TARP: Ticket-based address resolution protocol

Wesam Lootah, William Enck, Patrick McDaniel

Research output: Contribution to journalArticlepeer-review

56 Scopus citations


IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in ARP enable a raft of Internet Protocol (IP)-based impersonation, man-in-the-middle, or Denial of Service (DoS) attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure IP/Medium Access Control (MAC) address mapping attestations through existing ARP messages. We detail TARP and its implementation within the Linux operating system. We also detail the integration of TARP with the Dynamic Host Configuration Protocol (DHCP) for dynamic ticket distribution. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

Original languageEnglish (US)
Pages (from-to)4322-4337
Number of pages16
JournalComputer Networks
Issue number15
StatePublished - Oct 24 2007

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications


Dive into the research topics of 'TARP: Ticket-based address resolution protocol'. Together they form a unique fingerprint.

Cite this