You cannot use DHCP as a security mechanism. If a DHCP client elects not to follow the protocol, a network administrator can do little, other than to track down the offending device and shut it off. A malicious user who wants to access the network can always simply make up an IP address, send an ARP request for it, and then, if it does not get an answer, use the fabricated address. Access control based on client identification can be very convinient, but it does not prevent unauthorized access to a network. [Droms and Lemon, 2002, p. 16]
Droms, Ralph Ph. D. & Lemon, Ted (2002), <i>The DHCP Handbook, Second Edition</i>, Indianapolis: Sams Publishing.