為了更有效利用中央處理器的效能,虛擬化也越來越被廣泛使用且非常容易建構,一台實體主機上同時執行多個虛擬作業體統是常見的情況,多台虛擬主機組成的虛擬網路,資料連接層的攻擊也跟著出現在這些虛擬網路上,例如網路位址解析欺騙、媒體存取控制位址替換攻擊等。由於虛擬主機有可預先包裝的特性,有很多已經包裝好特定服務的虛擬主機,方便使用者透過網路下載直接佈屬,如包裝 Apache 伺服器的虛擬主機,使用者下載佈屬後就立即使用,因為使用者無法掌握這些虛擬主機實際包裝的服務,使得虛擬主機不能被性任,我們想在Linux KVM 開源虛擬機器平台上實做,驗證一套不需複雜設定的資料連接層防護偵測系統是否可行,並以網路位址解析欺騙的偵測防護作為首要實做項目。;In order to make more effective use of CPU performance, virtualization has also become more and more widely used and very easy to build, it is a common situation to perform multiple virtual machines simultaneously on a physical host, virtual network composed of multiple virtual machines comes also, Layer 2 attacks also appeared on these virtual networks, for example ARP spoofing, MAC spoofing attacks. Because the virtual machine has packing features, lot of packed virtual machines can be downloaded at INTERNET, user can directly provision those packed virtual machines to physical host, we can′t ensued these is no any malicious software packed in the virtual machine, therefore the virtual machine download from INTERNET is un-trustable, above reasons made us want to implement a system in Linux KVM, verify the feasibility of a Layer 2 protection detection system that does not require complex settings, and take the detection and protection of ARP spoofing as the first practical item.