Cover
Vol. 19 No. 2 (2023)

Published: December 31, 2023

Pages: 8-17

Original Article

An Effective Approach to Detect and Prevent ARP Spoofing Attacks on WLAN

Hiba Imad Nasser 1 Mohammed Abdulridha Hussain
1Department of Computer Science - University of Basrah, Coolege of Education for Pure Science, Basrah, Iraq
History
  • Received: November 20, 2022
  • Revised: January 16, 2023
  • Accepted: January 20, 2023
  • Available Online: April 8, 2023
DOI

https://doi.org/10.37917/ijeee.19.2.2

Abstract

Address Resolution Protocol (ARP) is used to resolve a host’s MAC address, given its IP address. ARP is stateless, as there is no authentication when exchanging a MAC address between the hosts. Hacking tactics using ARP spoofing are constantly being abused differently; many previous studies have prevented such attacks. However, prevention requires modification of the underlying network protocol or additional expensive equipment, so applying these methods to the existing network can be challenging. In this paper, we examine the limitations of previous research in preventing ARP spoofing. In addition, we propose a defence mechanism that does not require network protocol changes or expensive equipment. Before sending or receiving a packet to or from any device on the network, our method checks the MAC and IP addresses to ensure they are correct. It protects users from ARP spoofing. The findings demonstrate that the proposed method is secure, efficient, and very efficient against various threat scenarios. It also makes authentication safe and easy and ensures data and users’ privacy, integrity, and anonymity through strong encryption techniques.

Keywords

References

  1. Y. Li, D. Li, W. Cui, and R. Zhang, “2011 ieee 3rd international conference on communication software and networks,” CCSN 2011, pp. 554–557.
  2. M. Fareed and A. A. Yassin, “Privacy-preserving multi- factor authentication and role-based access control scheme for the e-healthcare system,” Bull. Electr. Eng. Informatics, vol. 11, no. 4, pp. 2131–2141, Aug. 2022.
  3. H. A. Noman, S. M. Abdullah, and H. I. Mohammed, “An automated approach to detect deauthentication and disassociation dos attacks on wireless 802 . 11 networks,” IJCSI International Journal of Computer Science Issues, vol. 12, no. 4, pp. 107–112, 2015.
  4. A. A. Galal, A. Z. Ghalwash, and M. Nasr, “A new approach for detecting and mitigating address resolution protocol (arp) poisoning,” Int. J. Adv. Comput. Sci. Appl., vol. 13, no. 6, 2022.
  5. Z. Abduljabbar, H. Jin, D. Zou, A. A. Yassin, Z. Hussien, and M. A. Hussain, “An efficient and robust one-time message authentication code scheme using feature ex- traction of iris in cloud computing,” Proc. 2014 Int. Conf. Cloud Comput. Internet Things, CCIOT 2014, pp. 22–35, 2014.
  6. A. S. Yadav, P. M. Natu, D. M. Sethia, A. B.Mundkar, and S. S. Sambare, “Prevention of spoofing attacks in wireless networks,” International Conference on Computing Communication Control and Automation, pp. 164–171, Feb. 2015.
  7. V. Rohatgi and S. Goyal, “A detailed survey for detec- tion and mitigation techniques against arp spoofing,” 4th International Conference on IoT in Social, Mobile, Ana- lytics and Cloud, ISMAC 2020, pp. 352–356, Oct. 2020.
  8. S. Duddu, A. Rishitasai, C. L. S. Sowjanya, G. R. Rao, and K. Siddabattula, “Secure socket layer stripping at- tack using address resolution protocol spoofing,” 4th International Conference on Intelligent Computing and Control Systems (ICICCS), pp. 973–978, May 2020.
  9. J. S. Meghana, T. Subashri, and K. R. Vimal, “A survey on arp cache poisoning and techniques for detection and mitigation,” 4th International Conference on Signal Processing, Communication and Networking (ICSCN), pp. 1–6, Mar. 2017.
  10. R. Kumar, S. Verma, and G. S. Tomar, “Thwarting ad- dress resolution protocol poisoning using man in the middle attack in wlan,” Int. J. Reliab. Inf. Assur., vol. 1, no. 1, pp. 7–18, Dec. 2013.
  11. J. Xia, Z. Cai, G. Hu, and M. Xu, “An active defense solution for arp spoofing in open flow network,” Chinese Journal of Electronics, vol. 28, no. 1, pp. 172–178, 2019.
  12. M. Alzuwaini and A. Yassin, “An efficient mechanism to prevent the phishing attacks,” Iraqi J. Electr. Electron. Eng., vol. 17, no. 1, pp. 1–11, Jun. 2021.
  13. S. Mahmood, S. M. Mohsin, and S. M. A. Akber, “Net- work security issues of data link layer: An overview,” 3rd Int. Conf. Comput. Math. Eng. Technol. Idea to Innov. Build. Knowl. Econ. iCoMET 2020), March, 2020.
  14. B. Prabadevi and N. Jeyanthi, “A framework to mitigate arp sniffing attacks by cache poisoning,” Int. J. Adv. Intell. Paradig., vol. 10, no. 1/2, p. 146, 2018.
  15. S. Hijazi and M. S. Obaidat, “A new detection and pre- vention system for arp attacks using static entry,” IEEE Systems Journal, vol. 13, no. 3, pp. 2732–2738, 2019.
  16. A. Majumdar, S. Raj, and T. Subbulakshmi, “Arp poi- soning detection and prevention using scapy,” J. Phys. Conf. Ser., vol. 1911, no. 1, May 2021. 17 | Nasser & Hussain
  17. G. A. Sukkar, R. Saifan, S. Khwaldeh, M. Maqableh, and I. Jafar, “Address resolution protocol (arp): Spoofing attack and proposed defense,” Commun. Netw., vol. 8, no. 3, pp. 118–130, 2016.
  18. M. Data, “The defense against arp spoofing attack using semi-static arp cache table,” 3rd International Confer- ence on Sustainable Information Engineering and Tech- nology, SIET 2018 - Proceedings, pp. 206–210, 2018.
  19. D. R. Rupal, D. Satasiya, H. Kumar, and A. Agrawal, “Detection and prevention of arp poisoning in dynamic ip configuration,” IEEE International Conference on Recent Trends in Electronics, Information and Commu- nication Technology (RTEICT), pp. 1240–1244, May 2016.
  20. F. A. Barbhuiya, S. Biswas, and S. Nandi, “An active host-based intrusion detection system for arp-related attacks and its verification,” International Journal of Network Security and Its Applications, vol. 3, no. 3, pp. 163–180, 2011.
  21. G. Jinhua and X. Kejian, “Arp spoofing detection algo- rithm using icmp protocol,” in 2013 International Con- ference on Computer Communication and Informatics, vol. 3, no. 5, pp. 1–6, Jan. 2013.
  22. J. C. Lin, M. J. Koo, and C. S. Wang, “A proposal for a schema for arp spoofing protection,” Appl. Mech. Mater., vol. 284–287, no. 5, pp. 3275–3279, Jan. 2013.
  23. V. Ramachandran and S. Nandi, “Detecting arp spoofing: An active technique,” Lect. Notes Comput. Sci. (includ- ing Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinfor- matics), vol. 3803, no. 5, pp. 239–250, 2005.
  24. A. Samvedi, S. Owlak, and V. K. Chaurasia, “Improved secure address resolution protocol,” pp. 201–211, June 2014.
  25. I. Martinovic, F. A. Zdarsky, A. Bachorek, C. Jung, and J. B. Schmitt, “Phishing in the wireless: Implementation and analysis,” pp. 145–156, 2007.
  26. A. M. AbdelSalam, W. S. Elkilani, and K. M. Amin, “An automated approach for preventing arp spoofing at- tack using static arp entries,” International Journal of Advanced Computer Science and Applications, vol. 5, no. 1, 2014.
  27. Z. Trabelsi and K. Shuaib, “Spoofed arp packets detec- tion in switched lan networks,” SECRYPT 2006 - Int. Conf. Secur. Cryptogr. Proc., pp. 40–47, 2006.