Explore chapters and articles related to this topic
Wireless Architecture Considerations
Published in Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle, Wi-Fi Enabled Healthcare, 2014
Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle
There are some options available to combat Ethernet broadcast and multicast traffic. One specific broadcast Ethernet frame called an ARP frame or Address Resolution Protocol frame can create a significant amount of Wi-Fi broadcast frames. Fortunately many wired and wireless companies implement something called proxy ARP. RFC (Request for Comment) 1027 or proxy ARP does just what its name suggests. It will allow another device on the same network as an end client to “ARP” for another. The purpose of ARP is to update the ARP tables on all the devices on a LAN segment. An ARP table is a mapping of MAC addresses to IP addresses. Switches and end clients alike maintain some level ARP table. You can observe this by typing the following in the command prompt of a Windows PC:
Network Security for EIS and ECS Systems
Published in Barney L. Capehart, Timothy Middelkoop, Paul J. Allen, David C. Green, Handbook of Web Based Energy Information and Control Systems, 2020
Address resolution protocol (ARP) is the communications protocol through which the network determines what transmissions should go to which computers. When a computer is logged onto a network, it receives an internet protocol (IP) address, which will serve as its address on the network, and all transmissions to or from that computer will be routed using that address. Each computer’s network card has its own unique media access control (MAC) address, which serves as a physical address of the computer. The address resolution protocol maintains a table of IP-MAC address relationships called the ARP cache. ARP spoofing involves altering the ARP cache so that communications on the network are routed to a machine that the attacker chooses.
Digital Transformation and the Cybersecurity of Infrastructure Systems in the Oil And Gas Sector
Published in Edward Ochieng, Tarila Zuofa, Sulafa Badi, Routledge Handbook of Planning and Management of Global Strategic Infrastructure Projects, 2020
Since the oil and gas sector has embraced automation and network connectivity, it is becoming more reliant on cloud services technology. Automation is utilised in monitoring the crucial functions that measure the onsite equipment pressure, temperature, chemical reactions, and oil leaks (Drias et al., 2015). The safety and instrument systems (SIS) emergency system termination is also dynamically monitored and controlled remotely. However, such systems experience considerable threats of compromise by attackers. For example, in man-in-the-middle (MITM) attacks an attacker positions themself between two parties’ conversation channels and obtains sensitive information these parties are exchanging on a private line, unaware that an attacker is monitoring their communication. Such attacks can lead to data theft, corruption of information, and obstruction of communication, which consequently result in loss of confidentiality and potential loss of control over equipment, devices, and operation systems (Conti et al., 2016; Rob et al., 2014). The different types of MITM attacks are distinguished by the methods used or the vulnerabilities exploited to execute the attack. One example is targeting the address resolution protocol (ARP), which is responsible for resolving an IP address into a corresponding media access control (MAC) address (Tripathi and Mehtre, 2014). It is vulnerable to attacks because it is unauthenticated. In the ARP poisoning attack mechanism, the attacker sends ARP spoofed messages to two communicating hosts, tricking them by claiming that it is the other host, which leads to both hosts updating their ARP cache with the attacker's MAC address. This deception results in these hosts forwarding all the communications to the attacker.
Smart building energy management based on network occupancy sensing
Published in Journal of International Council on Electrical Engineering, 2018
Xianing Jin, Guanqun Wang, Yi Song, Chongbo Sun
The implicit sensor used to determine occupancy information can be classified into three types. Type I sensor requires no modification to existing systems. The typical type I sensors include the Address Resolution Protocol (ARP) and Dynamic Host Control Protocol (DHCP) [4]. ARP is always used by routers to determine the Ethernet or Wi-Fi Medium Access Control (MAC) address of all hosts on a subnet and associate it with the host’s IP address. Routers use the ARP protocol to maintain a table, or ARP cache, of associated IP and MAC addresses to enable forwarding of packets from a router to a host. The ARP table is a measure of the number of active hosts in the local network. ARP data collected from routers and Wi-Fi Access Points (AP) within a building can serve as implicit occupancy measures.