Mitigating SYN flooding attack and ARP spoofing in SDN data plane

Ting Yu Lin, Jhen Ping Wu, Pei Hsuan Hung, Ching Hsuan Shao, Yu Ting Wang, Yun Zhan Cai, Meng Hsun Tsai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

As the number of network devices increases rapidly, it becomes more and more difficult to defend network attacks. Large-scaled attacks, such as SYN flooding, may lead to heavy burden to the switches as well as the controller in a software defined network (SDN). In this paper, we investigate the SYN flooding and Address Resolution Protocol (ARP) spoofing attacks in SDN, and then propose mechanisms to address these two attacks. We also present a new scheme to detect SYN flooding by using only a few forwarding rules. Moreover, we utilize the Programming Protocol-independent Packet Processors (P4) technique to mitigate the burden of the controller.

Original languageEnglish
Title of host publicationAPNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium
Subtitle of host publicationTowards Service and Networking Intelligence for Humanity
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages114-119
Number of pages6
ISBN (Electronic)9788995004388
DOIs
Publication statusPublished - 2020 Sep
Event21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020 - Daegu, Korea, Republic of
Duration: 2020 Sep 222020 Sep 25

Publication series

NameAPNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity

Conference

Conference21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020
CountryKorea, Republic of
CityDaegu
Period20-09-2220-09-25

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Mitigating SYN flooding attack and ARP spoofing in SDN data plane'. Together they form a unique fingerprint.

Cite this