Page 12 - 2023-Vol19-Issue2
P. 12

Received: 20 November 2022 | Revised: 16 January 2023 | Accepted: 20 January 2023

DOI: 10.37917/ijeee.19.2.2                                      Vol. 19 | Issue 2 | December 2023

                                                                                   Open Access

Iraqi Journal for Electrical and Electronic Engineering

Original Article

    An Effective Approach to Detect and Prevent ARP

                  Spoofing Attacks on WLAN

                                                 Hiba Imad Nasser*, Mohammed Abdulridha Hussain
                 Department of Computer Science - University of Basrah, Coolege of Education for Pure Science, Basrah, Iraq

Correspondance
*Hiba Imad Nasser
Department of Computer Science,
College of Education for Pure Science
University of Basrah, Basrah, Iraq
Email: eduppg.hiba.amad@uobasrah.edu.iq

  Abstract
  Address Resolution Protocol (ARP) is used to resolve a host’s MAC address, given its IP address. ARP is stateless, as
  there is no authentication when exchanging a MAC address between the hosts. Hacking tactics using ARP spoofing are
  constantly being abused differently; many previous studies have prevented such attacks. However, prevention requires
  modification of the underlying network protocol or additional expensive equipment, so applying these methods to the
  existing network can be challenging. In this paper, we examine the limitations of previous research in preventing ARP
  spoofing. In addition, we propose a defence mechanism that does not require network protocol changes or expensive
  equipment. Before sending or receiving a packet to or from any device on the network, our method checks the MAC and
  IP addresses to ensure they are correct. It protects users from ARP spoofing. The findings demonstrate that the proposed
  method is secure, efficient, and very efficient against various threat scenarios. It also makes authentication safe and easy
  and ensures data and users’ privacy, integrity, and anonymity through strong encryption techniques.

  Keywords
  Network Security, ARP, ARP Spoofing, MITM.

                  I. INTRODUCTION                               network[4],[5]. A ”Man in the Middle” (MITM) attack is
                                                                one type of attack on a local area network (LAN) or WLAN
   The current network environment is rapidly evolving, where   with open access. This method allows attackers to sniff data
ordinary users can easily access the information they need      frames, modify traffic, or even stop traffic (ARP poisoning).
and receive services[1]. However, relying on such networks      The basic concept of ARP poisoning, or spoofing, is to use
also causes related security issues. Various problems exist     the ARP cache to provide a fake identity, server address, or
in network-based security incidents. Representative attack      gateway to network users so that the attacker can modify net-
methods include ”man in the middle” (MITM), ”denial of          work traffic[6]. If left unchecked, such attacks can disrupt
service” (DoS), ”sniffing,” ”spoofing,” ”poisoning,” and ”ses-  network traffic so that they can disconnect the internet on
sion hijacking,” among many others. These methods cause         devices connected to the network[7].
organizations and people to lose their lives[2].
                                                                    In addition, the ARP spoofing attack technology can per-
    A wireless Local Area Network (WLAN) is a type of           form a spoofing attack in a switching (local) environment.
Local Area Network (LAN) network that connects users via        However, most countries believe they are safe from these
radio frequency (RF) and infrared (IR) media[3]. Some busi-     attacks in a switching environment[8]. Automated and ad-
ness entities and even agencies have preferred to use WLAN      vanced tools are produced and distributed without permission.
technology because it is very easy to use. Still, only a few    The lack of awareness of the current problem increases the
pay attention to data communication security on the wireless

This is an open-access article under the terms of the Creative Commons Attribution License,
which permits use, distribution, and reproduction in any medium, provided the original work is properly cited.
©2023 The Authors.
Published by Iraqi Journal for Electrical and Electronic Engineering | College of Engineering, University of Basrah.

https://doi.org/ 10.37917/ijeee.19.2.2                                             |https://www.ijeee.edu.iq 8
   7   8   9   10   11   12   13   14   15   16   17