Which attack involves sending malicious ARP packets to the default gateway on the network to alter the IP-MAC bindings in its ARP table?

This scenario centers on ARP poisoning or ARP spoofing. ARP is the protocol that translates IP addresses to MAC addresses on a local network, with devices keeping a cache of these mappings. By sending forged ARP packets to the network, an attacker makes the gateway (or other hosts) associate an IP address with the attacker’s MAC address. When the gateway believes the attacker’s MAC represents the router, traffic intended for the gateway is sent to the attacker instead, enabling interception, modification, or disruption of traffic—a classic man-in-the-middle or denial-of-service effect. Dynamic ARP Inspection is a defensive mechanism that validates ARP replies to prevent this, rather than being the attack itself. DHCP Snooping deals with DHCP message handling, not ARP mappings, and Switch Spoofing targets different switch behaviors. So the described action is ARP poisoning/spoofing.