TARP: Ticket-based address resolution protocol

Wesam Lootah, William Enck, Patrick McDaniel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

35 Scopus citations


IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in the ARP protocol enable a raft of IP-based impersonation, man-in-the-middle, or DoS attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure MAC/IP address mapping attestations through existing ARP messages. We detail the TARP protocol and its implementation within the Linux operating system. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.

Original languageEnglish (US)
Title of host publicationProceedings - 21st Annual Computer Security Applications Conference, ACSAC 2005
PublisherIEEE Computer Society
Number of pages9
ISBN (Print)0769524613, 9780769524610
StatePublished - 2005
Event21st Annual Computer Security Applications Conference, ACSAC 2005 - Tucson, AZ, United States
Duration: Dec 5 2005Dec 9 2005

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527


Other21st Annual Computer Security Applications Conference, ACSAC 2005
Country/TerritoryUnited States
CityTucson, AZ

All Science Journal Classification (ASJC) codes

  • Software
  • General Engineering


Dive into the research topics of 'TARP: Ticket-based address resolution protocol'. Together they form a unique fingerprint.

Cite this