Secure ARP and Secure DHCP Protocols to Mitigate Security Attacks
This addresses security vulnerabilities in network protocols for computer networks, but it appears incremental as it modifies existing protocols rather than introducing a new paradigm.
The authors tackled the problem of ARP poisoning and MAC spoofing attacks in network communication by proposing secure, unicast, and centralized versions of ARP and DHCP protocols, though no concrete performance numbers are provided.
For network computers to communicate to one another, they need to know one another's IP address and MAC address. Address Resolution Protocol (ARP) is developed to find the Ethernet address that map to a specific IP address. The source computer broadcasts the request for Ethernet address and eventually the target computer replies. The IP to Ethernet address mapping would later be stored in an ARP Cache for some time duration, after which the process is repeated. Since ARP is susceptible to ARP poisoning attacks, we propose to make it unicast, centralized and secure, along with a secure design of DHCP protocol to mitigate MAC spoofing. The secure protocol designs are explained in detail. Lastly we also discuss some performance issues to show how the proposed protocols work.