Song Guangjia scite author profile

Duplicate address detection (DAD) is an important component of the address resolution protocol (ARP) and the neighbor discovery protocol (NDP). DAD determines whether an IP address is in conflict with other nodes. In traditional DAD, the target address to be detected is broadcast through the network, which provides convenience for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial-of-service attack is launched. This study proposes a hash method to hide the target address in DAD, which prevents an attack node from launching destination attacks. If the address of a normal node is identical to the detection address, then its hash value should be the same as the “Hash_64” field in the neighboring solicitation message. Consequently, DAD can be successfully completed. This process is called DAD-h. Simulation results indicate that address configuration using DAD-h has a considerably higher success rate when under attack compared with traditional DAD. Comparative analysis shows that DAD-h does not require third-party devices and considerable computing resources; it also provides a lightweight security resolution.

show abstract

A novel frame switching model based on virtual MAC in SDN

Guangjia

Wang

2023

Int. J. Inf. Secur.

View full text Add to dashboard Cite

MAC address spoofing has plagued LAN communication for a long time. Many attacks use it as a springboard to carry out subsequent attacks. The main reason for this kind of attack is the exposure of MAC address. If the source MAC address of the node can be hidden during frame forwarding, this kind of attack can be effectively prevented. This study proposes virtual MAC switching (VMS) as a solution to this problem. VMS uses multi-address hopping technology to make the MAC address of the frame change continuously in the forwarding process. Its unique address generation format makes other nodes unable to record or speculate the real MAC address of the node, so it cannot launch an attack. Experiments show that VMS is close to typical SDN switches in terms of delay, throughput, and overhead and has a higher security level.

show abstract

Research on Equivalence between Address Resolution and Duplicate Address Detection

Guangjia

2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Song Guangjia

A user-based aggregation topic model for understanding user’s preference and intention in social network

Novel Duplicate Address Detection with Hash Function

A novel frame switching model based on virtual MAC in SDN

Research on Equivalence between Address Resolution and Duplicate Address Detection

Contact Info

Product

Resources

About