Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Address Resolution Protocol (ARP) is a widely used protocol that provides a mapping of Internet Protocol (IP) addresses to Media Access Control (MAC) addresses in local area networks. This protocol suffers from many spoofing attacks because of its stateless nature and lack of authentication. One such spoofing attack is the ARP Cache Poisoning attack, in which attackers poison the cache of hosts on the network by sending spoofed ARP requests and replies. Detection and mitigation of ARP Cache Poisoning attack is important as this attack can be used by attackers to further launch Denial of Service (DoS) and Man-In-The Middle (MITM) attacks. As with traditional networks, an ARP Cache Poisoning attack is also a serious concern in Software Defined Networking (SDN) and consequently, many solutions are proposed in the literature to mitigate this attack. In this paper, a detailed survey on various solutions to mitigate ARP Cache Poisoning attack in SDN is carried out. In this survey, various solutions are classified into three categories: Flow Graph based solutions; Traffic Patterns based solutions; IP-MAC Address Bindings based solutions. All these solutions are critically evaluated in terms of their working principles, advantages and shortcomings. Another important feature of this survey is to compare various solutions with respect to different performance metrics, e.g., attack detection time, ARP response time, calculation of delay at the Controller etc. In addition, future research directions are also presented in this survey that can be explored by other researchers to propose better solutions to mitigate the ARP Cache Poisoning attack in SDN.

[1]  Avijit Mallik,et al.  Man-in-the-middle-attack: Understanding in simple words , 2019 .

[2]  Mohammad S. Obaidat,et al.  A New Detection and Prevention System for ARP Attacks Using Static Entry , 2019, IEEE Systems Journal.

[3]  Mouad Ben Mamoun,et al.  An Overview on SDN Architectures with Multiple Controllers , 2016, J. Comput. Networks Commun..

[4]  Thierry Turletti,et al.  A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks , 2014, IEEE Communications Surveys & Tutorials.

[5]  Santosh Biswas,et al.  Detection of neighbor discovery protocol based attacks in IPv6 network , 2013 .

[6]  Zhiping Cai,et al.  An Active Defense Solution for ARP Spoofing in OpenFlow Network , 2019, Chinese Journal of Electronics.

[7]  Ailton Akira Shinoda,et al.  L3 - ARPSec – A Secure Openflow Network Controller Module to control and protect the Address Resolution Protocol , 2015 .

[8]  Young-Sik Jeong,et al.  DistBlockNet: A Distributed Blockchains-Based Secure SDN Architecture for IoT Networks , 2017, IEEE Communications Magazine.

[9]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[10]  Zenggang Xiong,et al.  Bayes-Based ARP Attack Detection Algorithm for Cloud Centers , 2016 .

[11]  Petri Mähönen,et al.  Riding the data tsunami in the cloud: myths and challenges in future wireless access , 2013, IEEE Communications Magazine.

[12]  Antonio F. Gómez-Skarmeta,et al.  Enabling Virtual AAA Management in SDN-Based IoT Networks † , 2019, Sensors.

[13]  Ayman I. Kayssi,et al.  IoT survey: An SDN and fog computing perspective , 2018, Comput. Networks.

[14]  Athanasios V. Vasilakos,et al.  Security in Software-Defined Networking: Threats and Countermeasures , 2016, Mobile Networks and Applications.

[15]  Sandhya,et al.  A survey: Hybrid SDN , 2017, J. Netw. Comput. Appl..

[16]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.

[17]  Hartmut König,et al.  An SDN-Based Approach to Ward Off LAN Attacks , 2018, J. Comput. Networks Commun..

[18]  Olivier Bonaventure,et al.  Opportunities and research challenges of hybrid software defined networks , 2014, CCRV.

[19]  Rosilah Hassan,et al.  Impacts evaluation of DoS attacks over IPv6 neighbor discovery protocol , 2019 .

[20]  Nadir Shah,et al.  Hybrid SDN Networks: A Survey of Existing Approaches , 2018, IEEE Communications Surveys & Tutorials.

[21]  Mohammad S. Obaidat,et al.  Address resolution protocol spoofing attacks and security approaches: A survey , 2018, Secur. Priv..

[22]  Deepak Sukheja,et al.  Impact of Sybil Attack and Security Threat in Mobile Adhoc Network , 2015 .

[23]  Jong Hyuk Park,et al.  FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing , 2016 .