Detecting End-Point (EP) Man-In-The-Middle (MITM) Attack based on ARP Analysis: A Machine Learning Approach

Authors

  • Jerry John Kponyo
  • Justice Owusu Agyemang Kwame Nkrumah University of Science and Technology
  • Griffith Selorm Klogo

DOI:

https://doi.org/10.17762/ijcnis.v12i3.4735

Abstract

End-Point (EP) Man-In-The-Middle (MITM) attack is a well-known threat in computer security. This attack targets the flow of information between endpoints. An attacker is able to eavesdrop on the communication between two targets and can either perform active or passive monitoring; this affects the confidentiality and integrity of the data flow. Several techniques have been developed by researchers to address this kind of attack. With the current emergence of machine learning (ML) models, we explore the possibility of applying ML in EP MITM detection. Our detection technique is based on Address Resolution Protocol (ARP) analysis. The technique combines signal processing and machine learning in detecting EP MITM attack. We evaluated the accuracy of the proposed technique using linear-based ML classification models. The technique proved itself to be efficient by producing a detection accuracy of 99.72%.

Author Biography

Justice Owusu Agyemang, Kwame Nkrumah University of Science and Technology

PhD Student

Downloads

Published

2020-12-21 — Updated on 2022-04-16

Versions

How to Cite

Kponyo, J. J., Agyemang, J. O., & Klogo, G. S. (2022). Detecting End-Point (EP) Man-In-The-Middle (MITM) Attack based on ARP Analysis: A Machine Learning Approach. International Journal of Communication Networks and Information Security (IJCNIS), 12(3). https://doi.org/10.17762/ijcnis.v12i3.4735 (Original work published December 21, 2020)

Issue

Section

Research Articles