How it works
Here is a common ARP use case scenario: two computers are on the same Ethernet network, they have each other’s IP addresses, but MAC addresses are unknown. However, Ethernet network can’t transmit data based on IP addresses.
To solve the problem one of the computers sends a broadcast request with the required IP address to all hosts on the same domain. The computer with the required IP address in its turn replies with its MAC address. This enables data transmission.
The use of IP networks built on top of Ethernet is really widespread, and ARP is always used in such cases. That is why it has become popular too.
Security
ARP cache is checked whenever a MAC address is requested to transmit data. This helps to avoid sending a request again if the needed MAC address has been resolved earlier, and it is still stored in the ARP cache. The ARP cache size is limited, usually, it can store MAC addresses only for several minutes. The cache is also regularly flushed. This is necessary to ensure users privacy and security, as well as to prevent IP address spoofing and session hijacking attacks. Besides, all information about any unsuccessful attempts to contact hosts out of the network is deleted during the ARP cache flushing.