dc.description.abstract | Address Resolution Protocol (ARP) spoofing has been a long-standing problem with no clear
remedy until now. The attacks can be launched easily utilizing an enormous number of publicly available
tools on the web; however, they are extremely tough to counterattack due to ARP’s stateless nature for not
authenticating ARP replies for a subsequent request. Previous studies have demonstrated significant efforts
to counterattack these assaults in Software-Defined Networks (SDN); however, much effort has been focused
solely on detecting the assaults, with little effort being made to address performance bottlenecks, scalability,
and Single Point of Failure (SPOF) issues in large-scale networks. In this study, we focus on developing ARP
spoofing attacks detection mechanism in large-scale SDN that is immune to SPOF and provides enhanced
network performance and scalability. The main purpose is to enable controllers to intercept and analyze all
incoming ARP packets, learn address mappings, and store them in the application’s memory to be used as
a basis for ongoing ARP cache comparisons while maintaining a global cache in a controller. To achieve
the goal of this study, a simulation experiment in a closed network environment was undertaken to precisely
monitor network traffic and result patterns. Mininet and the Open Network Operating System were used to
implement the data plane and OpenFlow controllers. The results show that, the proposed solution is resistant
to ARP spoofing attacks, with an average detection and mitigation time of 4.3 and 26.19 milliseconds,
respectively. Further significant improvements have been observed in alleviating SPOF and performance
bottlenecks. | en_US |