计算机与数字工程2019,Vol.47Issue(6):1426-1431,6.DOI:10.3969/j.issn.1672-9722.2019.06.030
SDN架构下的防ARP攻击系统设计
Design of Anti-ARP-Attack System in SDN Framework Architecture
姚刚 1陈青华 1乔勇军1
作者信息
- 1. 海军航空工程大学岸防兵学院 烟台 264001
- 折叠
摘要
Abstract
Network security is the most concern of all computer network administrators. In LAN environment,ARP attack is the main security threat,which is mainly solved by static binding in traditional network. But this method restricts the ease of net?work expansion. In view of the above problems,a new Anti-ARP-Attack system based on SDN architecture is proposed. The system takes advantage of the centralized control of the whole network by SDN,recording the host information in the access network,and real-time sensing the dynamic changes of the host and the network traffic. The system includes four parts:basic equipment layer, network control layer,ARP defense layer and interface layer. The ARP defense layer mainly completes the defense and detection of the ARP attack. It is composed of ARP message processing module,ARP attack detection module and ARP attack block module. The experiment shows that this system can defend all kinds of ARP spoofing attacks,and can monitor the ARP traffic in real time, and improve the security of LAN effectively.关键词
SDN/ARP/欺骗攻击/防御/流量感知Key words
software define network/ARP/spoofing attacks/defenses/traffic perception分类
信息技术与安全科学引用本文复制引用
姚刚,陈青华,乔勇军..SDN架构下的防ARP攻击系统设计[J].计算机与数字工程,2019,47(6):1426-1431,6.
