ARP Attacks aims at poisoning the ARP records of a machine so as to silently eavesdrop or manipulate all the data that is sent over the network. ARP spoofing is done so as to carry out MAN IN THE MIDDLE attacks where all traffic from client machine to a server is directed through an attacker’s machine. ARP attacks can only be carried out within a LAN. A security application is required that is capable of detecting ARP-based attacks originating within the network. Work out new approach to detect such attacks. The solution could use active/passive approaches to detect arp records tampering. The solution could be agent based which could be run on all machines on a network or a solution that could be run on network devices like switch/routers etc.
Students should form a small network of 4-5 computers. Students should simulate poisoning the arp table of a target system from another system in the network. The solution should be able to detect such an attack.
Sample Data Required: No