A novel mechanism to handle address spoofing attacks in SDN based IoT

The Internet of Things (IoT) is a network of devices (servers, sensors, nodes, and so on) used to conduct tasks like health monitoring, production monitoring, business transactions, etc. In IoT, the traditional networking paradigm in which the control and data planes are vertically integrated is utilized to link various types of networks. Software Defined Networking (SDN) is a relatively new concept that separates the control plane from the data plane, making network management and maintenance easier. In SDN, network operators prioritise the security of the overall system. The most severe attacks on systems target the Address Resolution Protocol (ARP), which then frequently act as a springboard for more complicated attacks. This paper proposes a secure SDN-based IoT architecture to manage and reduce ARP spoofing attacks by deploying a new machine near the SDN controller to handle address resolution questions. To examine address spoofing threats, we move ARP traffic to this new machine. This module works in tandem with the controller, gathering topology data and ARP requests in order to detect potential attack conditions. The ARP data is analyzed using custom methods. According to simulation results, the proposed technique increases network throughput, improves attack detection and mitigation time by 35% over existing techniques.