Leveraging SDN for ARP security

Jacob H. Cox, Russell J. Clark, Henry L. Owen

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    24 Scopus citations

    Abstract

    Insider threats are a growing concern for industry, government, and campus networks. Yet, vulnerabilities inherent in Address Resolution Protocol (ARP) are exploitable by insiders seeking to launch sophisticated attacks on local area networks (LANs). Such attacks, initialized through ARP spoofing, include denial of service, server redirect, and man-in-the-middle attacks. Unfortunately, the current state of the art technologies for detecting and preventing ARP poisoning are tediously complex, slow to detect, and difficult to maintain. However, software defined networking (SDN) enables the implementation of novel security measures that are capable of detecting and eliminating ARP spoofing before it can impact other hosts. Hence, this paper presents Network Flow Guard for ARP (NFGA), an SDN security module that augments simple, MAC-learning, protocols on OpenFlow-enabled switches. NFG works by hashing a host's physical address with an appropriate IP: port association to deny ARP spoofing at real-time. Moreover, our framework's key contribution is that it achieves ARP security with minimal intervention by network operators while supporting both dynamic and static port allocations, requiring no changes to the network's topology or protocols, and requiring no client software installation.

    Original languageEnglish (US)
    Title of host publicationSoutheastCon 2016
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    ISBN (Electronic)9781509022465
    DOIs
    StatePublished - Jul 7 2016
    EventSoutheastCon 2016 - Norfolk, United States
    Duration: Mar 30 2016Apr 3 2016

    Publication series

    NameConference Proceedings - IEEE SOUTHEASTCON
    Volume2016-July
    ISSN (Print)0734-7502

    Conference

    ConferenceSoutheastCon 2016
    Country/TerritoryUnited States
    CityNorfolk
    Period3/30/164/3/16

    Keywords

    • ARP Poisoning
    • DHCP
    • Network Protocols
    • Network Topology
    • Security
    • Software Defined Networks

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Software
    • Electrical and Electronic Engineering
    • Control and Systems Engineering
    • Signal Processing

    Fingerprint

    Dive into the research topics of 'Leveraging SDN for ARP security'. Together they form a unique fingerprint.

    Cite this