TARP: Ticket-based address resolution protocol

Wesam Lootah; William Enck; Patrick McDaniel

doi:10.1016/j.comnet.2007.05.007

TARP: Ticket-based address resolution protocol

Wesam Lootah, William Enck, Patrick McDaniel

Research output: Contribution to journal › Article › peer-review

56 Scopus citations

Abstract

IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in ARP enable a raft of Internet Protocol (IP)-based impersonation, man-in-the-middle, or Denial of Service (DoS) attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure IP/Medium Access Control (MAC) address mapping attestations through existing ARP messages. We detail TARP and its implementation within the Linux operating system. We also detail the integration of TARP with the Dynamic Host Configuration Protocol (DHCP) for dynamic ticket distribution. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

Original language	English (US)
Pages (from-to)	4322-4337
Number of pages	16
Journal	Computer Networks
Volume	51
Issue number	15
DOIs	https://doi.org/10.1016/j.comnet.2007.05.007
State	Published - Oct 24 2007

All Science Journal Classification (ASJC) codes

Computer Networks and Communications

Access to Document

10.1016/j.comnet.2007.05.007

Cite this

@article{10f7e50260224d488c83dc57282d6c8b,

title = "TARP: Ticket-based address resolution protocol",

abstract = "IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in ARP enable a raft of Internet Protocol (IP)-based impersonation, man-in-the-middle, or Denial of Service (DoS) attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure IP/Medium Access Control (MAC) address mapping attestations through existing ARP messages. We detail TARP and its implementation within the Linux operating system. We also detail the integration of TARP with the Dynamic Host Configuration Protocol (DHCP) for dynamic ticket distribution. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.",

author = "Wesam Lootah and William Enck and Patrick McDaniel",

year = "2007",

month = oct,

day = "24",

doi = "10.1016/j.comnet.2007.05.007",

language = "English (US)",

volume = "51",

pages = "4322--4337",

journal = "Computer Networks",

issn = "1389-1286",

publisher = "Elsevier",

number = "15",

}

TY - JOUR

T1 - TARP

T2 - Ticket-based address resolution protocol

AU - Lootah, Wesam

AU - Enck, William

AU - McDaniel, Patrick

PY - 2007/10/24

Y1 - 2007/10/24

N2 - IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in ARP enable a raft of Internet Protocol (IP)-based impersonation, man-in-the-middle, or Denial of Service (DoS) attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure IP/Medium Access Control (MAC) address mapping attestations through existing ARP messages. We detail TARP and its implementation within the Linux operating system. We also detail the integration of TARP with the Dynamic Host Configuration Protocol (DHCP) for dynamic ticket distribution. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

AB - IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in ARP enable a raft of Internet Protocol (IP)-based impersonation, man-in-the-middle, or Denial of Service (DoS) attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure IP/Medium Access Control (MAC) address mapping attestations through existing ARP messages. We detail TARP and its implementation within the Linux operating system. We also detail the integration of TARP with the Dynamic Host Configuration Protocol (DHCP) for dynamic ticket distribution. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

UR - http://www.scopus.com/inward/record.url?scp=34548039452&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34548039452&partnerID=8YFLogxK

U2 - 10.1016/j.comnet.2007.05.007

DO - 10.1016/j.comnet.2007.05.007

M3 - Article

AN - SCOPUS:34548039452

SN - 1389-1286

VL - 51

SP - 4322

EP - 4337

JO - Computer Networks

JF - Computer Networks

IS - 15

ER -

TARP: Ticket-based address resolution protocol

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this