首页>
外国专利>
SYSTEMS AND METHODS FOR DETERMINING AND PREVENTING ADDRESS RESOLUTION PROTOCOL (ARP) SPOOFING AND ARP CACHE POISONING ATTACKS IN NETWORK DEVICES
SYSTEMS AND METHODS FOR DETERMINING AND PREVENTING ADDRESS RESOLUTION PROTOCOL (ARP) SPOOFING AND ARP CACHE POISONING ATTACKS IN NETWORK DEVICES
展开▼
机译:用于确定和防止网络设备中的地址解析协议(ARP)欺骗和ARP缓存中毒攻击的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A system and method is provided. The system receives one or more Link Layer Discovery Protocol (LLDP) frames exchanged across one or more neighboring hosts and one or more connected network devices, caches entries from the one or more LLDP frames in a LLDP cache to obtain a set of cached entries, receives an incoming Address Resolution Protocol (ARP) frame, extracts entries from the incoming ARP frame to obtain a set of extracted entries, performs a comparison of the set of extracted entries with at least one of (i) a set of blacklisted entries previously stored in a blacklisted cache and (ii) the set of cached entries stored in the LLDP cache, and determines a spoofing attack based on the comparison. In an embodiment, upon determining the spoofing attack, extracted entries are blacklisted in a blacklisted cache and corresponding ARP frames are discarded.
展开▼