The Role of Client Isolation in Protecting Wi-Fi Users from ARP Spoofing Attacks
It addresses security for average users on public Wi-Fi networks, but is incremental as it tests an existing technology that is rarely enabled by default.
This study investigated whether enabling client isolation technology like PSPF on public Wi-Fi access points effectively protects users from ARP spoofing attacks, finding it to be a simple and potentially effective defense method.
This study investigates the role of the client isolation technology Public Secure Packet Forwarding (PSPF) in defending 802.11 wireless (Wi-Fi) clients, connected to a public wireless access point, from Address Resolution Protocol (ARP)cache poisoning attacks, or ARP spoofing. Exploitation of wireless attack vectors such as these have been on the rise and some have made national and international news. Although client isolation technologies are common place in most wireless access points, they are rarely enabled by default. Since an average user generally has a limited understanding of IP networking concepts, it is rarely enabled during access point configurations. Isolating wireless clients from one another on unencrypted wireless networks is a simple and potentially effective way of protection. The purpose of this research is to determine if a commonly available and easily implementable wireless client isolation security technology, such as PSPF, is an effective method for defending wireless clients against attacks.