Once it is deemed that an ARP spoofing attack has taken place, the changed (IP, MAC) pair of the ARP cache table is restored to that stored in the memory and is converted to static.
This scheme detects ARP attacks through real-time monitoring of the ARP cache table and a routing trace and protects the hosts from attackers through ARP Link Type Control which changes from dynamic to static.
Philip, Securing wireless networks from ARP cache poisoning [M.S.
Bonilla, "An analysis on the schemes for detecting and preventing ARP cache poisoning attacks," in Proceeding of the 27th International Conference on Distributed Computing Systems Workshops (ICDCSW '07), pp.
Cha, "ASA: agent-based secure ARP cache management," IET Communications, vol.
Abad, "Preventing ARP cache poisoning attacks: a proof of concept using OpenWrt," in Proceedings of the 6th IEEE/IFIP Latin American Network Operations and Management Symposium (LANOMS '09), pp.