The Role of Client Isolation in Protecting Wi-Fi Users from ARP Spoofing Attacks

TL;DR

This paper evaluates how client isolation technology PSPF can effectively protect Wi-Fi users from ARP spoofing attacks on public networks, highlighting its potential as a simple security measure.

Contribution

The study provides empirical evidence on the effectiveness of PSPF client isolation in preventing ARP spoofing attacks in Wi-Fi networks.

Findings

PSPF significantly reduces ARP spoofing success rates.

Client isolation prevents attackers from intercepting or poisoning ARP caches.

Enabling PSPF enhances Wi-Fi security with minimal configuration effort.

Abstract

This study investigates the role of the client isolation technology Public Secure Packet Forwarding (PSPF) in defending 802.11 wireless (Wi-Fi) clients, connected to a public wireless access point, from Address Resolution Protocol (ARP)cache poisoning attacks, or ARP spoofing. Exploitation of wireless attack vectors such as these have been on the rise and some have made national and international news. Although client isolation technologies are common place in most wireless access points, they are rarely enabled by default. Since an average user generally has a limited understanding of IP networking concepts, it is rarely enabled during access point configurations. Isolating wireless clients from one another on unencrypted wireless networks is a simple and potentially effective way of protection. The purpose of this research is to determine if a commonly available and easily implementable wireless client isolation security technology, such as PSPF, is an effective method for defending wireless clients against attacks.