Analysis of various ARP poisoning mitigation techniques: A comparison

Abstract

Address Resolution Protocol (ARP) is the fundamental and one of the most frequently used protocol involved in computer communications. Within a LAN, ARP messages are used to resolve IP addresses into corresponding MAC addresses. Nevertheless, some of the limitations within this protocol make it rather vulnerable. The two most prominent limitations are - unauthenticated and stateless nature of ARP. The attackers can easily exploit these loopholes for their personal gain. ARP poisoning is considered as unitary of the basic attacks which is utilized to launch higher level attacks. Several solutions have been proposed in the literature to detect and prevent these attacks. However, all of the proposed solutions are limited to a certain extent. Some solutions are effective in a special set of scenarios while others are rather suited for scenarios belonging to a different band. As new techniques of ARP poisoning have evolved with time, researchers are getting motivated to propose new solutions. In this paper, we have presented a comparative analysis of different proposed solutions which are rather popular in the literature. We have compared different mitigation techniques based on some of the important factors that are considered as limitations to the proposed solutions. These factors are derived from the scenarios which are possible within a LAN when an ARP Poisoning attack is launched. A brief tabular format is likewise introduced in this paper which offers a fast overview of comparison between different proposed schemes. This comparative study can further be used to offer and build up a more efficient and effective scheme which, on one hand, enjoys the combined advantage of different mitigation techniques and on the other hand, does not hold the old limitations.