A New Look at an Old Attack: ARP Spoofing to Create Routing Loops in Ad Hoc Networks

This paper examines a new application of the well-known ARP spoofing (or ARP cache poisoning) attack. Traditionally, ARP spoofing has been applied in local area networks to allow an attacker to achieve a man-in-the-middle position against target hosts, or to implement a denial of service by routing messages to non-existent hardware addresses. In this paper, we introduce a variant of ARP spoofing in which a routing loop is created in a target wireless ad hoc network. The routing loop not only results in a denial of service against the targeted hosts, but creates a resource consumption attack, where the targets waste power and occupy the channel, precluding its use by legitimate traffic. We show experimental results of an implementation and provide suggestions as to how to prevent, detect, or mitigate the attack.