Show simple item record

dc.contributor.authorPatrice, Laurent
dc.contributor.authorSinde, Ramadhani
dc.contributor.authorLeo, Judith
dc.date.accessioned2024-10-23T07:54:44Z
dc.date.available2024-10-23T07:54:44Z
dc.date.issued2024-06
dc.identifier.urihttps://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10549517
dc.identifier.urihttps://dspace.nm-aist.ac.tz/handle/20.500.12479/2770
dc.descriptionThis research article was published by IEEE volume12 2024en_US
dc.description.abstractAddress Resolution Protocol (ARP) spoofing has been a long-standing problem with no clear remedy until now. The attacks can be launched easily utilizing an enormous number of publicly available tools on the web; however, they are extremely tough to counterattack due to ARP’s stateless nature for not authenticating ARP replies for a subsequent request. Previous studies have demonstrated significant efforts to counterattack these assaults in Software-Defined Networks (SDN); however, much effort has been focused solely on detecting the assaults, with little effort being made to address performance bottlenecks, scalability, and Single Point of Failure (SPOF) issues in large-scale networks. In this study, we focus on developing ARP spoofing attacks detection mechanism in large-scale SDN that is immune to SPOF and provides enhanced network performance and scalability. The main purpose is to enable controllers to intercept and analyze all incoming ARP packets, learn address mappings, and store them in the application’s memory to be used as a basis for ongoing ARP cache comparisons while maintaining a global cache in a controller. To achieve the goal of this study, a simulation experiment in a closed network environment was undertaken to precisely monitor network traffic and result patterns. Mininet and the Open Network Operating System were used to implement the data plane and OpenFlow controllers. The results show that, the proposed solution is resistant to ARP spoofing attacks, with an average detection and mitigation time of 4.3 and 26.19 milliseconds, respectively. Further significant improvements have been observed in alleviating SPOF and performance bottlenecks.en_US
dc.language.isoenen_US
dc.publisherIEEEen_US
dc.subjectARP cache poisoningen_US
dc.subjectARP spoofingen_US
dc.subjectsoftware-define networken_US
dc.subjectnetwork securityen_US
dc.titleA Novel Mechanism for Detection of Address Resolution Protocol Spoofing Attacks in Large-Scale Software-Defined Networksen_US
dc.typeArticleen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record