Research And Application Of The ARP Defense System In The Industrial Ethernet Ring Network

With the rapid development of domestic internet and the advance of the industryinformatization, the development of industrial Ethernet ring network has beengradually mature. As a direct-to-production LAN, we have high requirement towardsreal-time, security and data integrity. It has some unconventional requirements ofsecurity and other characteristics. Towards this issue, many network securityequipment manufacturers always introduce new products. Nowadays, the achievementof the Firewall and switch security technology of the industrial network can shield theinsecure external network so that it can protect the industrial network. However, thereare still a lot of problems and shortcomings of the security function, such as thelimiting control of the switch can only do some simple rate restriction. It cannotdistinct the normal from abnormal flow competently. As the virus based on ARPprotocol vulnerabilities, any computer within the ring network once infected APRvirus will continue to send to the computer network and network equipment the illegalARP spoofing packets, thus leading to the interruption of network communication,unstable quality and great production safety risks.In this paper, we will analysis the actual usage and protection requirements ofindustrial Ethernet ring network of Longkou Mining Group; we will elaborate theimpact of the virus towards the industrial network. We concentrate on the APR virus,analysis the attack principle and the type. We clarify the current stream of the ARPdefense methods. According to the real requirement of industrial control network,there are four procedures to implement. Firstly, on the premise that the server in thering network and the IPC data interaction access could run smoothly, Secondly, weimplement the double binding strategy which means that computer MAC address andgateway binding and IP address within the switch and MAC address binding. Then,install independent ARP firewall in the computer in the ring network. At last, we willset up a network monitoring server, then analysis the data and locate the attack source,Finally formed a set of prevention system provide the opinions and the theoreticalbasis for the network security construction of coal mining.