Skip to main content
SpringerLink
Log in

A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks

  • Conference paper
  • First Online:
Ad Hoc Networks

Abstract

This paper examines a new application of the well-known ARP spoofing (or ARP cache poisoning) attack. Traditionally, ARP spoofing has been applied in local area networks to allow an attacker to achieve a man-in-the-middle position against target hosts, or to implement a denial of service by routing messages to non-existent hardware addresses. In this paper, we introduce a variant of ARP spoofing in which a routing loop is created in a target wireless ad hoc network. The routing loop not only results in a denial of service against the targeted hosts, but creates a resource consumption attack, where the targets waste power and occupy the channel, precluding its use by legitimate traffic. We show experimental results of an implementation and provide suggestions as to how to prevent, detect, or mitigate the attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Plummer, D.C.: An Ethernet address resolution protocol. RFC 826, November 1982 (1982). http://tools.ietf.org/html/rfc826

  2. Cheshire, S.: IPv4 address conflict detection. RFC 5227, July 2008 (2008). http://tools.ietf.org/html/rfc5227

  3. Arkko, J., Pignataro, C.: IANA allocation guidelines for the address resolution protocol (ARP). RFC 5494, April 2009 (2009). http://tools.ietf.org/html/rfc5494

  4. Mangut, H.A., Al-Nemrat, A., Benzaid, C., Tawil, A.H.: ARP cache poisoning mitigation and forensics investigation. In: Proceedings of 14th IEEE International Conference on Trust, Security, Privacy in Computing and Communications, Helsinki, Finland (2015)

    Google Scholar 

  5. Yang, M., Wang, Y., Ding, H.: Design of WinPcap based ARP spoofing defense system. In: Proceedings of 2014 Fourth International Conference on Instrumentation and Measurement, Computer, Communication and Control, Harbin, China (2014)

    Google Scholar 

  6. Jinhua, G., Kejian, X.: ARP spoofing detection algorithm using ICMP protocol. In: Proceedings of 2013 International Conference on Computer Communication and Informatics, Coimbatore, India (2013)

    Google Scholar 

  7. Salim, H., Li, Z., Tu, H., Guo, Z.: Preventing ARP spoofing attacks through gratuitous decision packet. In: Proceedings of 11th International Symposium on Distributed Computing and Applications to Business, Engineering and Science, Washington DC, USA (2012)

    Google Scholar 

  8. LBL Network Research Group, Information and Computing Sciences Division, at Lawrence Berkeley National Laboratory, ARP Watch. http://www.securityfocus.com/tools/142

  9. ISL, ARP-Guard. https://www.arp-guard.com/en/arp-guard/product.html

  10. Zdrnja, B.: Malicious JavaScript insertion through ARP poisoning attacks. IEEE Secur. Priv. 7, 72–74 (2009)

    Article  Google Scholar 

  11. Carter, C., Yi, S., Kravets, R.: ARP considered harmful: manycast transactions in ad hoc networks. In: Proceedings of 2003 IEEE Wireless Communications and Networking, New Orleans LA, USA (2003)

    Google Scholar 

  12. Birmelé, E., et al.: Optimal listing of cycles and st-paths in undirected graphs. In: Proceedings of the Twenty-Fourth Annual ACM-SIAM Symposium on Discrete Algorithms, New Orleans LA, USA (2013)

    Google Scholar 

  13. Shaffer, C.A.: A Practical Introduction to Data Structures and Algorithm Analysis. Virginia Tech, Blacksburg (2010)

    Google Scholar 

  14. Sadhir, G., Hu, Y., Perrig, A.: ARP attacks in wireless ad hoc networks (2003). http://dl.icdst.org/pdfs/files/0d65ca5916c99a18d087bad19f6d1d0d.pdf

  15. Bruschi, D., Ornaghi, A., Rosti, E.: S-ARP: a secure address resolution protocol. In: Proceedings of the 19th Annual Computer Security Applications Conference (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Defence R&D Canada, Ottawa, Canada

    J. David Brown & Tricia J. Willink

Authors
  1. J. David Brown
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tricia J. Willink
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to J. David Brown .

Editor information

Editors and Affiliations

  1. Communications Research Centre, Ottawa, Ontario, Canada

    Yifeng Zhou

  2. Carleton University, Ottawa, Ontario, Canada

    Thomas Kunz

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Her Majesty the Queen in Right of Canada

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Brown, J.D., Willink, T.J. (2018). A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks. In: Zhou, Y., Kunz, T. (eds) Ad Hoc Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 223. Springer, Cham. https://doi.org/10.1007/978-3-319-74439-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-74439-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-74438-4

  • Online ISBN: 978-3-319-74439-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation