在這個科技不斷快速發展的年代,許多科技人發現可以從資安漏洞取得許多利益,因此資訊安全漸漸地浮上檯面。然而即使在資安已經受到大家關注的同時,卻從來沒有一個好的方法去防禦ARP欺騙攻擊。本研究以ARP攻擊中最讓人無法察覺以及問題最為嚴重的中間人攻擊(Man In The Middle attack)為研究主題。 本研究SRA(a Solution to Router-Hijacking ARP spoofing attack)的防護點在於使用者之系統,網路設備對於ARP欺騙攻擊的防護並不在本篇範圍內。SRA系統開發於開放原始碼的Linux,並且著手於Linux核心空間(kernel space)中,許多研究著手在Linux的使用者空間(user space),但在使用者空間所得到的資訊幾乎已經是為時已晚,並不能第一時間防護,後續的額外動作也會特別多。 在此研究中找了許多可以達到ARP欺騙攻擊的工具,並且實際攻擊本系統,使用者完全受到本防護系統的保護,不受到影響並且繼續正常使用網路。 ;In this high technology period, many hackers figure out that they can get a lot of profits from security vulnerability, so everyone starts to concern about security. However, even everyone starts to concern about security, but never have a good method to defend ARP spoofing attack. This paper focuses on MITM (Man-In-The-Middle attack) which is most important method in ARP spoofing attack, and also hard to be detected. This paper implement a system which called SRA (a Solution to Router-Hijacking ARP spoofing attack), SRA defends attack at end point instead of network device, so network device doesn’t belong to this paper. SRA system develops on open source Linux, and implements in kernel space, a lot of papers implement their system in user space which is always too late to defend attack, because kernel is the first encounter point in Linux, also if you implement in user space that has a lot of efforts and resource to spend. This paper finds some tools which can achieve ARP spoofing attack, and actually attacks SRA system to see actual defend result. After using attack tools, end point is safe by SRA system, and also work normally without any side-effect.