{"title":"缓解SDN数据平面SYN泛洪攻击和ARP欺骗","authors":"Ting-Yu Lin, Jhen-Ping Wu, Pei-Hsuan Hung, Ching-Hsuan Shao, Yu-Ting Wang, Yun-Zhan Cai, Meng-Hsun Tsai","doi":"10.23919/APNOMS50412.2020.9236951","DOIUrl":null,"url":null,"abstract":"As the number of network devices increases rapidly, it becomes more and more difficult to defend network attacks. Large-scaled attacks, such as SYN flooding, may lead to heavy burden to the switches as well as the controller in a software defined network (SDN). In this paper, we investigate the SYN flooding and Address Resolution Protocol (ARP) spoofing attacks in SDN, and then propose mechanisms to address these two attacks. We also present a new scheme to detect SYN flooding by using only a few forwarding rules. Moreover, we utilize the Programming Protocol-independent Packet Processors (P4) technique to mitigate the burden of the controller.","PeriodicalId":122940,"journal":{"name":"2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Mitigating SYN flooding Attack and ARP Spoofing in SDN Data Plane\",\"authors\":\"Ting-Yu Lin, Jhen-Ping Wu, Pei-Hsuan Hung, Ching-Hsuan Shao, Yu-Ting Wang, Yun-Zhan Cai, Meng-Hsun Tsai\",\"doi\":\"10.23919/APNOMS50412.2020.9236951\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As the number of network devices increases rapidly, it becomes more and more difficult to defend network attacks. Large-scaled attacks, such as SYN flooding, may lead to heavy burden to the switches as well as the controller in a software defined network (SDN). In this paper, we investigate the SYN flooding and Address Resolution Protocol (ARP) spoofing attacks in SDN, and then propose mechanisms to address these two attacks. We also present a new scheme to detect SYN flooding by using only a few forwarding rules. Moreover, we utilize the Programming Protocol-independent Packet Processors (P4) technique to mitigate the burden of the controller.\",\"PeriodicalId\":122940,\"journal\":{\"name\":\"2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS)\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/APNOMS50412.2020.9236951\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/APNOMS50412.2020.9236951","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mitigating SYN flooding Attack and ARP Spoofing in SDN Data Plane
As the number of network devices increases rapidly, it becomes more and more difficult to defend network attacks. Large-scaled attacks, such as SYN flooding, may lead to heavy burden to the switches as well as the controller in a software defined network (SDN). In this paper, we investigate the SYN flooding and Address Resolution Protocol (ARP) spoofing attacks in SDN, and then propose mechanisms to address these two attacks. We also present a new scheme to detect SYN flooding by using only a few forwarding rules. Moreover, we utilize the Programming Protocol-independent Packet Processors (P4) technique to mitigate the burden of the controller.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
