Journal
Scientific and Technical Journal of Information Technologies, Mechanics and Optics
UDK004.89
Issue:3 (133)
Download PDF0 Kbyte
An efficient mechanism to detect and mitigate an ARP spoofing attack in software-defined networks
Annotation
The work focuses on software-defined network security, as it was always one of these foremost critical concerns due to the centralized nature in SDN architecture where many serious attacks in traditional networks still appear in SDN networks such as ARP spoofing attack despite many existing security algorithms, methods and systems. In this work, we proposed a new approach to secure SDN from an ARP poisoning attack. The new solution extends the controller with a new module that uses a new algorithm to detect and mitigate the ARP spoofing attacks according to three states of each host in the network. The new mechanism involves the DHCP and manual assignment of IP addresses using three classes to classify the hosts according to their situations in the network. The CHT helps to set the host in an intermediate state between verifying and banning and detect the attack according to the next step of the host. The proposed mechanism was tested successfully in a simulated environment using Mininet and POX controller. The solution was effectively able to accomplish the objective for which it was built, with a limited overhead on the network. This proposed solution neither has an extra overload in the network, nor requires any changes in the infrastructure or additional hardware to install. According to the experiment results of this solution, the average time to detect the ARP spoofing attack is about 11 ms, with minor overhead on the controller CPU.
Keywords
Постоянный URL
Articles in current issue
- An approach to photogrammetric processing of indirect optical location data
- Sensing element for the formation fluid refractometer on the basis of total internal reflection
- A method for analysing the color rendering of digital cameras. Scientific and Technical Journal of Information Technologies, Mechanics and Optics
- An analysis of methods for aberrated spot diagram center evaluation
- Investigation of the accuracy of measuring the parameters of remote objects observed by the optical-electronic system with a light field recorder
- Evaluation of permissible pixel positioning errors for displaying computer-generated holograms in projection photolithography
- The study of spontaneous domain nucleation in the interelectrode gap of phase modulator based on titanium indiffused waveguides in lithium niobate crystals
- Adaptive observer design for time-varying nonlinear systems with unknown polynomial parameters
- Development of a new plasma technology for producing pure white corundum.
- The investigation of dynamic properties of 3D-printed steel parts
- An algorithm for detecting leaks of insider information of financial markets in investment consulting.
- Investigation of numerical approaches to modeling large-scale turbulent vortex flows in the mode of vertical take-off and landing of an aircraft.
- Mathematical modeling and identification of surface vessel model parameters
- Methodological support of the working group in predicting the results of the classification expertise
- Automatic allergy classification based on Russian unstructured medical texts
- An analysis of methods for assessing information security risks of financial institutions