Method and apparatus for preventing ARP attacks

An ARP table and purpose technology, applied in the field of communication, can solve problems affecting the forwarding efficiency of normal data packets, and achieve the effect of reducing occupation and quantity

Active Publication Date: 2016-06-01
HUAWEI TECH CO LTD
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This invention relates to an improved method that helps reduce network congestion caused when transmitting data between devices over different networks without causing delays or wasting valuable bandwidth resource usage. It achieves these benefits through sending less redundant copies (ARP) with specific addresses from one device's home location towards another device' s new location instead of repeatedly broadcasting them all around again).

Problems solved by technology

This patented technical problem addressed in this patents relates to improving the performance of internet protocol networks such as firewalls on their way through attacks called ARPA missings. These attacks involve transmitting dummy connections instead of regular ones like TCP acknowledgements without being able to find them during training sessions. If they don't get done beforehand, any further attacks could lead to incorrect results.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for preventing ARP attacks
  • Method and apparatus for preventing ARP attacks
  • Method and apparatus for preventing ARP attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 2

[0081] In order to implement the method for preventing an ARP attack in Embodiment 1 above, this embodiment of the present application provides an apparatus for preventing an ARP attack. see image 3 , the device includes: an ARP missing message receiving unit 301, a parameter set processing unit 302, and an ARP fake entry sending unit 303; wherein,

[0082] The ARP missing message receiving unit 301 is configured to receive the ARP missing message sent by the forwarding plane of the gateway device, and the ARP missing message is used to indicate that the forwarding plane fails to search the ARP table according to the destination Internet Protocol IP address of the data message;

[0083] In response to receiving the ARP missing message, the parameter set processing unit 302 is configured to determine whether the parameter set including the destination IP address has been saved;

[0084] The parameter set processing unit 302 is further configured to, when it is determined that th

Embodiment 3

[0092] In order to implement the method for preventing an ARP attack in Embodiment 1 above, an embodiment of the present application provides a gateway device, where the gateway device includes: a forwarding plane 101 and a control plane 102 . The forwarding plane 101 and the control plane 102 communicate through the bus 103, and the forwarding plane 101 may also communicate through the bus 103 or other buses and network interfaces.

[0093] The forwarding plane 101 is configured to receive a data message, search an ARP table according to the destination IP address of the data message, and when the search fails, send an ARP missing message to the control plane 102, the ARP missing message Including the destination IP address;

[0094] The control plane 102 is configured to receive the ARP missing message, and in response to receiving the ARP missing message, determine whether the control plane 102 has saved a parameter set including the destination IP address;

[0095] The contr

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method and apparatus for preventing ARP attacks. The method comprises the following steps: a control surface of a gateway device receives a first ARP deletion message sent by a forwarding surface and generates and stores a first parameter set including a destination IP address of a data packet, and the control surface sends an ARP false item to the forwarding surface and arranges first aging time for the ARP false item. When the control surface receives again a second ARP deletion message used for indicating failure of search for an ARP table by use of the destination IP address, in response to determination that the first parameter set is already stored, the control surface sends the false item to the forwarding surface and arranges second aging time greater than the first aging time for the ARP false item. According to the invention, the frequency of the forwarding surface in sending ARP deletion messages to the control surface can be effectively inhibited, consumption for system resources by ARP message processing is substantially reduced, and equipment is better protected.

Description

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap