Keywords
ARP Spoofing, LAN, Cyberattack, Man-in-the-Middle, Network
Disciplines
Computer Engineering | Digital Communications and Networking | Engineering
Abstract
In modern network environments, the increasing sophistication of cyberattacks poses significant risks, particularly through Address Resolution Protocol (ARP) spoofing and Man-in-the-Middle (MITM) attacks, which exploit vulnerabilities in local area networks. Existing tools often focus on detection or protection at the client side, leaving network-wide detection and response largely unaddressed. This paper presents a novel intrusion detection tool specifically designed to identify ARP spoofing and MITM attacks in real-time within local area networks. The system leverages Python and Scapy for low-level packet analysis and Flask for an intuitive web-based dashboard. Key features include network monitoring, attack detection through ARP table comparisons, logging capabilities, and attack attribution by identifying malicious IP addresses. The tool was tested in a controlled lab environment, demonstrating high accuracy in detecting ARP spoofing attempts, even in complex network scenarios. The findings underscore the tool's potential as a foundational step toward developing comprehensive mitigation solutions for securing local networks. Future work aims to integrate automated mitigation strategies and expand the system's applicability to larger network infrastructures.
Author ORCID Identifier
Hiba Bazzi - https://orcid.org/0009-0001-7982-9713
Ali Nassar - https://orcid.org/0009-0008-3743-7851
Mustafa EL Bizri - https://orcid.org/0000-0003-3958-6654
Ali M. Haidar - https://orcid.org/0000-0001-8065-3658
Recommended Citation
Bazzi, Hiba; Nassar, Ali; El Bizri, Mustafa; and Haidar, Ali M. Prof.
(2024)
"A PRACTICAL INTRUSION DETECTION APPROACH FOR ARP SPOOFING AND MITM IN LOCAL AREA NETWORKS,"
BAU Journal - Science and Technology: Vol. 6:
Iss.
1, Article 10.
DOI: https://doi.org/10.54729/2959-331X.1148
ISSN
2959-331X
