Modeling And Performance Analysis Of A New Secure Address Resolution Protocol

Address Resolution Protocol (ARP) is an essential protocol for the operation of local area networks. It is used for mapping the logical address to the physical address. However, ARP was designed without any security features. Therefore, ARP is vulnerable to many ARP spoofing attacks, such as the host impersonation, man-in-the-middle (MITM), and denial of service (DoS) attacks. Many techniques were introduced in the literature for mitigating ARP spoofing attack. However, they could not provide protection against the host impersonation and DoS attacks. This work introduces a new technique to secure address resolution protocol called ARP Authentication (ARP-A). The proposed technique provides authentication for ARP messages and entities. In addition, it converts ARP from a stateless to a stateful protocol. To evaluate the performance of ARP-A, it was implemented on Linux. To investigate the scalability of ARP-A, a new analytical model was designed for it using stochastic reward nets. The results show that, compared with other related schemes introduced in the literature, ARP-A is more efficient in terms of security and performance.