Skip to main content
SpringerLink
Log in

E2BaSeP: Efficient Bayes Based Security Protocol Against ARP Spoofing Attacks in SDN Architectures

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Virtual networks, just like classical IP networks, usually face many external threats such as ARP spoofing attacks. These attacks come from Address Resolution Protocol (ARP) vulnerabilities. Indeed, the ARP protocol can allow a virtual machine to be identified by one or more IP-MAC pairs, thus facilitating users’ impersonation and forged IP-MAC pair insertion into the victims’ ARP caches. This type of attack is the beginning of more dangerous attacks such as man-in-the-middle and denial-of-service. Several solutions based on SDN (Software-Defined Network) technology, known for their suitable adaptation to large-scale networks, have been proposed. These solutions use a global ARP cache built into the controller which contains the virtual machines’ IP-MAC pairs, as attacker detection knowledge. The main drawbacks of these methods are the collection and unsecured storage of IP-MAC pairs into the global ARP cache and failure to consider IP address reallocation cases, as well as users’ connection and reconnection scenarios in the attacker detection process. To remedy these shortcomings, we propose an Efficient Bayes Based Security Protocol (E2BaSeP) which detects attackers using a Bayes-based algorithm. This solution works in both dynamically and statically addressing networks. Simulation results show that the E2BaSeP protocol provides effective protection for ARP caches and performs better than those observed in the literature.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23

Similar content being viewed by others

References

  1. Divya C, Christopher XFD (2019) SM-ARP: stochastic Markovian game model for packet forwarding based ARP spoofing attacks detection. International Journal of Engineering and Advanced Technology (IJEAT)

  2. Gao W, Sun Y, Fu Q, Wu Z, Ma X, Zheng K, Huang X (2018) ARP poisoning prevention in Internet of Things. IEEE Communications Letters, 733–736, International Conference on Information Technology in Medicine and Education (ITME)

  3. Plummer CD (1982) An ethernet address resolution protocol. INTERNET STANDARD. https://tools.ietf.org/html/rfc826.Accessed08January2020

  4. Moon D, Lee JD, Jeong YS, Park JH (2014) RTNSS: A routing trace-based network security system for preventing ARP spoofing attacks. J Supercomput 72:1740–1756. https://doi.org/10.1007/s11227-014-1353-0

    Article  Google Scholar 

  5. Trabelsi Z, El-Hajj W (2007) Preventing ARP attacks using a fuzzy-based stateful ARP cache. In: 2007 IEEE international conference on communications, pp 1355–1360. https://doi.org/10.1109/ICC.2007.228

  6. Chauhan A, Yadav KR (2016) Detection of MAC spoofing using SVM technique. Int J Comput Sci Technol 7:194–197

    Google Scholar 

  7. Yeganeh HS, Tootoonchian A, Ganjali Y (2013) On scalability of software-defined networking. IEEE Commun Mag 51:136–141. https://doi.org/10.1109/MCOM.2013.6461198

    Article  Google Scholar 

  8. Ma H, Ding H, Yang Y, Mi Z, Zhang M (2015) SDN-based ARP attack detection for cloud centers. In: 2015 IEEE 12th intl conf on ubiquitous intelligence and computing and 2015 IEEE 12th intl conf on autonomic and trusted computing and IEEE 15th intl conf on scalable computing and communications and its associated workshops (UIC-ATC-ScalCom), Beijing. vol 00 pp 1049–1054. https://doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP.2015.195

  9. Divya C, Christopher XFD (2019) Security against ARP spoofing attacks using Bayesian support vector regression. Int J Innov Tech Explor Eng (IJITEE) 8:2278–3075

    Google Scholar 

  10. Data M (2018) The defense against ARP spoofing attack using semi-static ARP cache table. In: 2018 International conference on sustainable information engineering and technology (SIET), pp 206–210. https://doi.org/10.1109/SIET.2018.8693155

  11. Balagopal D, Rani XAK (2018) A technique for a software-defined and network-based ARP spoof detection and mitigation. Int J Appl Eng Res 13:14823–14826

    Google Scholar 

  12. Abad LC, Bonilla IR (2007) An analysis on the schemes for detecting and preventing ARP cache poisoning attacks. In: 27th International conference on distributed computing systems workshops (ICDCSW’07), pp 60–60. https://doi.org/10.1109/ICDCSW.2007.19

  13. Puangpronpitag S, Masusai N (2009) An efficient and feasible solution to ARP spoof problem. In: 2009 6th International conference on electrical engineering/electronics, computer telecommunications and information technology, vol 02, pp 910–913. https://doi.org/10.1109/ECTICON.2009.5137193

  14. Shukla S, Yadav I (2015) An innovative method for detection and prevention against ARP spoofing in MANET. International Journal of Computer Science and Information Technology and Security (IJCSITS)

  15. Hou X, Jiang Z, Tian X (2010) The detection and prevention for ARP spoofing based on snort. Int Conf Comput Appl Syst Model 5:137–139. https://doi.org/10.1109/ICCASM.2010.5619113

    Google Scholar 

  16. Qian A (2009) The automatic prevention and control research of ARP deception and implementation. WRI World Congr Comput Sci Inf Eng 2:555–558. https://doi.org/10.1109/CSIE.2009.122

    Google Scholar 

  17. Boughrara A, Mammar S (2012) Implementation of a SNORT’s output Plug-In in reaction to ARP Spoofing’s attack. In: 2012 6th International conference on sciences of electronics, technologies of information and telecommunications (SETIT), pp 643–647. https://doi.org/10.1109/SETIT.2012.6481988

  18. Ortega PA, Marcos EX, Chiang DL, Abad LC (2009) Preventing ARP cache poisoning attacks: a proof of concept using OpenWrt. In: 2009 Latin american network operations and management symposium, LANOMS 2009, Punta del Este, Uruguay, October 19-21, 2009, Proceedings. https://doi.org/10.1109/LANOMS.2009.5338799

  19. Mohan D, Rishabh P, Kshiteej M, Vijay M (2015) SPHINX: detecting security attacks in software-defined networks. In: 22nd Annual network and distributed system security symposium, NDSS 2015, San Diego, California, USA, February pp 8–11. https://doi.org/10.14722/ndss.2015.23064

  20. Abdelsalam MA, Ashraf E, Reddy V (2015) Mitigating ARP spoofing attacks in software-defined networks. In: Conference: ICCTA 2015, At Alexandria, Egypt

  21. Alharbi T, Durando D, Pakzad F, Portmann M (2016) Securing ARP in software defined networks. In: 2016 IEEE 41st conference on local computer networks (LCN), pp 523-526. https://doi.org/10.1109/LCN.2016.83

  22. Fahad U, Rashid A, Faisal B, Muhammad M (2017) Mitigating address spoofing attacks in hybrid SDN. International Journal of Advanced Computer Science and Applications. https://doi.org/10.14569/IJACSA.2017.080474

  23. Lallo R, Lospoto G, Rimondini M, Battista G (2016) How to handle ARP in a software-defined network

  24. Oliveira SLR, Schweitzer MC, Shinoda AA, Prete RL (2014) Using Mininet for emulation and prototyping Software-Defined Networks

  25. Zawar S, Steve C (2019) Mitigating ARP cache poisoning attack in software-defined networking (SDN): a survey. Electronics 8:1095

    Article  Google Scholar 

  26. Jehan N, Haneef MA (2015) Scalable ethernet architecture using SDN by suppressing broadcast traffic. In: 2015 Fifth international conference on advances in computing and communications (ICACC), pp 24–27. https://doi.org/10.1109/ICACC.2015.66

  27. Balagopal D, Rani KAX (2015) NetWatch: Empowering software-defined network switches for packet filtering. In: 2015 International conference on applied and theoretical computing and communication technology (iCATccT), pp 837–840. https://doi.org/10.1109/ICATCCT.2015.7456999

  28. Cox HJ, Clark JR, Owen LH (2016) Leveraging SDN for ARP security. SoutheastCon 2016:1–8. https://doi.org/10.1109/SECON.2016.7506644

    Google Scholar 

  29. Kim Y, Ahn S, Thang CN, Choi D, Park M (2019) ARP Poisoning attack detection based on ARP update state in software-defined networks. In: 2019 International conference on information networking (ICOIN), pp 366–371. https://doi.org/10.1109/ICOIN.2019.8718158

  30. Sagar KS, Sagarika M, Mayank T, Kishore BM, Bibhudatta S (2019) A comprehensive tutorial on software defined network: The driving force for the future internet technology. In: Proceedings of the international conference on advances in information communication technology and computing New York, NY, USA. https://doi.org/10.1145/2979779.2983928

  31. Kreutz D, Ramos VMF, Veríssimo EP, Rothenberg EC, Azodolmolky S, Uhlig S (2015) Software-defined networking: a comprehensive survey. Proc IEEE 103:14–76. https://doi.org/10.1109/JPROC.2014.2371999

    Article  Google Scholar 

  32. Sahoo SK, Mishra KS, Sahoo S, Sahoo B (2017) Software defined network: the next generation Internet technology

  33. Nam YS, Kim D, Kim J (2010) Enhanced ARP: preventing ARP poisoning-based man-in-the-middle attacks. IEEE Commun Lett 14:187–189. https://doi.org/10.1109/LCOMM.2010.02.092108

    Article  Google Scholar 

  34. Loriya TH, Kulshreshta A, Keraliya RD (2017) Security analysis of various public key cryptosystems for authentication and key agreement in wireless communication network. International Journal of Advanced Research in Computer and Communication Engineering (IJARCCE)

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics and Computer Science, University of Dschang, PO Box 67, Dschang, Cameroon

    Vianney Kengne Tchendji, Fabrice Mvah, Clémentin Tayou Djamegni & Yannick Florian Yankam

  2. Department of Computer Engineering, University of Dschang, PO Box 134, Bandjoun, Cameroon

    Clémentin Tayou Djamegni

Authors
  1. Vianney Kengne Tchendji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabrice Mvah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Clémentin Tayou Djamegni
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yannick Florian Yankam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vianney Kengne Tchendji.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tchendji, V.K., Mvah, F., Djamegni, C.T. et al. E2BaSeP: Efficient Bayes Based Security Protocol Against ARP Spoofing Attacks in SDN Architectures. J Hardw Syst Secur 5, 58–74 (2021). https://doi.org/10.1007/s41635-020-00105-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-020-00105-x

Keywords

Search

Navigation