ARP Spoofing in Launching Man-in-the-Middle Attack

Abstract

Man-in-the-Middle (MITM) attack is a typical eavesdropping cyberattack. The attacker can launch a MITM attack whenever the attacker and victims are on the same network. Here is a scenario: A MITM attacker connects to Subway’s Wi-Fi and waits for the victim to connect to the Subway Wi-Fi. Eventually, Victim A walks in and connects to Subway’s Wi-Fi. Once Victim A gets connected and is on the same network as the attacker, the attacker can launch an attack to intercept the network traffic of Victim A. Therefore, everyone on the same network connection with the attacker can be the target of a MITM attack. In this paper, the MITM attack will be introduced. The attacker can spy on the victim, steal sensitive credentials, disrupt communications, or even corrupt the data through the said attack. To discover how the MITM attack works, this paper explains it based on the ARP Spoofing attack, which exploits the ARP protocol to send out forged ARP responses. ARP Spoofing attack is one of the MITM attacks. This paper emphasises the MITM attack phases, different types of MITM attacks, ARP Spoofing attacks, and how ARP works. The demonstration of steps for launching an ARP Spoofing attack and the tools involved, like Nmap, Arpspoof, and Wireshark, are also included.