Next Article in Journal
Power-Time Exploration Tools for NMP-Enabled Systems
Previous Article in Journal
A Fast Algorithm for Identifying Density-Based Clustering Structures Using a Constraint Graph
Previous Article in Special Issue
Model-Checking Speculation-Dependent Security Properties: Abstracting and Reducing Processor Models for Sound and Complete Verification
Open AccessReview

Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

1
School of Information Technology, Whitireia Community Polytechnic, Auckland 1010, New Zealand
2
Department of Business Information Systems, Australian Institute of Higher Education, Sydney NSW 2000, Australia
3
School of Information Technology, Whitireia Community Polytechnic, Wellington 5022, New Zealand
*
Author to whom correspondence should be addressed.
Electronics 2019, 8(10), 1095; https://doi.org/10.3390/electronics8101095
Received: 16 August 2019 / Revised: 23 September 2019 / Accepted: 26 September 2019 / Published: 28 September 2019
(This article belongs to the Special Issue State-of-the-Art of Cyber Security)
Address Resolution Protocol (ARP) is a widely used protocol that provides a mapping of Internet Protocol (IP) addresses to Media Access Control (MAC) addresses in local area networks. This protocol suffers from many spoofing attacks because of its stateless nature and lack of authentication. One such spoofing attack is the ARP Cache Poisoning attack, in which attackers poison the cache of hosts on the network by sending spoofed ARP requests and replies. Detection and mitigation of ARP Cache Poisoning attack is important as this attack can be used by attackers to further launch Denial of Service (DoS) and Man-In-The Middle (MITM) attacks. As with traditional networks, an ARP Cache Poisoning attack is also a serious concern in Software Defined Networking (SDN) and consequently, many solutions are proposed in the literature to mitigate this attack. In this paper, a detailed survey on various solutions to mitigate ARP Cache Poisoning attack in SDN is carried out. In this survey, various solutions are classified into three categories: Flow Graph based solutions; Traffic Patterns based solutions; IP-MAC Address Bindings based solutions. All these solutions are critically evaluated in terms of their working principles, advantages and shortcomings. Another important feature of this survey is to compare various solutions with respect to different performance metrics, e.g., attack detection time, ARP response time, calculation of delay at the Controller etc. In addition, future research directions are also presented in this survey that can be explored by other researchers to propose better solutions to mitigate the ARP Cache Poisoning attack in SDN. View Full-Text
Keywords: ARP cache poisoning attack; Software-Defined Networking (SDN); Denial of Service (DoS) attack; Man in the Middle (MITM) attack ARP cache poisoning attack; Software-Defined Networking (SDN); Denial of Service (DoS) attack; Man in the Middle (MITM) attack
Show Figures

Figure 1

MDPI and ACS Style

Shah, Z.; Cosgrove, S. Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey. Electronics 2019, 8, 1095.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop