Finally, the mathematical and experimental results exhibit high accuracy and detection rate than the existing methodologies. The self-learning feature of the threshold stamping helps to rectify a legitimate user’s traffic before classifying it to the attacker. Based on the proposed approach, a dynamic threshold is assigned to the incoming port number. The multiplicative increase and additive decrease algorithm helps to detect the advanced MAC spoofing attack before penetrating the SDN-based cloud resources. This paper proposes a novel access control policy based on a zero-trust network by explicitly restricting the incoming network traffic to substantiate MAC spoofing attacks in the software-defined network (SDN) paradigm of cloud computing. However, the techniques used in the existing researches mistakenly classify the malicious host as the legitimate one. Networks are usually unable to detect spoofing if the intruder already forges the host’s MAC address. However, the change in work culture would also increase the chances of the cybersecurity attack, MAC spoofing attack, and DDoS/DoS attack due to the divergent incoming traffic from the untrusted network for accessing the enterprise’s resources. The ubiquitous cloud computing services provide a new paradigm to the work-from-home environment adopted by the enterprise in the unprecedented crisis of the COVID-19 outbreak. In the considered test scenarios, our measured detection and mitigation times are sufficiently low (in the order of a few seconds). Our extensive experimental results show that the developed solution is effective and quickly responds to intrusion attempts. Improvements were made to SDN in the areas of attack detection, firewall, intrusion prevention, packet dropping, and shorter timeouts. Bespoke software was written to conduct the attack tests and customise the IDPS this was coupled to a specifically developed library to validate user input. This is done by dynamically adjusting SDN’s operating parameters to detect malicious network traffic. We developed a Software-Defined Networking (SDN)-based Intrusion Detection and Prevention System (IDPS), which defends against ARP spoofing and Blacklisted MAC Addresses. This work focuses on infiltration methods, such as Address Resolution Protocol (ARP) spoofing, where adversaries sends fabricated ARP messages, linking their Media Access Control (MAC) address to a genuine device’s Internet Protocol (IP) address.
0 kommentar(er)
