[1] D. Plummer. An ethernet address resolution protocol, Nov. 1982. RFC 826.
[2] R. W. Stevens. TCP/IP Illustrated, Volume 1: The Protocols. Addison–Wesley Professional Computing Series, January 1994.
[3] Cristina L. Abad and Rafael I. Bonilla. An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks IEEE 2007
[4] R. W. Stevens. TCP/IP Illustrated, vol 1. Addison Wesley,2001.
[5] M. Tripunitara and P. Dutta. A middleware approach to asynchronous and backward compatible detection and prevention of ARP cache poisoning. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC’99), Dec. 1999.
[7] L. N. R. Group. arpwatch, the ethernet monitor program; for keeping track of ethernet/ip address pairings. <ftp://ftp.ee.lbl.gov/arpwatch.tar.gz>, (Last accessed April 17, 2006)
[8] Snort Project, The. Snort: The open source network intrusion detection system, 006. <http://www.snort.org>. (Last accessed April 17, 2006).
[9] M. Carnut and J. Gondim. ARP spoofing detection on switched Ethernet networks: A feasibility study. In Proceedings of the 5th Nov.2003.
[10] ARP-Guard. <http://www.arp-guard.com>. (Last accessed April 17, 2006).
[11] T. Demuth and A. Leitner. ARP spoofing and poisoning: Traffic tricks. Linux Magazine, 56:26–31, July 2005.
[12] Wesam Lootah, William Enck, and Patrick McDaniel. TARP: Ticket-based Address Resolution Protocol. 2005 IEEE
[13] D. Song. dsniff. <http://monkey.org/˜dugsong/dsniff/>. (Last accessed April 17, 2006).