Open In App

What is ARP Spoofing Attack?

Last Updated : 24 Aug, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

Spoofing is a type of attack in which hackers gain access to the victim’s system by gaining the trust of the victim (target user) to spread the malicious code of the malware and steal data such as passwords and PINs stored in the system.In Spoofing, psychologically manipulating the victim is the main target of the hacker.

Address Resolution Protocol:

ARP stands for Address Resolution Protocol. It is a communication protocol that is one of the important network layer protocols in the OSI model and is used to determine a device’s Media Access Control (MAC) address based on its Internet Protocol (IP) address in order to communicate with other devices on the network 

ARP Spoofing Attack:

ARP spoofing is a cyber attack that allows hackers to intercept communications between network devices on a network. Hackers can also use ARP spoofing to alter or block all traffic between devices on the network.

ARP Spoofing Attack

 

Types of ARP Spoofing:

  • Man-in-the-Middle: In the Man-in-the-Middle Attack, hackers use ARP spoofing to intercept communications that occur between devices on a network to steal information that is transmitted between devices. Sometimes, hackers also use man-in-the-middle to modify traffic between network devices.
  • Session hijacking: In Session hijacking, With the help of ARP spoofing hackers are able to easily extract the session ID or gain inauthentic access to the victim’s private systems and data.
  • Denial-of-service attacks: Denial-of-service attack is a type of attack in which one or more victims deny to access the network. With the help of ARP spoofing, A single target victim’s mac address is linked with multiple IP addresses. Due to this whole traffic is shifted toward the target victim’s mac address which causes overloading of the network of the target victim with traffic.

Working:

  • Scanning: Hackers use ARP spoofing tools to scan the IP and MAC addresses of hosts.
  • Selection and Launching: Hackers select their target and then send ARP packets over the local network containing the hacker’s MAC address and the target’s IP address.
  • Accessing: Once the ARP cache on the host on the local network is corrupted. Then the data the host wants to send to the victim is sent to the hacker instead of the victim. Hackers can steal data or launch other attacks from here.

Preventive Measure:

  • Cryptographic Network Protocols: With the help of encrypted communication protocols like Transport Layer Security (TLS), HTTP Secure (HTTPS), and Secure Shell (SSH), We are able to reduce the chance of an ARP Spoofing attack.
  • Packet Filtering: With the help of packet filters, we can protect the network from maliciously transmitted packets on the network as well as suspicious IP addresses.
  • Virtual Private Network: The most useful preventive measure against ARP spoofing attacks is to use a VPN (Virtual Private Network).
  • ARP Spoofing Detection Software: With the help of ARP Spoofing Detection Software it is easier to detect ARP spoofing attacks as it helps in inspecting and certifying data before data is transmitted.

Like Article
Suggest improvement
Previous
What is Rogue DHCP Server Attack?
Next
How to Prevent DNS Poisoning and Spoofing?
Share your thoughts in the comments

Similar Reads

How to make an ARP Spoofing attack using Scapy - Python
What is MAC Spoofing Attack?
ARP in Wireshark
How to Prevent DNS Poisoning and Spoofing?
Difference Between Spoofing and Hijacking
Man-in-the-Browser Attack
What is a Default Password Attack Threat?
What is Attack Surface?
What is Codebook Attack?
What is Sniffing Attack in System Hacking?
author
ishukatiyar16
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox