|
|||||
|
|
| 基于SNMP的校园网ARP攻击检测方法研究 | |
| 引用本文: | 禹龙,朱惠明,田生伟,高峰. 基于SNMP的校园网ARP攻击检测方法研究[J]. 计算机应用与软件, 2011, 28(5) |
| 作者姓名: | 禹龙 朱惠明 田生伟 高峰 |
| 作者单位: | 1. 新疆大学现代教育技术中心,新疆,乌鲁木齐,830046 2. 乌鲁木齐教育局信息中心,新疆,乌鲁木齐,830046 3. 新疆大学信息科学与工程学院,新疆,乌鲁木齐,830046 |
| 基金项目: | 新疆自治区高校科研计划项目(XJEDU2009S08); 新疆大学校院联合基金项目(XY080156) |
| 摘 要: | 防范地址解析协议ARP(Address Resolution Protocol)欺骗攻击的难点是:攻击源可以隐藏在网段内任何一个主机中,即使发现了攻击的存在,也难以迅速定位攻击源。结合校园网络的特点,提出了一种新的ARP攻击检测方案:检测服务器通过SNMP协议定期读取核心交换机的ARP、VLAN等信息和接入交换机的MAC-PORT信息,利用综合检测算法,及时发现攻击现象,迅速定位攻击源,并根据网络实际情况采用不同的技术措施进行处理。实践证明,该方法能够有效保障校园网络安全。 |
| 关 键 词: | ARP协议 ARP攻击 SNMP协议 校园网 |
ON SNMP-BASED CAMPUS NETWORK ARP SPOOFING DETECTION SCHEME |
|
| Yu Long,Zhu Huiming,Tian Shengwei,Gao Feng. ON SNMP-BASED CAMPUS NETWORK ARP SPOOFING DETECTION SCHEME[J]. Computer Applications and Software, 2011, 28(5) | |
| Authors: | Yu Long Zhu Huiming Tian Shengwei Gao Feng |
| Affiliation: | Yu Long1 Zhu Huiming2 Tian Shengwei3 Gao Feng11(Center of Modern Educational Tachnology,Xinjiang University,Urumqi 830046,Xinjiang,China)2(Center of Information,Urumqi Educational Bureau,China)3(School of Information Science and Engineering,China) |
| Abstract: | The big difficulty in defending ARP spoofing attacks is that the attacking source can be hidden among any host inside a network section.Even if an attack is discovered,it is hard to quickly locate the attacking host.Combined with the characters of the campus network,this paper proposes a new ARP spoofing detection scheme which allows the detection server to periodically reads such information as ARP,VLAN,etc.from core switches and the MAC-PORT information from access switches under SNMP protocol,then uses c... |
| Keywords: | Address resolution protocol(ARP) ARP attack Simple network management protocol(SNMP) Campus network |
| 本文献已被 CNKI 万方数据 等数据库收录! | |