WEKO3
アイテム
AXARPSC: Scalable ARP Snooping Using Policy-based Mirroring of Core Switches with ARP Log Contraction
https://ipsj.ixsq.nii.ac.jp/records/210347
https://ipsj.ixsq.nii.ac.jp/records/210347513aae48-a464-410c-86bb-518cc0b27937
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6203004.pdf (604.3 kB)
|
Copyright (c) 2021 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2021-03-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | AXARPSC: Scalable ARP Snooping Using Policy-based Mirroring of Core Switches with ARP Log Contraction | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | AXARPSC: Scalable ARP Snooping Using Policy-based Mirroring of Core Switches with ARP Log Contraction | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [特集:快適な運用管理を支えるインターネットと運用技術] ARP snooping, scalability, computer security incident | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| Tottori University | ||||||||||||
| 著者所属 | ||||||||||||
| Tottori University | ||||||||||||
| 著者所属 | ||||||||||||
| Kyushu University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Tottori University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Tottori University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Kyushu University | ||||||||||||
| 著者名 |
Motoyuki, Ohmori
× Motoyuki, Ohmori
× Naoki, Miyata
× Koji, Okamura
|
|||||||||||
| 著者名(英) |
Motoyuki, Ohmori
× Motoyuki, Ohmori
× Naoki, Miyata
× Koji, Okamura
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | In order to handle a computer security incident or network failure, it is important to grasp a list of pairs of IP and MAC addresses of the hosts. A traditional method based upon ARP table polling, however, has two major drawbacks that 1) some pairs of IP and MAC addresses may not be obtained and 2) it incurs a heavy load on a core switch. In order to overcome these drawbacks, this paper proposes AXARPSC that is the novel scalable ARP snooping to build a list of pairs of IP and MAC addresses. AXARPSC can avoid missing pairs of IP and MAC addresses by monitoring all ARP traffic. AXARPSC also can reduce a CPU load on a recent high-end core switch by approximately 20. AXARPSC is scalable because AXARPSC incurs no additional CPU load even though the number of hosts increases. AXARPSC employs a policy-based mirroring of a switch that mirrors traffic that matches a specified filter. The policy-based mirroring can mirror ARP traffic only, and reduce the load on an ARP parsing server. AXARPSC can also contract multiple contiguous ARP messages that have the same pair of an IP address and MAC address, as if one ARP message is observed. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.29(2021) (online) DOI http://dx.doi.org/10.2197/ipsjjip.29.198 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | In order to handle a computer security incident or network failure, it is important to grasp a list of pairs of IP and MAC addresses of the hosts. A traditional method based upon ARP table polling, however, has two major drawbacks that 1) some pairs of IP and MAC addresses may not be obtained and 2) it incurs a heavy load on a core switch. In order to overcome these drawbacks, this paper proposes AXARPSC that is the novel scalable ARP snooping to build a list of pairs of IP and MAC addresses. AXARPSC can avoid missing pairs of IP and MAC addresses by monitoring all ARP traffic. AXARPSC also can reduce a CPU load on a recent high-end core switch by approximately 20. AXARPSC is scalable because AXARPSC incurs no additional CPU load even though the number of hosts increases. AXARPSC employs a policy-based mirroring of a switch that mirrors traffic that matches a specified filter. The policy-based mirroring can mirror ARP traffic only, and reduce the load on an ARP parsing server. AXARPSC can also contract multiple contiguous ARP messages that have the same pair of an IP address and MAC address, as if one ARP message is observed. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.29(2021) (online) DOI http://dx.doi.org/10.2197/ipsjjip.29.198 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 62, 号 3, 発行日 2021-03-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
