Enhancing security and efficiency in software-defined networking: the role of the adaptive secure vMAC switching model

Software-Defined Networking (SDN) enables centralized control and programmability across network infrastructures by decoupling the control plane from the data plane. Despite its advantages, conventional MAC-based forwarding mechanisms in SDN remain vulnerable to MAC spoofing, static address correlation, and inefficient resource utilization, which degrade both security and performance. Existing approaches, such as the Virtual MAC Switching (VMS) model, provide some level of anonymity but suffer from predictable address patterns, reactive flow handling, and high controller dependency. This paper introduces the Adaptive Secure vMAC Switching (ASVS) model-an enhanced SDN framework that combines entropy-driven vMAC generation and dynamic rotation, preemptive flow rule installation, efficient vMAC caching, and real-time spoofing mitigation. ASVS is designed to combat spoofing attacks while improving throughput and lowering latency. Experimental evaluations demonstrate that ASVS reduces forwarding latency by up to 61%, enhances throughput by 2.7%, lowers CPU usage by 35%, and decreases memory utilization by 25% compared to VMS. These results indicate that ASVS significantly improves SDN resilience and scalability, offering a robust and performance-efficient defense against MAC-level vulnerabilities.

Text 122996.pdf - Published Version Restricted to Repository staff only Download (1MB) Official URL or Download Paper: https://inass.org/wp-content/uploads/2025/04/20250...

Actions (login required)

View Item