SDN-based Defending Against ARP Poisoning Attack

In the field of computer networks, the introduction of SDN has been associated with new concepts. In SDN networks, control plane is separated from the data palne. Traditional networks suffer from difficult configuration and management. In other words, a change in the network needs to be configured on the whole equipment. With the introduction of SDN, various modules can be designed and run in controller in order to perform expected policies and rules on all switches. One of the areas of network management is to deal with cyber-attacks. In SDN networks, security modules can be designed to run in the controller and generate rules on switches. Due to the importance of intranets, this paper aimed to detect and prevent ARP poisoning attack on LAN. The tests in a LAN showed that the module can detect the ARP poisoning attack and block the attacker operation.

[1]  Yonggang Wen,et al.  “ A Survey of Software Defined Networking , 2020 .

[2]  Kemal Akkaya,et al.  An Efficient and Secure ARP for Large-Scale IEEE 802.11s-based Smart Grid Networks , 2013, ADHOCNETS.

[3]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[4]  Nick Feamster,et al.  Improving network management with software defined networking , 2013, IEEE Commun. Mag..

[5]  Nikhil Tripathi,et al.  Analysis of various ARP poisoning mitigation techniques: A comparison , 2014, 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT).

[6]  Cristina L. Abad,et al.  An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks , 2007, 27th International Conference on Distributed Computing Systems Workshops (ICDCSW'07).

[7]  Marcial P. Fernandez,et al.  Evaluating OpenFlow Controller Paradigms , 2013 .