SDN-Based ARP Attack Detection for Cloud Centers

To address the issue of internal network security, Software-Defined Network technology has been introduced to large-scale cloud centers, as it could not only improve network performance but also deal with network attacks. In order to prevent man-in-the-middle (MITM) and denial of service (DoS) attack caused by Address Resolution Protocol (ARP) bug in the cloud center, this paper proposed an algorithm using SDN technology to calculate the probability of a host being an attacker, and further give out a detect model based on the algorithm. Experiments prove the validity of this method.

[1]  Patrick D. McDaniel,et al.  TARP: ticket-based address resolution protocol , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[2]  Gopinath Ganapathy,et al.  A multilevel thrust filtration defending mechanism against DDoS attacks in cloud computing environment , 2014, Int. J. Grid Util. Comput..

[3]  Young-Sik Jeong,et al.  DS-ARP: A New Detection Scheme for ARP Spoofing Attacks Based on Routing Trace for Ubiquitous Environments , 2014, TheScientificWorldJournal.

[4]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[5]  Charles Kozierok,et al.  The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference , 2005 .

[6]  Cristina L. Abad,et al.  An Analysis on the Schemes for Detecting and Preventing ARP Cache Poisoning Attacks , 2007, 27th International Conference on Distributed Computing Systems Workshops (ICDCSW'07).

[7]  Santosh Biswas,et al.  A host based DES approach for detecting ARP spoofing , 2011, 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[8]  Han-Wei Hsiao,et al.  Constructing an ARP attack detection system with SNMP traffic data mining , 2009, ICEC.

[9]  Gao Jinhua,et al.  ARP spoofing detection algorithm using ICMP protocol , 2013, 2013 International Conference on Computer Communication and Informatics.

[10]  P. Pandey Prevention of ARP spoofing: A probe packet based technique , 2013, 2013 3rd IEEE International Advance Computing Conference (IACC).

[11]  Min Zhu,et al.  B4: experience with a globally-deployed software defined wan , 2013, SIGCOMM.

[12]  Santosh Biswas,et al.  LAN attack detection using Discrete Event Systems. , 2011, ISA transactions.

[13]  Danilo Bruschi,et al.  S-ARP: a secure address resolution protocol , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[14]  Minho Park,et al.  Collaborative approach to mitigating ARP poisoning-based Man-in-the-Middle attacks , 2013, Comput. Networks.