Indian Journal of Science and Technology
Year: 2018, Volume: 11, Issue: 22, Pages: 1-9
Sweta Singh* and Dayashankar Singh
*Author for correspondence
Computer Science and Engineering Department, Madan Mohan Malaviya University of Technology, Gorakhpur – 273016, Uttar Pradesh, India; [email protected]
To tap into the communication, modify traffic, and stop the network traffic is always the intension of an attacker. ARP poisoning is one of the simplest ways to accomplish these malicious intensions of the attacker. Objective: For detection and prevention of such attempt, a concept of voting and ICMP echo requests has been introduced to verify the binding and defend these malicious intensions of the attacker. Methods: A voting is done to validate the binding from the other hosts of the LAN such that if attacker pretends to be a new host, it can easily be detected. In case of mismatch of IP or MAC, ICMP echo packets have been used. Findings: The validation performed by each host has made the scheme free from being centralized and even do not demand any incompatibility or modification in the existing protocol model. Implementation is conducted on Ubuntu using raw socket coding in python and scapy. ICMP packets are created and spoofing is conducted. Fake ARP packet is sent using packEth and the incoming and outgoing of packets between the hosts is analyzed using Wireshark. Improvements/ Application: New host entering the network is also validated in this scheme. The scheme can effectively mitigate LAN attacks.
Keywords: Address Resolution Protocol (ARP), ARP Poisoning, ICMP (Internet Control Message Protocol), LAN attacks, Voting
Subscribe now for latest articles and news.