Volume 21 , Issue 4 , PP: 106-126, 2023 | Cite this article as | XML | Html | PDF | Full Length Article
Ehab R. Mohamed 1 * , Heba M. Mansour 2 , Osama M. El-Komy 3
Doi: https://doi.org/10.54216/IJNS.210411
Software-defined networks (SDN) have developed an understanding of the technological world in recent decades, which has led scholars to become interested in its problems. One of the primary issues facing SDN networks is security. We discovered that ARP assaults constitute a significant threat to SDN, so we provided in this survey the most recent solutions put forth to counteract these attacks, and rank the technical solutions based on the neutrosophic set. The neutrosophic set is used to deal with uncertain data in the evaluation process. The neutrosophic set is integrated with the TOPSIS method to obtain the rank of the proposed solutions. The TOPSIS method is used to give a rank of alternatives with specified criteria. This will make it easier for future researchers to identify and combat the three different forms of ARP attacks—ARP flooding assault, ARP spoofing attack, and ARP broadcasting attack. Prior to that, we went into more detail on SDN networks, including their design and, in particular, the shortcomings of the ARP protocol. Since SDN focuses on separating the controller plane from the data plane and centralizing the controller, it differs significantly from traditional networks and has stirred considerable controversy in the networking industry. Due to the fact that SDN is software-based, it offers greater flexibility, scalability, programmatic management, and control. The decoupling of the control and forwarding planes also enables SDN to connect to applications via application programming interfaces (APIs), supporting application security and performance and resulting in a scalable and dynamic network architecture. Contrarily, because traditional networks are hardware-based, they must use fixed functions and specialized hardware and devices to control the network. As a result, scaling traditional networks requires purchasing new hardware, which is a common issue. The SDN network architecture and its properties, as well as the most significant issues—particularly the three different types of ARP attacks that affect SDN—are covered in some sections of this research. These sections also discuss the best current remedies for these issues and outline the ongoing work that will eventually result in an ideal SDN network architecture free of significant security issues.
ARP protocol , Neutrosophic theory , ARP attacks , Application programming interfaces , Neutrosophic Set , Uncertainty.
[1] S. Sandraascott, H. Ludoviccjacquin, and R. Editors, “Computer Communications and Networks Guide to Security in SDN and NFV Challenges, Opportunities, and Applications.” [Online]. Available: http://www.springer.com/series/4198
[2] D. Kumar and J. Thakur, “Handling Security Issues in Software-defined Networks (SDNs) Using Machine Learning,” in Computational Vision and Bio-Inspired Computing: Proceedings of ICCVBIC 2021, Springer, 2022, pp. 263–277.
[3] A. Pradhan and R. Mathew, “Solutions to vulnerabilities and threats in software defined networking (SDN),” Procedia Comput Sci, vol. 171, pp. 2581–2589, 2020.
[4] Z. Shah and S. Cosgrove, “Mitigating ARP cache poisoning attack in software-defined networking (SDN): a survey,” Electronics (Basel), vol. 8, no. 10, p. 1095, 2019.
[5] V. Rohatgi and S. Goyal, “A detailed survey for detection and mitigation techniques against ARP spoofing,” in 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), IEEE, 2020, pp. 352–356.
[6] J. S. Meghana, T. Subashri, and K. R. Vimal, “A survey on ARP cache poisoning and techniques for detection and mitigation,” in 2017 Fourth International Conference on Signal Processing, Communication and Networking (ICSCN), IEEE, 2017, pp. 1–6.
[7] T. Girdler and V. G. Vassilakis, “Implementing an intrusion detection and prevention system using software-defined networking: defending against ARP spoofing attacks and blacklisted MAC addresses,” Computers & Electrical Engineering, vol. 90, p. 106990, 2021.
[8] N. Ahuja, G. Singal, D. Mukhopadhyay, and A. Nehra, “Ascertain the efficient machine learning approach to detect different ARP attacks,” Computers and Electrical Engineering, vol. 99, p. 107757, 2022.
[9] M. N. Munther, F. Hashim, N. A. A. Latiff, K. A. Alezabi, and J. T. Liew, “Scalable and secure SDN based ethernet architecture by suppressing broadcast traffic,” Egyptian Informatics Journal, vol. 23, no. 1, pp. 113–126, 2022.
[10] H. Y. I. KHALID, P. M. ISMAEL, and A. B. AL-KHALIL, “Efficient mechanism for securing software defined network against arp spoofing attack,” Journal of Duhok University, vol. 22, no. 1, pp. 124–131, 2019.
[11] J. Du et al., “Research on An Approach of ARP Flooding Suppression in Multi-Controller SDN Networks,” in 2021 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom), IEEE, 2021, pp. 1159–1166.
[12] N. Saritakumar, K. V Anusuya, and S. Ajitha, “Detection and Mitigation of ARP Poisoning Attack in Software Defined Network,” in Proceedings of the First International Conference on Combinatorial and Optimization, ICCAP 2021, December 7-8 2021, Chennai, India, 2021.
[13] H.-C. Wei, Y.-H. Tung, and C.-M. Yu, “Counteracting UDP flooding attacks in SDN,” in 2016 IEEE NetSoft Conference and Workshops (NetSoft), IEEE, 2016, pp. 367–371.
[14] S. Buzura, M. Lehene, B. Iancu, and V. Dadarlat, “An Extendable Software Architecture for Mitigating ARP Spoofing-Based Attacks in SDN Data Plane Layer,” Electronics (Basel), vol. 11, no. 13, p. 1965, 2022.
[15] X. Hou, Z. Jiang, and X. Tian, “The detection and prevention for ARP Spoofing based on Snort,” in 2010 International Conference on Computer Application and System Modeling (ICCASM 2010), IEEE, 2010, pp. V5-137.
[16] M. Matties, “Distributed responder ARP: Using SDN to re-engineer ARP from within the network,” in 2017 International Conference on Computing, Networking and Communications (ICNC), IEEE, 2017, pp. 678–683.
[17] D. Balagopal and X. A. K. Rani, “A technique for a software-defined and network-based ARP spoof detection and mitigation,” International Journal of Applied Engineering Research, vol. 13, no. 20, pp. 14823–14826, 2018.
[18] A. Zaalouk, R. Khondoker, R. Marx, and K. M. Bayarou, “OrchSec Demo: Demonstrating the Capability of an Orchestrator-based Architecture for Network Security,” Academic Demo, Open Networking Summit, 2014.
[19] A. Nehra, M. Tripathi, and M. S. Gaur, “FICUR: Employing SDN programmability to secure ARP,” in 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), IEEE, 2017, pp. 1–8.
[20] H. Aldabbas and R. Amin, “A novel mechanism to handle address spoofing attacks in SDN based IoT,” Cluster Comput, vol. 24, no. 4, pp. 3011–3026, 2021.
[21] A. K. Rangisetti, R. Dwivedi, and P. Singh, “Denial of ARP spoofing in SDN and NFV enabled cloud-fog-edge platforms,” Cluster Comput, vol. 24, no. 4, pp. 3147–3172, 2021.
[22] V. K. Tchendji, F. Mvah, C. T. Djamegni, and Y. F. Yankam, “E2BaSeP: Efficient Bayes based security protocol against ARP spoofing attacks in SDN architectures,” Journal of Hardware and Systems Security, vol. 5, no. 1, pp. 58–74, 2021.
[23] D. Moon, J. D. Lee, Y.-S. Jeong, and J. H. Park, “RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks,” J Supercomput, vol. 72, pp. 1740–1756, 2016.
[24] Irina V. Pustokhina,Denis A. Pustokhin, An Intelligent Neutrosophic Model for Evaluation Sustainable Housing Affordability, International Journal of Advances in Applied Computational Intelligence, Vol. 2 , No. 2 , (2022) : 45-53 (Doi : https://doi.org/10.54216/IJAACI.020205)
[25] S.-W. Lin and H.-W. Lo, “An FMEA model for risk assessment of university sustainability: using a combined ITARA with TOPSIS-AL approach based neutrosophic sets,” Ann. Oper. Res., pp. 1–27, 2023.
[26] Shereen Zaki,Mahmoud M. Ibrahim,Mahmoud M. Ismail, Interval Valued Neutrosophic VIKOR Method for Assessment Green Suppliers in Supply Chain, International Journal of Advances in Applied Computational Intelligence, Vol. 2 , No. 1 , (2022) : 15-22 (Doi : https://doi.org/10.54216/IJAACI.020102)
[27] Shimaa Said,Mahmoud M. Ibrahim,Mahmoud M. Ismail, An Integrated Multi-Criteria Decision-Making Approach for Identification and Ranking Solar Drying Barriers under Single-Valued Triangular Neutrosophic Sets (SVTNSs), Neutrosophic and Information Fusion, Vol. 2 , No. 1 , (2023) : 35-49 (Doi : https://doi.org/10.54216/NIF.020103)
[28] F. Sbastian, A. Y. Ridwan, and N. Novitasari, “Implementation of Multi Criteria Decision Making (MCDM) Fuzzy Neutrosophic TOPSIS-CRITIC in Determining Sustainability Aspects of the Location of IoT Based Products Warehouse,” in 2021 International Conference on Computer Science and Engineering (IC2SE), IEEE, 2021, pp. 1–8.
[29] Abedallah Z. Abualkishik,Rasha Almajed, Triangular Neutrosophic Multi-Criteria Decision Making AHP Method for Solar Power Site Selection, International Journal of Advances in Applied Computational Intelligence, Vol. 2 , No. 2 , (2022) : 08-15 (Doi : https://doi.org/10.54216/IJAACI.020201)
[30] M. Baghel and C. Krishna, “Multi-objective optimization of mechanical and microstructural characteristics in a stir casting process of MWCNTs/Al6082 composites using neutrosophic TOPSIS and GRA,” J. Chinese Inst. Eng., vol. 46, no. 4, pp. 345–354, 2023.
[31] H. Sharma, A. Tandon, P. K. Kapur, and A. G. Aggarwal, “Ranking hotels using aspect ratings based sentiment classification and interval-valued neutrosophic TOPSIS,” Int. J. Syst. Assur. Eng. Manag., vol. 10, pp. 973–983, 2019.
[32] M. Junaid, Y. Xue, M. W. Syed, J. Z. Li, and M. Ziaullah, “A neutrosophic ahp and topsis framework for supply chain risk assessment in automotive industry of Pakistan,” Sustainability, vol. 12, no. 1, p. 154, 2019.