DetecSec: A Framework to Detect and Mitigate ARP Cache Poisoning Attacks

Abstract

As the use of computers in professional and educational places in non-technical fields has increased over the years, so have the number of people with malicious intent. This has given rise to a number of people who use scripts they find on the Internet to attack other computers on their networks for fun or with other malicious intent and are often known as “script kiddies.” Most solutions in the market for such problems are either extremely bulky or have to be paid for and often require command line mastery and sufficient knowledge on network administration. In this paper, a framework is proposed to help prevent one of the most common types of attack known as man-in-the-middle attack which is often done to either sniff or steal personal data. It can also be used to perform denial-of-service attacks by dropping the packets as the man-in-the-middle. The proposed framework will detect any rogue user in the network attempting to impersonate another user for such activities and will report them to whoever the administrator is, without requiring much technical knowledge. The framework also has built-in security measures to prevent attacks on the framework itself and to prevent having a single point of failure.