocol; ARP spoofing; Winpcap; Cain & Abel; ICMP protocol;

Source : Downloadexternal Find it from : Google Scholarexternal


Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address (MAC) that is recognized in the local network. ARP spoofing is the act of vindictively changing the IP-MAC associations stored in ARP cache of any network host. This paper discusses ARP spoofing attack and some related works about it first. On these bases, the paper proposed an efficient algorithm based on ICMP protocol to detect malicious hosts that are performing ARP spoofing attack. The technique includes collecting and analysing the ARP packets, and then injecting ICMP echo request packets to probe for malicious host according to its response packets.

Last modified: 2014-05-30 20:11:36