Abstract
Address spoofing attacks like ARP spoofing and DDoS attacks are mostly launched in a networking environment to degrade the performance. These attacks sometimes break down the network services before the administrator comes to know about the attack condition. Software Defined Networking (SDN) has emerged as a novel network architecture in which date plane is isolated from the control plane. Control plane is implemented at a central device called controller. But, SDN paradigm is not commonly used due to some constraints like budget, limited skills to control SDN, the flexibility of traditional protocols. To get SDN benefits in a traditional network, a limited number of SDN devices can be deployed among legacy devices. This technique is called hybrid SDN. In this paper, we propose a new approach to automatically detect the attack condition and mitigate that attack in hybrid SDN. We represent the network topology in the form of a graph. A graph based traversal mechanism is adopted to indicate the location of the attacker. Simulation results show that our approach enhances the network efficiency and improves the network security.
Highlights
Software Defined Network (SDN) is a new paradigm shift in a networking environment that brings a lot of new innovations and revolutions in traditional networking techniques
SDN controller is the main component of the SDN network, due to his reason SDN controller becomes more vulnerable to several types of attacks
In order to handle the problems of ARP spoofing and DDoS attack as discussed in the problem statement, we proposed an automatic network device identification mechanism, which detects the ARP spoofing attacks in hybrid SDN and mitigates these attacks with the help a proposed server
Summary
Software Defined Network (SDN) is a new paradigm shift in a networking environment that brings a lot of new innovations and revolutions in traditional networking techniques. A new network architecture is proposed that is based on a limited number of SDN switches deployed among legacy switches. This type of network is called Hybrid SDN. Currently in hybrid SDN, no proper mechanism to deal with these types of attacks. We propose an automatic ARP spoofing detection and mitigation mechanism for hybrid SDN This new mechanism prevents the LFA, ARP Spoofing and DDoS attack in hybrid SDN. ARP packets are analyzed for a possible attack in the hybrid SDN In this new mechanism, SDN controller is protected from attackers by diverting unnecessary processing to the proposed server.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have