Detecting and Preventing ARP Spoofing Attacks Using Real-Time Data Analysis and Machine Learning

Authors

  • Mrinal Kumar School of Computer Science and Engineering, Guru Jambheshwar University of Science and Technology, Hisar, India
  • Chandra Sekhar Dash Senior Director, Governance, Risk and Compliance, Ushur Inc, Dublin, CA, USA

Keywords:

ARP spoofing, machine learning, Random Forest, Long Short-Term Memory (LSTM), Convolutional Neural Networks (CNNs), Support Vector Machines (SVM).

Abstract

ARP spoofing attacks contain certain risks in networks as they seem to intercept traffic and can lead the leakage of intellectual information. This research paper focuses on enhancing the method through which five algorithms namely: Random Forest, Long Short-Term Memory (LSTM) Networks, Convolutional Neural Networks (CNNs), Support Vector Machines (SVM) and Isolation Forest for ARP spoofing detection and prevention. In the process of the experiment, each algorithm is tested with the dataset of ARP traffic and the results are compared on the five criteria: of data; these are accuracy, precision, recall, F1-score, false positive rate, and the false negative rate. It can therefore be deduced that out of all the algorithms employed, Random Forest has the highest accuracy of 94 and high values of precision and recall thus making it more efficient in real-time ARP spoofing detection. Its effectiveness is equally high as the effectiveness of LSTM Networks and CNNs, which process temporal or spatial data, but work longer. SVMs are comparatively not bad in terms of accuracy to noise ratio, however, they are less accurate as compared to both Random Forest as well as CNNs. This method however lacks good accuracy and has high error values as portrayed above with Isolation Forest. Based on this analysis, conclusions are made that use of higher levels of ML leads to the detection of ARP spoofing implementing Random Forest as the best solution for enhancing the network security.

 

References

N. Ahuja, G. Singal, D. Mukhopadhyay, and A. Nehra, "Ascertain the efficient machine learning approach to detect different ARP attacks," Computers and Electrical Engineering, vol. 99, p. 107757, 2022. Available from: https://doi.org/10.1016/j.compeleceng.2022.107757

S. Hijazi and M. S. Obaidat, "A new detection and prevention system for ARP attacks using static entry," IEEE Systems Journal, vol. 13, no. 3, pp. 2732-2738, 2018. Available from: https://doi.org/10.1109/JSYST.2018.2880229

H. Salim, Z. Li, H. Tu, and Z. Guo, "Preventing ARP spoofing attacks through gratuitous decision packet," in 2012 11th International Symposium on Distributed Computing and Applications to Business, Engineering & Science, 2012, pp. 295-300. Available from: https://doi.org/10.1109/DCABES.2012.71

V. Hnamte and J. Hussain, "Enhancing security in Software-Defined Networks: An approach to efficient ARP spoofing attacks detection and mitigation," Telematics and Informatics Reports, vol. 14, p. 100129, 2024. Available from: https://doi.org/10.1016/j.teler.2024.100129

H. Puram, R. S. Kumar, and B. R. Chandavarkar, "Deep Learning based framework for dynamic Detection and Mitigation of ARP Spoofing attacks," in 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT), 2023, pp. 1-6. Available from: https://doi.org/10.1109/ICCCNT56998.2023.10308031

A. S. Alghawli, "Complex methods detect anomalies in real time based on time series analysis," Alexandria Engineering Journal, vol. 61, no. 1, pp. 549-561, 2022. Available from: https://doi.org/10.1016/j.aej.2021.06.033

H. W. Hsiao, C. S. Lin, and S. Y. Chang, "Constructing an ARP attack detection system with SNMP traffic data mining," in Proceedings of the 11th International Conference on Electronic Commerce, 2009, pp. 341-345. Available from: https://doi.org/10.1145/1593254.1593309

B. Scott et al., "An interactive visualization tool for teaching ARP spoofing attack," in 2017 IEEE Frontiers in Education Conference (FIE), 2017, pp. 1-5. Available from: https://doi.org/10.1109/FIE.2017.8190531

E. Unal, S. Sen-Baidya, and R. Hewett, "Towards prediction of security attacks on software defined networks: A big data analytic approach," in 2018 IEEE International Conference on Big Data (Big Data), 2018, pp. 4582-4588. Available from: https://doi.org/10.1109/BigData.2018.8622524

B. Alhan, S. Gönen, G. Karacayilmaz, M. A. Bari?kan, and E. N. Yilmaz, "Real-Time Cyber Attack Detection Over HoneyPi Using Machine Learning," Tehni?ki vjesnik, vol. 29, no. 4, pp. 1394-1401, 2022. Available from: https://doi.org/10.17559/TV-20210523121614

B. Al Sukhni, B. K. Mohanta, M. K. Dehury, and A. K. Tripathy, "A novel approach for detecting and preventing security attacks using machine learning in IoT," in 2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT), 2023, pp. 1-6. Available from: https://doi.org/10.1109/ICCCNT56998.2023.10307883

S. Sun, X. Fu, B. Luo, and X. Du, "Detecting and mitigating ARP attacks in SDN-based cloud environment," in IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2020, pp. 659-664. Available from: https://doi.org/10.1109/INFOCOMWKSHPS50562.2020.9162965

S. Jadhav, A. Thakur, S. Nalbalwar, S. Shah, and S. Chordia, "Detection and mitigation of ARP spoofing attack," in International Conference on Innovative Computing and Communication, Singapore: Springer Nature Singapore, 2023, pp. 383-396. Available from: https://doi.org/10.1109/I-SMAC49090.2020.9243604

B. A. Mantoo and P. Kaur, "A machine learning model for detection of man in the middle attack over unsecured devices," in AIP Conference Proceedings, vol. 2555, no. 1, 2022. Available from: https://doi.org/10.1063/5.0109151

N. S. R. Chanthati, "How the power of machine–machine learning, data science and NLP can be used to prevent spoofing and reduce financial risks," Global Journal of Engineering and Technology Advances, vol. 20, no. 2, pp. 100-119, 2024. Available from: https://doi.org/10.30574/gjeta.2024.20.2.0149

S. Cakir, S. Toklu, and N. Yalcin, "RPL attack detection and prevention in the Internet of Things networks using a GRU based deep learning," IEEE Access, vol. 8, pp. 183678-183689, 2020. Available from: https://doi.org/10.1109/ACCESS.2020.3029191

T. U. Chai, "Detection and prevention schemes for DDoS, ARP spoofing, and IP fragmentation attacks in smart factory," Doctoral dissertation, UTAR, 2023. Available from: https://doi.org/10.3390/systems11040211

N. Mahajan, A. Chauhan, H. Kumar, S. Kaushal, and A. K. Sangaiah, "A deep learning approach to detection and mitigation of distributed denial of service attacks in high availability intelligent transport systems," Mobile Networks and Applications, vol. 27, no. 4, pp. 1423-1443, 2022. Available from: https://doi.org/10.17487/RFC3261

Q. Sun, X. Miao, Z. Guan, J. Wang, and D. Gao, "Spoofing attack detection using machine learning in cross?technology communication," Security and Communication Networks, vol. 2021, no. 1, p. 3314595, 2021. Available from: https://doi.org/10.1155/2021/3314595

T. U. Chai, H. G. Goh, S. Y. Liew, and V. Ponnusamy, "Protection schemes for DDoS, ARP spoofing, and IP fragmentation attacks in smart factory," Systems, vol. 11, no. 4, p. 211, 2023. Available from: https://doi.org/10.3390/systems11040211

Downloads

Published

2024-09-23

How to Cite

[1]
M. Kumar and C. S. Dash, “Detecting and Preventing ARP Spoofing Attacks Using Real-Time Data Analysis and Machine Learning”, IJIRCST, vol. 12, no. 5, pp. 47–55, Sep. 2024.