Skip to Main Content
Today, there are an increasing number of attack technologies among which ARP spoofing attack is considered as one of the easiest but dangerous method in local area networks. This paper discusses ARP spoofing attack and some related works about it first. On these bases, the paper proposed an efficient algorithm based on ICMP protocol to detect malicious hosts that are performing ARP spoofing attack. The technique includes collecting and analyzing the ARP packets, and then injecting ICMP echo request packets to probe for malicious host according to its response packets. It won't disturb the activities of the hosts on the network. It can also detect the real address mappings during an attack.