TITLE:
Address Resolution Protocol (ARP): Spoofing Attack and Proposed Defense
AUTHORS:
Ghazi Al Sukkar, Ramzi Saifan, Sufian Khwaldeh, Mahmoud Maqableh, Iyad Jafar
KEYWORDS:
Address Resolution Protocol, ARP Spoofing, Security Attack and Defense, Man in the Middle Attack
JOURNAL NAME:
Communications and Network,
Vol.8 No.3,
July
14,
2016
ABSTRACT: Networks have become an integral part of today’s world. The ease of deployment, low-cost and
high data rates have contributed significantly to their popularity. There are many protocols that
are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions
were not taken in some of them. In this paper, we expose some of the vulnerability that
exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP)
protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the
weaknesses of this protocol to deceive a victim’s machine and a router through creating a sort of
Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will
pass first through the attacker’s machine. This enables the attacker to inspect victim’s data packets,
extract valuable data (like passwords) that belong to the victim and manipulate these data
packets. We suggest and implement a defense mechanism and tool that counters this attack, warns
the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as
an operating system to implement both the attack and the defense tools. The results show the
success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient
way.