Detecting End-Point (EP) Man-In-The-Middle (MITM) Attack based on ARP Analysis: A Machine Learning Approach

Abstract

End-Point (EP) Man-In-The-Middle (MITM) attack is a well-known threat in computer security. This attack targets the flow of information between endpoints. An attacker is able to eavesdrop on the communication between two targets and can either perform active or passive monitoring; this affects the confidentiality and integrity of the data flow. Several techniques have been developed by researchers to address this kind of attack. With the current emergence of machine learning (ML) models, we explore the possibility of applying ML in EP MITM detection. Our detection technique is based on Address Resolution Protocol (ARP) analysis. The technique combines signal processing and machine learning in detecting EP MITM attack. We evaluated the accuracy of the proposed technique using linear-based ML classification models. The technique proved itself to be efficient by achieving a detection accuracy of 99.72%.