ARP cache explained

An ARP cache[1] is a collection of Address Resolution Protocol entries (mostly dynamic), that are created when an IP address is resolved to a MAC address (so the computer can effectively communicate with the IP address).[2]

An ARP cache has the disadvantage of potentially being used by hackers and cyberattackers (an ARP cache poisoning attack). An ARP cache helps the attackers hide behind a fake IP address. Beyond the fact that ARP caches may help attackers, it may also prevent the attacks by "distinguish[ing] between low level IP and IP based vulnerabilities".[3]

Notes and References

  1. Moon. Daesung. Lee. Jae Dong. Jeong. Young-Sik. Park. Jong Hyuk. 2016-05-01. RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks. The Journal of Supercomputing. en. 72. 5. 1740–1756. 10.1007/s11227-014-1353-0. 255069126 . 0920-8542.
  2. Web site: Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic. TechRepublic. 12 May 2011 . en. 2017-07-14.
  3. Daniels. Thomas E.. Spafford. Eugene H.. 1999-01-01. Identification of host audit data to detect attacks on low-level IP vulnerabilities. Journal of Computer Security. en. 7. 1. 3–35. 10.3233/jcs-1999-7102. 0926-227X. 10.1.1.26.5458.