Go to DBLP homepageDeception-Based IDS Against ARP Spoofing Attacks in Software-Defined Networks
Abstract: Address Resolution Protocol (ARP) spoofing is an important means for cyber adversaries to launch Denial of Service (DoS) or Man-In-The-Middle (MITM) attacks. These attacks can seriously impact system performance regarding confidentiality and data integrity. To overcome ARP spoofing attacks, several intrusion detection systems (IDSs) leverage the advantages of software-defined networking (SDN) to detect attackers. However, most of these approaches remain ineffective due to the use of a non-adaptive threshold and the lack of real-time information during attacker detection. To remedy these shortcomings, we propose a new deception-based IDS to efficiently detect attackers in SDN networks. This method deceives attackers to obtain real-time information to improve the detection system. Simulation results in the Mininet simulator show that the proposed method can significantly mitigate ARP spoofing attacks better than existing approaches.
Loading