Man in The Middle Attacks on Software Defined Network

Abstract: Software Defined Networking (SDN) is a method of abstracting the network to ease administration by centralizing it. Doing this removes intelligence from the devices and this might open up local security vulnerabilities. One attack type is a Man in the middle attack, this requires the attacker to have access to the data flow that they want to attack. One type of this is to trick other network devices like hosts into believing the attacker is the one they are supposed to communicate with. Software defined networks might make this type of attack more dangerous since the network administration is centralized. In this thesis we summaries attacks against SDN and propose a method to detect Man in the middle attacks in the SDN network. I used Mininet virtualization to create an SDN to perform an experiment to answer this. The experiment performed is an ARP-poisoning attack on SDN to find out the effect on network latency that the attack causes, this will help to develop an detection method for ARP-poisoning attacks.