MAN IN THE MIDDLE (MITM) ATTACK DETECTION TOOL DESIGN

Man in the Middle (MITM) attack is aimed at seizing data between two nodes. The ARP Spoofing/Poisoning technique is a technique frequently used by attackers which allows MITM attacks to be carried out on local area networks (LANs). The attack exploits the vulnerabilities of ARP, which is a stateless protocol. This attack, which is carried out quite simply and quickly, can induce a high level of threats on the targets. Therefore, it is crucial to be protected against this type of attack. Many medium-sized and large-sized enterprises are generally not exposed to this attack because of reliable network infrastructures and commercial software they utilized against MITM attacks. However, small-sized enterprises and individuals are frequently exposed to this threat. The purpose of this study is to design a simple, fast and reliable MITM attack detection tool for LAN users who are often exposed to the threat. In our study, we present the basic characteristics of the MITM Detection Tool, which detects ARP Spoofing/Poisoning attacks on clients. Based on the findings from the comprehensive review of related literature and tests performed on Kali Linux and Windows 7 OS machines, how MITM attacks can be performed and detected are described.