利用软件定义网络(SDN)模式防止ARP中毒攻击

2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT) Pub Date : 2015-12-21 DOI:10.1109/AEECT.2015.7360549

M. Masoud, Yousf Jaradat, Ismael Jannoud

{"title":"利用软件定义网络(SDN)模式防止ARP中毒攻击","authors":"M. Masoud, Yousf Jaradat, Ismael Jannoud","doi":"10.1109/AEECT.2015.7360549","DOIUrl":null,"url":null,"abstract":"In this work, SDN has been utilized to alleviate and eliminate the problem of ARP poisoning attack. This attack is the underlying infrastructure for many other network attacks, such as, man in the middle, denial of service and session hijacking. In this paper we propose a new algorithm to resolve the problem of ARP spoofing. The algorithm can be applied in two different scenarios. The two scenarios are based on whether a network host will be assigned a dynamic or a static IP address. We call the first scenario SDN_DYN; the second scenario is called SDN_STA. For the evaluation process, a physical SDN-enabled switch has been utilized with Ryu controller. Our results show that the new algorithm can prevent ARP spoofing and other attacks exploiting it.","PeriodicalId":227019,"journal":{"name":"2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"39","resultStr":"{\"title\":\"On preventing ARP poisoning attack utilizing Software Defined Network (SDN) paradigm\",\"authors\":\"M. Masoud, Yousf Jaradat, Ismael Jannoud\",\"doi\":\"10.1109/AEECT.2015.7360549\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this work, SDN has been utilized to alleviate and eliminate the problem of ARP poisoning attack. This attack is the underlying infrastructure for many other network attacks, such as, man in the middle, denial of service and session hijacking. In this paper we propose a new algorithm to resolve the problem of ARP spoofing. The algorithm can be applied in two different scenarios. The two scenarios are based on whether a network host will be assigned a dynamic or a static IP address. We call the first scenario SDN_DYN; the second scenario is called SDN_STA. For the evaluation process, a physical SDN-enabled switch has been utilized with Ryu controller. Our results show that the new algorithm can prevent ARP spoofing and other attacks exploiting it.\",\"PeriodicalId\":227019,\"journal\":{\"name\":\"2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-12-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"39\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AEECT.2015.7360549\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AEECT.2015.7360549","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 39

摘要

在这项工作中，SDN被用来缓解和消除ARP中毒攻击的问题。这种攻击是许多其他网络攻击的底层基础设施，例如中间人攻击、拒绝服务攻击和会话劫持。本文提出了一种解决ARP欺骗问题的新算法。该算法可以应用于两种不同的场景。这两种场景取决于网络主机分配的是动态IP地址还是静态IP地址。我们称第一种场景为SDN_DYN;第二个场景称为SDN_STA。在评估过程中，Ryu控制器使用了支持sdn的物理交换机。实验结果表明，该算法可以有效防止ARP欺骗和其他利用该算法的攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

On preventing ARP poisoning attack utilizing Software Defined Network (SDN) paradigm

In this work, SDN has been utilized to alleviate and eliminate the problem of ARP poisoning attack. This attack is the underlying infrastructure for many other network attacks, such as, man in the middle, denial of service and session hijacking. In this paper we propose a new algorithm to resolve the problem of ARP spoofing. The algorithm can be applied in two different scenarios. The two scenarios are based on whether a network host will be assigned a dynamic or a static IP address. We call the first scenario SDN_DYN; the second scenario is called SDN_STA. For the evaluation process, a physical SDN-enabled switch has been utilized with Ryu controller. Our results show that the new algorithm can prevent ARP spoofing and other attacks exploiting it.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

自引率

0.00%

发文量