Abstract
The Software-Defined Network (SDN) is an innovative network architecture designed to offer enhanced flexibility and operational simplicity in network management through a centralized controller. While these qualities empower SDN to effectively address evolving network demands, they also expose security vulnerability. Given its centralized structure, SDN becomes susceptible to cyber attacks, particularly those targeting internet of things (IoT) devices. These attacks aim to target IoT devices and can lead to congestion and disruption. In this study, we introduce an Intrusion Detection and Prevention System (IDPS) framework based on SDN to detect Man-in-the-Middle (MitM) Attacks by decodes network packets, extracting ARP headers with source and destination Internet Protocol (IP) and Media Access Control (MAC) addresses, monitors Address Resolution Protocol (ARP) packet counts during flood attacks and add flow table to block attackers if the count exceeds a threshold. The research covers simulation outcomes as well as the implementation of a practical SDN model for applying our methodology. The results highlight the model’s ability to rapidly and accurately detect MitM attacks targeting IoT devices and mitigate it in real time.
References
Mallik, A.: Man-in-the-middle-attack: understanding in simple words. Cyberspace: Jurnal Pendidikan Teknologi Informasi 2(2), 109–134 (2019)
Jaramillo, A.C., Alcivar, R., Pesantez, J., Ponguillo, R.: Cost effective test-bed for comparison of SDN network and traditional network. In 2018 IEEE 37th International Performance Computing and Communications Conference (IPCCC), pp. 1–2. IEEE (2018)
Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Networking Appl. 12, 493–501 (2019)
Hande, Y., Muddana, A.: A survey on intrusion detection system for software defined networks (SDN). In: Research Anthology on Artificial Intelligence Applications in Security, pp. 467–489. IGI Global (2021)
Alhaj, A.N., Dutta, N.: Analysis of security attacks in SDN network: a comprehensive survey. Contemp. Issues Commun. Cloud Big Data Analytics Proc. CCB 2020, 27–37 (2022)
Waseem, Q., Din, W.I.S.W., Aminuddin, A., Mohammed, M.H., Aziza, R.F.A.: Software-defined networking (SDN): a review. In: 2022 5th International Conference on Information and Communications Technology (ICOIACT), pp. 30–35. IEEE (2022)
Alsaeedi, M., Mohamad, M.M., Al-Roubaiey, A.A.: Toward adaptive and scalable OpenFlow-SDN flow control: a survey. IEEE Access 7, 107346–107379 (2019)
Mazhar, N., Salleh, R., Zeeshan, M., Hameed, M.M., Khan, N.: R-IDPS: real time SDN based IDPS system for IoT security. In: 2021 IEEE 18th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET), pp. 71–76. IEEE (2021)
Hardwaj, S., Panda, S.N.: Performance evaluation using RYU SDN controller in software-defined networking environment. Wireless Pers. Commun.Commun. 122(1), 701–723 (2022)
Yu, M., Xie, T., He, T., McDaniel, P., Burke, Q.K.: Flow table security in SDN: adversarial reconnaissance and intelligent attacks. IEEE/ACM Trans. Networking 29(6), 2793–2806 (2021)
Saritakumar, N., Anusuya, K.V., Balasaraswathi, B.: Detection and mitigation of MITM attack in software defined networks. In: Proceedings of the First International Conference on Combinatorial and Optimization, ICCAP 2021, December 7-8 2021, Chennai, India (2021)
Patel, R., Patel, P., Shah, P., Patel, B., Garg, D.: Software defined network (SDN) implementation with POX controller. In: 2022 3rd International Conference on Smart Electronics and Communication (ICOSEC), pp. 65–70. IEEE (2022)
Cherian, M.M., Varma, S.L.: Mitigation of DDOS and MiTM attacks using belief based secure correlation approach in SDN-based IoT networks. Int. J. Comput. Network Inf. Secur. 14(1) (2022)
Buzura, S., Lehene, M., Iancu, B., Dadarlat, V.: An extendable software architecture for mitigating ARP spoofing-based attacks in SDN data plane layer. Electronics 11(13), 1965 (2022)
Alina, A., Saraswat, S.: Understanding implementing and combating sniffing and ARP spoofing. In: 2021 4th International Conference on Recent Developments in Control, Automation & Power Engineering (RDCAPE), pp. 235–239. IEEE (2021)
Gulati, P., Kaur, G., Et Verma, G.N.: A review on secure channel establishment technique to increase security of IoT. Int. J. Comput. Sci. Mob. Comput.Comput. Sci. Mob. Comput. 8(4), 01–06 (2019)
Du, J., et al.: Research on an approach of ARP flooding suppression in multi-controller SDN networks. In: 2021 IEEE International Conference on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom), pp. 1159–1166. IEEE (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Aoueileyine, M.OE., Karmous, N., Bouallegue, R., Youssef, N., Yazidi, A. (2024). Detecting and Mitigating MitM Attack on IoT Devices Using SDN. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 204. Springer, Cham. https://doi.org/10.1007/978-3-031-57942-4_31
Download citation
DOI: https://doi.org/10.1007/978-3-031-57942-4_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57941-7
Online ISBN: 978-3-031-57942-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)