Thwarting Address Resolution Protocol Poisoning using Man In The Middle Attack in WLAN

Abstract

The Address Resolution Protocol (ARP) takes the IP address and determines the corresponding MAC address through a broadcast reply mechanism. ARP poisoning can be done though a Man in the Middle (MITM) attack. In this paper, we present a trust based mechanism for addressing the problem of MITBM based ARP poisoning in a WLAN. The problem of ARP poisoning becomes acute in the wireless LAN environment due limited bandwidth, computation and memory, intermittent connectivity of nodes and the shared nature of the wireless broadcast channel. The resource constraints preclude employment of cryptographic primitives for authentication. The volatile connectivity and the possibility of continual arrival and departure from the networks makes manual configuration difficult. The proposed solution allows pairing of an IP address with multiple MAC addresses. This mapping prioritized according to an online trust mechanism. The implementation only requires the devices in the network to update their kernel with the modified ARP scheme. To determine the efficacy of the proposed method, it was implemented in FreeBSD kernel and tested for the successful prevention of MITM based ARP poisoning attack in a WLAN network.