In this article, we propose an access point-based ARP Spoofing Detector (ASD) that can detect ARP spoofing attacks without returning a false-positive rate. In general, however, existing works for ARP spoofing are unable to distinguish between ARP spoofing and connections from virtual machine (VM) guests, which results in false-positive alarms. Since ARP spoofing can be connected to critical attacks, including a man-in-the-middle (MITM) attack, detecting ARP spoofing initially without returning false-positive alarms is important. However, since there is no authentication procedure, the ARP is vulnerable to cyberattack such as ARP spoofing. The address resolution protocol (ARP) is one of the most important communication protocols in a local area network (LAN). Our results show that the new algorithm can prevent ARP spoofing and other attacks exploiting it. For the evaluation process, a physical SDN-enabled switch has been utilized with Ryu controller. We call the first scenario SDN_DYN the second scenario is called SDN_STA. The two scenarios are based on whether a network host will be assigned a dynamic or a static IP address. The algorithm can be applied in two different scenarios.
In this paper we propose a new algorithm to resolve the problem of ARP spoofing. This attack is the underlying infrastructure for many other network attacks, such as, man in the middle, denial of service and session hijacking. In this work, SDN has been utilized to alleviate and eliminate the problem of ARP poisoning attack. SDN has emerged to handle network complexity and management. This controller has the ability to manipulate and program the algorithms and protocols that run over the underlying hardware. Software Defined Network (SDN) is an emerging network paradigm that introduces a centralized controller to the network. The complexity of networking has been tackled over the years by introducing more devices and tailored protocols.
0 kommentar(er)
