E2BaSeP: Efficient Bayes Based Security Protocol Against ARP Spoofing Attacks in SDN Architectures

Tchendji, Vianney Kengne; Mvah, Fabrice; Djamegni, Clémentin Tayou; Yankam, Yannick Florian

doi:10.1007/s41635-020-00105-x

Cited by 9 publications

(3 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hence, the prediction of an accurate baseline is also an open research gap in existing solutions. [64,80,81,[83][84][85]90,95,104,116] In many studies, a single virtual machine (VM) has been used to perform the experimental setup. However, results obtained from simulation or emulation environments will be different from real scenarios due to the limited availability of resources in a single VM.…”

Section: Referencementioning

confidence: 99%

Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review

2023

View full text Add to dashboard Cite

Software-defined network (SDNs) have fundamentally changed network infrastructure by decoupling the data plane and the control plane. This architectural shift rejuvenates the network layer by granting the re-programmability and centralized management of networks which brings about exciting challenges. Although an SDN seems to be a secured network when compared to conventional networks, it is still vulnerable and faces rigorous deployment challenges. Moreover, the bifurcation of data and control planes also opens up new security problems. This systematic literature review (SLR) has formalized the problem by identifying the potential attack scenarios and highlighting the possible vulnerabilities. Eighty-six articles have been selected carefully to formulize the SLR. In this SLR, we have identified major security attacks on SDN planes, including the application plane, control plane, and data plane. Moreover, this research also identifies the approaches used by industry experts and researchers to develop security solutions for SDN planes. In this research, we have introduced an attack taxonomy and proposed a collaborative security model after comprehensively identifying security attacks on SDN planes. Lastly, research gaps, challenges, and future directions are discussed for the deployment of secure SDNs.

show abstract

Section: Referencementioning

confidence: 99%

Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review

2023

View full text Add to dashboard Cite

show abstract

“…Note that spoofing attacks, in a more general matter, also threaten more traditional services like remote data storage [82] and networking applications, such as ARP forgery attacks [83], [84] and IP spoofing attacks [85], [86]. GPS spoofing attacks are also common and harmful [87], [88].…”

Section: Related Workmentioning

confidence: 99%

SmartPatch: Verifying the Authenticity of the Trigger-Event in the IoT Platform

Yuan¹,

Yang²,

Xing

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Emerging IoTclouds are playing a more important role in modern lives, enabling users/developers to program applications to make better use of smart devices. However, preliminary research has shown IoTcloud vulnerabilities could expose IoTusers to security risks. To better understand the problem, we studied the SmartThings cloud, one of the most popular IoTcloud platforms that support user-defined device automation (SmartApps). Specifically, we found new vulnerabilities in SmartThings that allow attackers to fake events to trigger the SmartApps to operate devices (e.g., open a lock). Exploiting such vulnerabilities, we successfully faked 7 different types of events, which impact 138 (out of 187) SmartThings' official open-sourced SmartApps. To defeat such attacks, we propose an authenticity-verification-based scheme to deny fake events. Moreover, we designed a tool, SmartPatch, to help users secure their SmartThings systems. In specific, SmartPatch automatically patches the vulnerable SmartApps and Device Handlers (input) and outputs the flawless programs, which are ready for users to deploy in their SmartThings systems. We have made SmartPatch publicly available. With the help of SmartPatch, we patched all the vulnerable SmartThings' official open-sourced programs (146 SmartApps and 321 Device Handlers). Experiments have shown the compatibility, effectiveness, and efficiency of our proposed approach.

show abstract

“…The DDoS attack can degrade the network performance and become a state of hijacking. SDN centralized controller is a single point of failure where the attacker can easily hack the network, if they access the controller by attacking the controller [16]. Fig.…”

Section: Literature Reviewmentioning

confidence: 99%

Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

Jamil

Ali

Jamil

2022

JISCR

View full text Add to dashboard Cite

Software Defined Networking (SDN) shows network operations to be performed for efficient network operations. Due to the increase in network devices, the percentage of attacks is also increased, and it is challenging to provide defense against such attacks. In SDN, the control plan is separated from the data plane. The control plan is implemented using some central devices called SDN controllers. In SDN Address Resolution Protocol (ARP), spoofing and Distributed Denial of Services (DDoS) attacks are carried out on an enormous scale. These are commonly launched attacks in SDN. Due to these attacks, the network performance is down, and network services are dead. This paper proposed a new auto detection methodology to detect ARP and DDoS attacks and mitigate SDN networks from these attacks. Additionally, we implemented two algorithms: one for flow rules and the second for attack detection. An individual server was installed to check the malicious traffic installation. We present the new forward flooding rules to detect and mitigate attacks. The experiments are performed using LINUX-based network implementation. Our proposal successfully improves network security and enhances network efficiency.

show abstract

E2BaSeP: Efficient Bayes Based Security Protocol Against ARP Spoofing Attacks in SDN Architectures

Cited by 9 publications

References 25 publications

Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review

Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review

SmartPatch: Verifying the Authenticity of the Trigger-Event in the IoT Platform

Spoofing Attack Mitigation in Address Resolution Protocol (ARP) and DDoS in Software-Defined Networking

Contact Info

Product

Resources

About