<![CDATA[ARP poisoning is a prevalent security threat in Wireless Local Area Networks (WLANs), enabling attackers to manipulate ARP tables and perform man-in-the-middle attacks. This study develops a machine learning-based detection system to identify ARP poisoning incidents in real-time, using Random Forest, AdaBoost, and a hybrid Random Forest-AdaBoost ensemble model. Data was collected from a public Wi-Fi environment in Surabaya, consisting of 11,225 ARP traffic records, augmented with simulated ARP poisoning attacks. Data preprocessing included exploratory analysis, feature engineering, encoding, and dataset balancing to improve model performance. Experimental results demonstrate that the hybrid ensemble model achieved the highest accuracy (99.92% on validation and 99.94% on testing), but its inference time of 517.30 ms rendered it unsuitable for real-time deployment. In contrast, the AdaBoost model achieved similar accuracy with significantly faster inference latency (7.82–14.93 ms), making it the most efficient model for live monitoring. The optimized AdaBoost classifier was then deployed through a Telegram-based alert system integrated with Scapy for continuous packet inspection and immediate attack notifications. This study contributes to the advancement of real-time intrusion detection mechanisms for WLAN environments by demonstrating the effectiveness of ensemble learning in ARP poisoning detection. Furthermore, it emphasizes the importance of balancing detection accuracy with computational efficiency for practical deployment in dynamic network environments. The findings offer insights into developing scalable, low-latency security solutions and lay the groundwork for future research on adaptive, real-time detection frameworks.]]>
