TARP: Ticket-based address resolution protocol

Wesam Lootah; William Enck; Patrick McDaniel

doi:10.1109/CSAC.2005.55

TARP: Ticket-based address resolution protocol

Wesam Lootah, William Enck, Patrick McDaniel

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

29 Scopus citations

Abstract

IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft of IP-based impersonation, man-in-the-middle, or DoS attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure MAC/IP address mapping attestations through existing ARP messages. We detail the TARP protocol and its implementation within the Linux operating system. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

Original language	English (US)
Title of host publication	Proceedings - 21st Annual Computer Security Applications Conference, ACSAC 2005
Publisher	IEEE Computer Society
Pages	108-116
Number of pages	9
ISBN (Print)	0769524613, 9780769524610
DOIs	https://doi.org/10.1109/CSAC.2005.55
State	Published - 2005
Event	21st Annual Computer Security Applications Conference, ACSAC 2005 - Tucson, AZ, United States Duration: Dec 5 2005 → Dec 9 2005

Publication series

Name	Proceedings - Annual Computer Security Applications Conference, ACSAC
Volume	2005
ISSN (Print)	1063-9527

Other

Other	21st Annual Computer Security Applications Conference, ACSAC 2005
Country	United States
City	Tucson, AZ
Period	12/5/05 → 12/9/05

All Science Journal Classification (ASJC) codes

Software
Engineering(all)

Access to Document

10.1109/CSAC.2005.55

Fingerprint Dive into the research topics of 'TARP: Ticket-based address resolution protocol'. Together they form a unique fingerprint.

Cite this

@inproceedings{f4f3b9e38ca94b178db8cfd4daa85253,

title = "TARP: Ticket-based address resolution protocol",

abstract = "IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft of IP-based impersonation, man-in-the-middle, or DoS attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure MAC/IP address mapping attestations through existing ARP messages. We detail the TARP protocol and its implementation within the Linux operating system. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.",

author = "Wesam Lootah and William Enck and Patrick McDaniel",

year = "2005",

doi = "10.1109/CSAC.2005.55",

language = "English (US)",

isbn = "0769524613",

series = "Proceedings - Annual Computer Security Applications Conference, ACSAC",

publisher = "IEEE Computer Society",

pages = "108--116",

booktitle = "Proceedings - 21st Annual Computer Security Applications Conference, ACSAC 2005",

address = "United States",

note = "21st Annual Computer Security Applications Conference, ACSAC 2005 ; Conference date: 05-12-2005 Through 09-12-2005",

}

Lootah, W, Enck, W & McDaniel, P 2005, TARP: Ticket-based address resolution protocol. in Proceedings - 21st Annual Computer Security Applications Conference, ACSAC 2005., 1565239, Proceedings - Annual Computer Security Applications Conference, ACSAC, vol. 2005, IEEE Computer Society, pp. 108-116, 21st Annual Computer Security Applications Conference, ACSAC 2005, Tucson, AZ, United States, 12/5/05. https://doi.org/10.1109/CSAC.2005.55

TARP : Ticket-based address resolution protocol. / Lootah, Wesam; Enck, William; McDaniel, Patrick.

Proceedings - 21st Annual Computer Security Applications Conference, ACSAC 2005. IEEE Computer Society, 2005. p. 108-116 1565239 (Proceedings - Annual Computer Security Applications Conference, ACSAC; Vol. 2005).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - TARP

T2 - 21st Annual Computer Security Applications Conference, ACSAC 2005

AU - Lootah, Wesam

AU - Enck, William

AU - McDaniel, Patrick

PY - 2005

Y1 - 2005

N2 - IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft of IP-based impersonation, man-in-the-middle, or DoS attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure MAC/IP address mapping attestations through existing ARP messages. We detail the TARP protocol and its implementation within the Linux operating system. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

AB - IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft of IP-based impersonation, man-in-the-middle, or DoS attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure MAC/IP address mapping attestations through existing ARP messages. We detail the TARP protocol and its implementation within the Linux operating system. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

UR - http://www.scopus.com/inward/record.url?scp=33846297018&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33846297018&partnerID=8YFLogxK

U2 - 10.1109/CSAC.2005.55

DO - 10.1109/CSAC.2005.55

M3 - Conference contribution

AN - SCOPUS:33846297018

SN - 0769524613

SN - 9780769524610

T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC

SP - 108

EP - 116

BT - Proceedings - 21st Annual Computer Security Applications Conference, ACSAC 2005

PB - IEEE Computer Society

Y2 - 5 December 2005 through 9 December 2005

ER -