The Eurasia Proceedings of Science Technology Engineering and Mathematics

Abstract

Networks have become an integral part of today's world. In recent days, the ease of installation, low cost, and high data rates have contributed significantly to their popularity, whether they are directly connected to the Internet Provider (ISP) or through a local area network (LAN) along with other devices. There are many protocols designed to facilitate the process of setting up these networks. However, in some of them, preliminary measures have not been taken in terms of security. The address resolution protocol (ARP) is essential for communication between devices on the same network to function properly by facilitating the matching of IP addresses in MAC addresses. ARP works as a message-based protocol instead of an address-based protocol (Yavuz et al. 2018). The ability to resolve addresses is essential in the context of computer networks, as it enables efficient and accurate communication between devices. An Address Resolution Protocol (ARP) spoofing attack, also known as ARP poisoning, poses a significant threat to network security. This attack involves the transmission of fraudulent ARP requests or responses on the network, which leads to the poisoning of the ARP cache of the hosts. As a result, attackers can impersonate other hosts, perform man-in-the-middle attacks, and gain unauthorized access to sensitive information (Abad and Bonilla, 2007; Nasser and Hussain, 2022; Gouda and Huang, 2003; Lootah and others. , 2007) . Within the scope of this study, the role of address resolution protocol in computer networks and a sample application for ARP spoofing architecture and measures were simulated and anomaly analysis was performed with machine learning techniques.