To search, Click below search items.


All Published Papers Search Service


Architecture and Protocols for Secure LAN


Thawatchai Chomsiri


Vol. 8  No. 7  pp. 208-213


A lack of security is a problem of LAN systems in the present time since hackers can set a fake MAC Address and conduct ARP Spoof in order to capture the data by using the vulnerability of ARP: Address Resolution Protocol. The hackers in the same LAN as the victims can capture Cookies and Session ID and use them to access the system by the right of the victims. Moreover, hackers can also conduct MITM: Man in the Middle to hack HTTPS (decoding the password sent through HTTPS). This research presents a design of “architecture and protocols” for the LAN security preventing the process of MAC Address spoofing, ARP Spoof and MITM. Each Network Card is designed to have Certificate issued by the product vendor in order to certify the MAC Address value. In addition, each Network Card has a Private Key and a Public Key. DHCP is redesigned to authenticate each Network Card before delivering IP Address. Besides, a new ARP protocols is presented in order to work correspondingly with DHCP Server. DHCP Server is assigned to be the “MAC-IP database center” which stores the data about matching between MAC Address and IP Address. When any Hosts want to enquire the MAC Address (for interested IP Address) an ARP Request will be sent to DHCP Server instead. In addition, the conditions of ARP Request and ARP Reply are modified so that they will be able to resist ARP Spoof and MITM.


LAN Security, ARP Spoof, MAC Spoof, MITM, Certificate.