Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

ARP spoofing detection method, device and terminal in non-Root environment

A technology of ARP spoofing and detection methods, applied in the field of network security, can solve problems such as ARP spoofing and not providing a better ARP spoofing detection scheme, and achieve the effect of maintaining balance

Active Publication Date: 2018-12-21
TENCENT TECH (SHENZHEN) CO LTD
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When the host communicates with an IP host in the LAN, the information is not sent to the IP host but to the fake MAC host, which leads to ARP spoofing
[0005] In order to reduce the occurrence of ARP spoofing, existing technologies provide a large number of ways to use packet capture or release ARP request packets for ARP spoofing detection, but most of these existing technologies need to run at the data link layer, and must obtain Root permission It is used under non-Root authority, and does not provide a better ARP spoofing detection scheme

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ARP spoofing detection method, device and terminal in non-Root environment
  • ARP spoofing detection method, device and terminal in non-Root environment
  • ARP spoofing detection method, device and terminal in non-Root environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] In order to make the object, technical solution and advantages of the present invention clearer, the implementation manner of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0035] Please refer to figure 1 , which shows a schematic diagram of the implementation environment involved in the ARP spoofing detection method in a non-Root environment provided by various embodiments of the present invention, as figure 1 As shown, the implementation environment includes n terminals 110 and target gateways 120, where n is an integer greater than or equal to 2.

[0036] Wherein, the terminal 110 refers to a terminal such as a desktop computer, a tablet computer, a mobile phone, a palmtop computer or an e-reader, which may be connected to the target gateway 120 through a wired or wireless network. figure 1 In the example, the terminal 110 includes four terminals for illustration.

[0037] The target gateway 120 refe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an ARP cheating detection method, a device and a terminal under a non-Root environment, belonging to the technical field of network security. The method comprises the followingsteps: acquiring a first network parameter by analyzing an ARP cache table and extracting a current MAC address of a target gateway; the first network parameter comprises an IP address and a currentMAC address of a target gateway obtained by parsing an ARP cache table; acquiring a second network parameter and extracting a previous MAC address of the target gateway; the second network parameter is the stored IP address of the target gateway and the last MAC address; judging whether the current MAC address of the target gateway is the same as the previous MAC address of the target gateway; ifnot, ARP spoofing is determined to be present. The detection of ARP spoofing in the invention no longer relies on the operations requiring Root privilege such as grabbing packets or sending ARP request packets in the prior art, the ARP spoofing detection method in non-Root environment can be implemented based on the parsing of ARP cache table, which extends the application scenario of ARP spoofingdetection.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an ARP deception detection method, device and terminal in a non-Root environment. Background technique [0002] ARP is a TCP (Transmission Control Protocol) / IP protocol for obtaining a MAC (Media Access Control, Media Access Control) address based on an IP (Internet Protocol, Internet Protocol) address. [0003] Since ARP is based on the mutual trust of each device in the LAN, after the terminal receives the ARP response, it will not check the authenticity of the ARP response, but will directly associate the source IP address and the source MAC address in the ARP response. Stored in the ARP cache table in the memory, this gives the conditions for ARP spoofing to occur. [0004] After receiving the ARP request broadcast, the hacker forges the ARP response packet and sends it to the attacked host, or the hacker continuously sends the forged ARP response packet to all the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04W12/12H04W12/122H04W12/126
CPCH04L61/103H04L63/1466H04W12/12
Inventor 江沛合
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products