Gamal Darwesh scite author profile

The work focuses on software-defined network security, as it was always one of these foremost critical concerns due to the centralized nature in SDN architecture where many serious attacks in traditional networks still appear in SDN networks such as ARP spoofing attack despite many existing security algorithms, methods and systems. In this work, we proposed a new approach to secure SDN from an ARP poisoning attack. The new solution extends the controller with a new module that uses a new algorithm to detect and mitigate the ARP spoofing attacks according to three states of each host in the network. The new mechanism involves the DHCP and manual assignment of IP addresses using three classes to classify the hosts according to their situations in the network. The CHT helps to set the host in an intermediate state between verifying and banning and detect the attack according to the next step of the host. The proposed mechanism was tested successfully in a simulated environment using Mininet and POX controller. The solution was effectively able to accomplish the objective for which it was built, with a limited overhead on the network. This proposed solution neither has an extra overload in the network, nor requires any changes in the infrastructure or additional hardware to install. According to the experiment results of this solution, the average time to detect the ARP spoofing attack is about 11 ms, with minor overhead on the controller CPU.

show abstract

Security in Kubernetes: Best Practices and Security Analysis

Darwesh¹,

Hammoud²,

Vorobeva³

2022

View full text Add to dashboard Cite

Kubernetes emerged as docker containers' most popular orchestration, it is widely used for developing microservices and deploying applications. Because of advancements in containerization technology, information technology organizations use Kubernetes to manage their systems and report benefits in the deployment process. However, security concerns have been highlighted as challenges in Kubernetes deployment, The hackers can exploit the security vulnerabilities to cause damage to company assets. This work will shed the light on the Kubernetes orchestration platform and how attacks can be contacted against subevents manifest. we also demonstrate 10 security best practices in the Kubernetes cluster based on practitioners' reports, which we should follow to help protect our infrastructure.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Gamal Darwesh

QoS adaptation in real time systems based on CBWFQ

Simulation-based performance evaluation of queuing for e-learning real time system

An efficient mechanism to detect and mitigate an ARP spoofing attack in software-defined networks

Security in Kubernetes: Best Practices and Security Analysis

Contact Info

Product

Resources

About