- we came up with a new mechanism to mitigate ARP spoofing
- implemented in OpenFlow and P4, but this repo contains only OpenFlow
- the common solution for ARP spoofing is called DAI, which is used to compare to our mechanism and it is in the ./only_dhcp_snooping folder
In the attack scenario simulated in Mininet, the attacker (H1) sends 1000 valid ARP request packets to H3 in one minute.
- one window run controller
$ ./controller_start.sh - another window run mininet
$ ./mininet_start.sh
- clean the mininet first if there is a problem when creting a mininet
$ sudo mn -c