Prevention of ARP Spoofing in WLAN

Abstract

In this day and age, keeping up the security of data is an absolute necessity. These days WLAN has turned into the most widely recognized and mainstream arrange area. Network domains are constantly inclined to various system attacks. Among the expanding number of system assaults, ARP spoofing attack is a standout amongst the most perilous technique in the neighborhood. ARP is a stateless protocol and ARP Spoofing happens for the most part in view of the nonappearance of any system of checking the identity of the sending host. It has been seen that the greater part of the WLAN attacks results from ARP Spoofing. So avoidance, identification, and the decrease of this issue can stop the number of system attacks. This work talks about the avoidance of ARP ridiculing assault and some related deals with it.

Introduction

In wireless networks, devices use both MAC (hardware) and IP (logical) addresses to communicate. The Address Resolution Protocol (ARP) links these addresses, allowing data to be sent based on MAC addresses. When a device does not know the MAC of a target IP, it broadcasts an ARP request; the device with the matching IP responds with its MAC. However, ARP lacks a mechanism to verify replies, making networks vulnerable to ARP spoofing, where an attacker associates their MAC with another device’s IP to intercept or manipulate traffic.

The literature presents multiple approaches to detect and prevent ARP spoofing:

1. ICMP-based detection – Sniffs ARP packets and probes suspected hosts using ICMP requests.

2. Security frameworks – Bind IP to MAC addresses to secure local networks.

3. Probe-packet techniques – Detect both weak and strong attackers without modifying existing network architecture.

4. Reliable ARP tables for cloud – Use authenticated ARP tables to protect virtual machines.

5. Command-line detection – Compare stored genuine IP-MAC mappings with current values to identify spoofing.

6. DLNA device access control – Restrict unauthorized device access in home networks.

7. Web/WLAN spoofing detection – Use signature- and anomaly-based methods to detect attacks in wireless LANs.

The proposed approach enhances ARP security by using SHA-512 hash-based digital signatures. The receiver generates a hash of its IP and MAC, encrypts it, and sends it with the ARP reply. The sender decrypts and verifies the hash to ensure authenticity and integrity of the message. If the hashes match, the ARP reply is valid; if altered, it signals the presence of an attacker, effectively preventing ARP spoofing.

Conclusion

Amid the previous quite a long while, the establishment of remote WLAN in military and association is colossally expanding. ARP spoofing is regular attack in WLAN even after preventing rogue access point. The above talked about papers propose various practical techniques to identify and anticipate ARP mocking. These proposed arrangements anticipate ARP spoofing. SHA-512 followed by encryption provided authentication and confidentiality to the sent IP and MAC address which makes sure that there is no attack. Maybe a couple of these procedures can likewise be stretched out to other parodying assaults.

References

[1] Jinhua, G., &Kejian, X. (2013). ARP spoofing detection algorithm using ICMP protocol. In International Conference on Computer Communication and Informatics 2013. [2] Saini, R. R., & Gupta, H. (2015, September). A security framework against ARP spoofing. In Reliability, Infocom Technologies and Optimization (ICRITO) (Trends and Future Directions),2015 4th International Conference on (pp. 1-6). IEEE. [3] Pandey, P. (2013, February). Prevention of ARP spoofing: A probe packet-based technique. In Advance Computing Conference (IACC), 2013 IEEE 3rd International (pp. 147-153). IEEE. [4] Kang, H. S., Son, J. H., & Hong, C. S. (2015, August). Defence technique against spoofing attacks using reliable ARP table in cloud computing environment. In Network Operations and Management Symposium (APNOMS), 2015 17th Asia-Pacific (pp. 592-595). IEEE. [5] Sharma, D., Khan, O., &Manchanda, N. (2014, March). Detection of ARP Spoofing: A command line execution method. In Computing for S u s t a i n a b l e G l o b a l D e v e l o p m e n t (INDIACom), 2014 International Conference on (pp. 861-864). IEEE. [6] Wu, Y., & Zhi, X. (2015, August). ARP Spoofing Based Access Control for DLNA Devices. In Ubiquitous Intelligence and Computing and 2015 IEEE 12th Intl Conf on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UICATC-ScalCom), 2015 IEEE 12th Intl Con(pp. 1371-1376). IEEE. [7] Jitpukdebodin, S., Chokngamwong, R., &Kungpisdan, S. (2014, September). A novel web content spoofing technique on WLAN and its countermeasures. In Communications and Information Technologies (ISCIT), 2014 14th International Symposium on (pp. 254-258). IEEE.

Copyright

Copyright © 2025 Balamurugan Aathavan. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.