An Analysis of DHCP Vulnerabilities, Attacks, and Countermeasures

A large number of devices use the Dynamic Host Control Protocol (DHCP) protocol to obtain network configurations like IP address, gateway, Domain Name System (DNS) address, etc. However, the security aspect was not considered thoroughly during its design phase. As a result, it has several very lucrative vulnerabilities to many attackers. In this analysis, we discuss the major vulnerabilities of the DHCP protocol that can result in different attacks. These vulnerabilities include a lack of authentication, confidentiality, and integrity. We also explain different attacks that can be performed by exploiting these vulnerabilities, like rogue DHCP server attacks, DHCP starvation attacks, or replay attacks. Furthermore, we summarize the countermeasures proposed by the researchers to nullify and mitigate these attacks. Moreover, the advantages and drawbacks of the countermeasures are also discussed in this paper.