Abstract
Software Defined Network (SDN) is a new paradigm of networking which has transformed the traditional way of network management. It provides the network programmbility and wide visibility by introducing a level of abstraction which decouples the data plane and control plane. Though the concept of SDN is different than the traditional networks but still some of the traditional network security attacks still manifest in SDN such as ARP spoofing, LLDP spoofing etc. Existing solutions of ARP spoofing attacks for traditional networks may not give the best result because either solution is based on pre-stored MAC/IP binding or use cryptographic solutions. However, SDN can have an exclusive solution for security attacks without any alternation in the network. This paper proposes Traffic Pattern Based Solution to ARP Related Threats (FICUR), a novel method for verification and detection of ARP based attacks. In proposed method, the SDN controller has been extended by a module which gathers the required network parameters. This module also analyzes these parameters to verify and detect the attacks. Using SDN programmability mitigation is also performed on the fly. The validation of FICUR has been done on both the simulated environment using mininet and real time environment using HP switch. It was observed that the method is fast and does add a limited overhead to the network.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
