基于WinPcap的校园网ARP病毒检测防御系统设计与实现  被引量:4

Design and Implementation of ARP Virus Detection and Defense System for Campus Network Based on WinPcap

在线阅读下载全文

作  者:王晓妮[1] 韩建刚 WANG Xiao-ni;HAN Jian-gang(Information Center,Xianyang Normal University,Xianyang 712000,China;Electrical Debugging,Northwest Institute of Mechanical and Electrical Engineering,Xianyang 712000,China)

机构地区:[1]咸阳师范学院信息中心,陕西咸阳712000 [2]西北机电工程研究所电调室,陕西咸阳712000

出  处:《测控技术》2018年第8期46-52,共7页Measurement & Control Technology

基  金:咸阳师范学院专项科研基金资助项目(13XSYK087)

摘  要:为了解决校园网中ARP病毒泛滥,无法预防和彻底根除的难题,研究了ARP协议工作原理、存在的漏洞,由它引起的ARP病毒的攻击原理及其危害。分析了目前常见的ARP病毒防御措施,指出其不足。结合校园网实情和多年网管经验,设计并实现了一种基于WinPcap的ARP病毒的检测防御系统,能够快速捕获ARP数据包并进行检测,分析过滤后发现定位ARP病毒源,并对中毒主机及时断网,通知用户立即查杀病毒,弥补了传统方法只对局域网中正常主机在接收ARP报文时攻击欺骗进行防御,而对中毒主机束手无策的缺陷。实践证明系统达到预期设计要求,能够很好地防御校园网中ARP病毒。In order to solve the problem of ARP virus flooding in campus network, which cannot be prevented and completely eradicated, the working principle and loopholes of ARP protocol, the attack principle and the harm of ARP virus caused by it are studied. The current common ARP virus defense measures are analyzed,and its shortcomings are pointed out. Combined with the actual situation of the campus network and years of experience in network management, a detection and defense system of ARP virus based on WinPcap is designed and implemented. It can quickly capture ARP packets and detect, locate the ARP virus source after analyzing and filtering them, and cut off the virus host from network, notify the users to deal with the virus immediately.It makes up for the lack of traditional methods, which only defend the ARP attack that is encountered by normal hosts when receiving ARP data, but do nothing to deal with the ARP poisoning host. Practice has proved that the system meets the expected design requirements and can defend the ARP virus in the campus network well.

关 键 词:校园网 ARP ARP病毒 WINPCAP IP/MAC 

分 类 号:TP393.18[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象