ARP cache

An ARP cache{{Cite journal|last1=Moon|first1=Daesung|last2=Lee|first2=Jae Dong|last3=Jeong|first3=Young-Sik|last4=Park|first4=Jong Hyuk|date=2016-05-01|title=RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks|journal=The Journal of Supercomputing|language=en|volume=72|issue=5|pages=1740–1756|doi=10.1007/s11227-014-1353-0|s2cid=255069126 |issn=0920-8542}} is a collection of Address Resolution Protocol entries (mostly dynamic), that are created when an IP address is resolved to a MAC address (so the computer can effectively communicate with the IP address).{{Cite web|url=http://www.techrepublic.com/blog/windows-and-office/quick-tips-flush-the-arp-cache-in-windows-7/|title=Quick Tips: Flush the ARP cache in Windows 7 - TechRepublic|website=TechRepublic|date=12 May 2011 |language=en|access-date=2017-07-14}} The term can be used interchangeably with ARP table,{{Citation needed|date=April 2025}} although the latter is sometimes a distinct statically configured table.{{cite web |url=https://www.fortinet.com/resources/cyberglossary/what-is-arp |title=What Is Address Resolution Protocol (ARP)? |publisher=Fortinet |quote=The ARP cache is dynamic, but users on a network can also configure a static ARP table containing IP addresses and MAC addresses.}}{{cite web |url=https://arubanetworking.hpe.com/techdocs/AOS-S/16.10/MRG/WB/content/common%20files/how-arp-wor4.htm |title=How ARP works |quote=A static entry enters the ARP cache from the static ARP table (which is a separate table)... |publisher=Aruba Networks}}

An ARP cache has the disadvantage of potentially being used by hackers and cyberattackers (an ARP cache poisoning attack). An ARP cache helps the attackers hide behind a fake IP address. Beyond the fact that ARP caches may help attackers, it may also prevent the attacks by "distinguish[ing] between low level IP and IP based vulnerabilities".{{Cite journal|last1=Daniels|first1=Thomas E.|last2=Spafford|first2=Eugene H.|date=1999-01-01|title=Identification of host audit data to detect attacks on low-level IP vulnerabilities|journal=Journal of Computer Security|language=en|volume=7|issue=1|pages=3–35|doi=10.3233/jcs-1999-7102|issn=0926-227X|citeseerx=10.1.1.26.5458}}