Detecting and mitigating ARP attacks in SDN-based cloud environment

Sixian Sun, Xiao Fu, Bin Luo, Xiaojiang Du

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

19 Scopus citations

Abstract

Cloud computing is making a greater impact on internet industry, medical industry, insurance industry, and so on. Due to its influence, cloud computing networking is in great need of security, and protecting cloud environment from diverse attacks has been a hot issue. On the other hand, Software Defined Network (SDN) separates the control plane from the data plane and makes networks programmable, which promotes the centralized management of network devices. Compared to traditional networks, SDN increases the utilization efficiency of resources, increases the flexibility of network services, and reduces the cost of maintenance. Therefore, in this paper, we apply SDN to protect cloud computing networking from Address Resolution Protocol (ARP) attacks. In the proposed approach, a cluster of controllers detects ARP packets that hosts send, in order to find out the forged ones and to prevent ARP spoofing attacks. Also, controllers monitor statistical data of ARP packets once in a while to detect ARP flooding attacks. Once an attack is detected, controllers install flow entries on corresponding switches, to block flow for a specific time. Finally, we conduct experiments to show that our approach is useful to detect and mitigate ARP attacks in SDN-based cloud environment.

Original languageEnglish
Title of host publicationIEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2020
Pages659-664
Number of pages6
ISBN (Electronic)9781728186955
DOIs
StatePublished - Jul 2020
Event2020 IEEE INFOCOM Conference on Computer Communications Workshops, INFOCOM WKSHPS 2020 - Toronto, Canada
Duration: 6 Jul 20209 Jul 2020

Publication series

NameIEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2020

Conference

Conference2020 IEEE INFOCOM Conference on Computer Communications Workshops, INFOCOM WKSHPS 2020
Country/TerritoryCanada
CityToronto
Period6/07/209/07/20

Keywords

  • ARP attack
  • Cloud computing networking
  • Network security
  • Software defined network

Fingerprint

Dive into the research topics of 'Detecting and mitigating ARP attacks in SDN-based cloud environment'. Together they form a unique fingerprint.

Cite this