Denial of ARP spoofing in SDN and NFV enabled cloud-fog-edge platforms

Rangisetti, Anil Kumar; Dwivedi, Rishabh; Singh, Prabhdeep

doi:10.1007/s10586-021-03328-x

Cited by 12 publications

(8 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [9], Rangisetti et al proposed the SDN features using ARP packets. The authors handled switches using the controller in multiple subnets.…”

Section: Literature Reviewmentioning

confidence: 99%

“…We reviewed the DDoS and ARP spoofing attack using a literature review, which is not implemented In [9], Rangisetti et al proposed the SDN features using ARP packets. The authors handled switches using the controller in multiple subnets.…”

Section: Literature Reviewmentioning

confidence: 99%

“…DDoS and LFA are the most deployed network attacks in SDN. IP or ARP packets are designed to know about ARP spoofing attacks in SDN using MAC address [7] [8] [9]. The IP address of each system is designed to participate effectively in the network performance.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

Jamil

Ali

Jamil

2022

JISCR

View full text Add to dashboard Cite

Software Defined Networking (SDN) shows network operations to be performed for efficient network operations. Due to the increase in network devices, the percentage of attacks is also increased, and it is challenging to provide defense against such attacks. In SDN, the control plan is separated from the data plane. The control plan is implemented using some central devices called SDN controllers. In SDN Address Resolution Protocol (ARP), spoofing and Distributed Denial of Services (DDoS) attacks are carried out on an enormous scale. These are commonly launched attacks in SDN. Due to these attacks, the network performance is down, and network services are dead. This paper proposed a new auto detection methodology to detect ARP and DDoS attacks and mitigate SDN networks from these attacks. Additionally, we implemented two algorithms: one for flow rules and the second for attack detection. An individual server was installed to check the malicious traffic installation. We present the new forward flooding rules to detect and mitigate attacks. The experiments are performed using LINUX-based network implementation. Our proposal successfully improves network security and enhances network efficiency.

show abstract

“…In [9], Rangisetti et al proposed the SDN features using ARP packets. The authors handled switches using the controller in multiple subnets.…”

Section: Literature Reviewmentioning

confidence: 99%

Section: Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

Jamil

Ali

Jamil

2022

JISCR

View full text Add to dashboard Cite

show abstract

“…In [18], a study is presented that implements several methods for denying ARP spoofing attacks. The D-ARPSpoof solution is implemented on the Open Floodlight controller [31] in the control plane.…”

Section: Related Researchmentioning

confidence: 99%

“…To improve the response time in detecting and mitigating the attack, the current solution is implemented strictly in the data plane [17]. Other studies, although focusing on the data plane, still require a degree of interaction with the control plane [12,18,19], and no other research proposes such an isolated solution. The test networks are created with different congestion levels and with different numbers of devices to offer a comprehensive understanding of the needed computational impact and to clearly identify the feasibility of deploying the solution in certain environments depending on the criticality level.…”

Section: Introductionmentioning

confidence: 99%

An Extendable Software Architecture for Mitigating ARP Spoofing-Based Attacks in SDN Data Plane Layer

et al. 2022

View full text Add to dashboard Cite

Software-defined networking (SDN) is an emerging network architecture that brings benefits in network function virtualization, performance, and scalability. However, the scalability feature also increases the number of possible vulnerabilities through multiple entry points in the network. Address Resolution Protocol (ARP) spoofing-based attacks are widely encountered and allow an attacker to assume the identity of a different computer, facilitating other attacks, such as Man in the Middle (MitM). In the SDN context, most solutions employ a controller to detect and mitigate attacks. However, interacting with the control plane involves asynchronous network communication, which causes delayed responses to an attack. The current work avoids these delays by being implemented solely in the data plane through extendable and customizable software architecture. Therefore, faster response times improve network reliability by automatically blocking attackers. As attacks can be generated with a variety of tools and in networks experiencing different traffic patterns, the current solution is created to allow flexibility and extensibility, which can be adapted depending on the running environment. Experiments were run performing ARP spoofing-based attacks using KaliLinux, Mininet, and OpenVSwitch. The presented results are based on traffic pattern analysis offering greater customization capabilities and insight compared to similar work in this area.

show abstract

SDN‐Enabled Network Virtualization and Its Applications

Rangsietti

Kodali²

2022

Software Defined Networks

View full text Add to dashboard Cite

Denial of ARP spoofing in SDN and NFV enabled cloud-fog-edge platforms

Cited by 12 publications

References 39 publications

Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

An Extendable Software Architecture for Mitigating ARP Spoofing-Based Attacks in SDN Data Plane Layer

SDN‐Enabled Network Virtualization and Its Applications

Contact Info

Product

Resources

About