Proactive Defence Against ARP Poisoning: A Rule-Based Solution

Ensuring the security of data transmitted over a network is a critical aspect of modern-day internet usage. Man-in- the-Middle (MITM) is one of the prevalent form of network secu- rity vulnerability, where in the communication channel attacker listens between two hosts to obtain their data. When it comes to Local Area Network (LAN), as a destination address to send data Media Access Control (MAC) address is utilized, and Address Resolution Protocol (ARP) helps to resolve the IP to MAC mechanism. However, the ARP protocol’s lack of authentication makes it vulnerable to attackers who can easily execute a MITM attack using the ARP poisoning technique. In this paper, proposes an algorithm that defends against ARP poisoning attacks by employing a Rule-Based solution implemented in one of the host in the network which will be considered as an Admin host. By having the Admin host, client-side implementation is not required. Once an ARP poisoning attack is detected, the Rule-Based algorithm aids in recovery by utilizing a legitimate ARP packet containing the appropriate contents. This proactive measure effectively prevents the ARP poisoning attack from further compromising the network.