An Automated approach for Preventing ARP Spoofing Attack using Static ARP Entries

ARP spoofing is the most dangerous attack that threats LANs, this attack comes from the way the ARP protocol works, since it is a stateless protocol. The ARP spoofing attack may be used to launch either denial of service (DoS) attacks or Man in the middle (MITM) attacks. Using static ARP entries is considered the most effective way to prevent ARP spoofing. Yet, ARP spoofing mitigation methods depending on static ARP have major drawbacks. In this paper, we propose a scalable technique to prevent ARP spoofing attacks, which automatically configures static ARP entries. Every host in the local network will have a protected non-spoofed ARP cache. The technique operates in both static and DHCP based addressing schemes, and Scalability of the technique allows protecting of a large number of users without any overhead on the administrator. Performance study of the technique has been conducted using a real network. The measurement results have shown that the client needs no more than one millisecond to register itself for a protected ARP cache. The results also shown that the server can a block any attacker in just few microsecond under heavy traffic.