Using JPCAP to Prevent Man-in-the-Middle Attacks in a Local Area Network Environment

Internal attacks are as dangerous and malicious as external attacks. A man-in-the-middle (MITM) attack is a serious problem. The attacker can hijack the connection between two communicating parties and capture the packets between them. He or she can modify, add, or prevent the data from reaching the victim. Address resolution protocol (ARP) poisoning can easily exploit the vulnerability present in ARP. Through this, an attacker can easily perform further attacks such as sniffing, denial of service, and MITM among others. The methodology to prevent MITM attacks conducted by ARP spoofing is to first assign unique IP addresses to every node on the local area network (LAN) based upon their MAC address. The algorithm by which IP addresses are assigned is DepMAC-IP proposed in 2010. For example, when working in the Windows OS environment, the existing ARP cannot be changed. The JPCAP (a Java library for capturing and sending network packets) must be used to capture ARP replies. JPCAP is open source and is licensed under GNU LGPL. It can capture Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets.