Analysis of ARP spoofing attacks using a mobile phone

This hot-spot was created for research on Dark UI Patterns and MITM attacks. The description of the experiment is described here.

The experiment is part of the master thesis Analysis of ARP spoofing attacks using a mobile phone by Kamil Brenski and supervised by Marcin Luckner, PhD.

Aim of the work: 

Analysis of possibility of ARP spoofing attacks and abusing android's VPN permissions to reroute network traffic using a mobile phone.


A subject of the work: 

Clients of public hotspots are exposed to various threats including man-in-the-middle attacks. A common belief is when we are using trusted networks our data are safe. However, other attacks like ARP Cache Poisoning are still dangerous for us.


The ARP protocol was not designed with security in mind. Therefore, a malicious client is able to establish a MITM connection on a trusted LAN using techniques like ARP spoofing. What this means in practice is that we should not feel secure if we do not trust every client of the network. 


The aim of this work is to create a mobile application based on Evil-AP that will be able to perform ARP spoofing. Additionally, the research will be done to check if it is possible to abuse android's VPN permissions to reroute network traffic. The created system will be tested on a projected test-bed.

For any future question please contact Marcin Luckner mluckner at 


Reference literature: 

Kamil BrenskiMaciej CholujMarcin Luckner: Evil-AP - Mobile Man-in-the-Middle Threat. CISIM 2017: 617-627

Park, M.W., Choi, Y.H., Eom, J.H., Chung, T.M.: Dangerous wi- access point:attacks to benign smartphone applications. Personal and Ubiquitous Computing 18(6), 1373{1386 (2014),