{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T11:29:17Z","timestamp":1740137357357,"version":"3.37.3"},"reference-count":46,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2023,3,8]],"date-time":"2023-03-08T00:00:00Z","timestamp":1678233600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,3,8]],"date-time":"2023-03-08T00:00:00Z","timestamp":1678233600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100012456","name":"National Social Science Foundation of China","doi-asserted-by":"crossref","award":["17BGL232"],"award-info":[{"award-number":["17BGL232"]}],"id":[{"id":"10.13039\/501100012456","id-type":"DOI","asserted-by":"crossref"}]},{"DOI":"10.13039\/501100017577","name":"Basic Public Welfare Research Program of Zhejiang Province","doi-asserted-by":"publisher","award":["LGG22F020002"],"award-info":[{"award-number":["LGG22F020002"]}],"id":[{"id":"10.13039\/501100017577","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2023,6]]},"abstract":"Abstract<\/jats:title>MAC address spoofing has plagued LAN communication for a long time. Many attacks use it as a springboard to carry out subsequent attacks. The main reason for this kind of attack is the exposure of MAC address. If the source MAC address of the node can be hidden during frame forwarding, this kind of attack can be effectively prevented. This study proposes virtual MAC switching (VMS) as a solution to this problem. VMS uses multi-address hopping technology to make the MAC address of the frame change continuously in the forwarding process. Its unique address generation format makes other nodes unable to record or speculate the real MAC address of the node, so it cannot launch an attack. Experiments show that VMS is close to typical SDN switches in terms of delay, throughput, and overhead and has a higher security level.<\/jats:p>","DOI":"10.1007\/s10207-022-00659-7","type":"journal-article","created":{"date-parts":[[2023,3,26]],"date-time":"2023-03-26T20:34:51Z","timestamp":1679862891000},"page":"723-736","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A novel frame switching model based on virtual MAC in SDN"],"prefix":"10.1007","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6429-2426","authenticated-orcid":false,"given":"Guangjia","family":"Song","sequence":"first","affiliation":[]},{"given":"Jianhua","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Hui","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,3,8]]},"reference":[{"key":"659_CR1","unstructured":"Stevens, W. R.: \"TCP\/IP Illustrated, Volume 2: The Implementation.\" Pearson Schweiz Ag (1995)"},{"key":"659_CR2","unstructured":"Kurose, J., Keith, R.: \"Computer networks: A top down approach featuring the internet.\" (2010)"},{"key":"659_CR3","unstructured":"Plummer, D. C.: RFC826: Ethernet address resolution protocol. Computer & Communications Dictionary (1982)"},{"key":"659_CR4","doi-asserted-by":"crossref","unstructured":"Narten, T. et al.: Neighbor discovery for IP version 6 (IPv6). No. rfc4861. (2007)","DOI":"10.17487\/rfc4861"},{"key":"659_CR5","doi-asserted-by":"crossref","unstructured":"Neminath, H., Biswas, S., Roopa, S., et al.: A DES Approach to intrusion detection system for arp spoofing attacks[C]. Control & automation. IEEE, 2010:695\u2013700. (2010)","DOI":"10.1109\/MED.2010.5547790"},{"key":"659_CR6","doi-asserted-by":"crossref","unstructured":"Pandey P.: Prevention of ARP spoofing: A Probe Packet Based Technique[C]. Advance Computing Conference. IEEE, 2013:147\u2013153.","DOI":"10.1109\/IAdCC.2013.6514211"},{"key":"659_CR7","doi-asserted-by":"crossref","unstructured":"Ferguson, S.: RFC2827 Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing [J]. (2000) http:\/\/tools.ietf.org\/pdf\/bcp38.pdf","DOI":"10.17487\/rfc2827"},{"issue":"6","key":"659_CR8","first-page":"2465","volume":"9","author":"CH Chiu","year":"2013","unstructured":"Chiu, C.H., Lei, C.L.: Etheragent: scaling ethernet for enterprise and campus networks. Int. J. Innovat. Comput. Inf. Control 9(6), 2465\u20132483 (2013)","journal-title":"Int. J. Innovat. Comput. Inf. Control"},{"key":"659_CR9","doi-asserted-by":"crossref","unstructured":"Alasadi, E., Al-Raweshidy, H. S.: SSED: Servers Under Software-Defined Network Architectures to Eliminate Discovery Messages. In: IEEE\/ACM Transactions on Networking (2018):1\u201314. (2018)","DOI":"10.1109\/TNET.2017.2763131"},{"key":"659_CR10","doi-asserted-by":"crossref","unstructured":"Wu, J., Bi, J. et al.: A source address validation architecture (SAVA) testbed and deployment experience[EB\/OL]. (2008) http:\/\/www.ietf.org\/rfc\/rfc5210.txt","DOI":"10.17487\/rfc5210"},{"key":"659_CR11","doi-asserted-by":"crossref","unstructured":"Wu J, Ren G, Li X.: Source address validation: architecture and protocol design[C]. In: The 15th IEEE International Conference on Network Protocols. 2007: 276\u2013283. (20007)","DOI":"10.1109\/ICNP.2007.4375858"},{"issue":"11","key":"659_CR12","first-page":"19800","volume":"16","author":"A Garc\u00eda-Mart\u00ednez","year":"2012","unstructured":"Garc\u00eda-Mart\u00ednez, A., Bagnulo, M.: An integrated approach to prevent address spoofing In IPv6 Links. IEEE Communication Letters IEEE 16(11), 19800\u201321902 (2012)","journal-title":"IEEE Communication Letters IEEE"},{"key":"659_CR13","unstructured":"Xiao, P., Bi, J.: OpenFlow Based Intra-AS Source Address Validation. Journal of Chinese Computer Systems 34 (2013)."},{"issue":"1","key":"659_CR14","first-page":"85","volume":"35","author":"J Li","year":"2012","unstructured":"Li, J., Wu, J., Xu, K., Chen, W.L.: An hierarchical inter-domain authenticated source address validation solution. J. softw. 35(1), 85\u2013100 (2012)","journal-title":"J. softw."},{"key":"659_CR15","doi-asserted-by":"crossref","unstructured":"Kukec, A., Krishnan, S., Jiang, S.: The Secure Neighbor Discovery (SEND) Hash Threat Analysis. RFC 6274, June, (2011)","DOI":"10.17487\/rfc6273"},{"key":"659_CR16","doi-asserted-by":"crossref","unstructured":"Rafiee, H., Alsa'deh, A., Meinel, C.: Multicore-based auto-scaling secure neighbor discovery for windows operating systems. In: Proceedings of IEEE International Conference on Information Networking (ICOIN). (2012)","DOI":"10.1109\/ICOIN.2012.6164390"},{"issue":"2","key":"659_CR17","first-page":"24","volume":"11","author":"S Qadir","year":"2011","unstructured":"Qadir, S., Siddiqi, M.U.: Cryptographically generated addresses (CGAs): a survey and an analysis of performance for use in mobile environment. Int. J. Comput. Sci. Netw. Secur. 11(2), 24\u201331 (2011)","journal-title":"Int. J. Comput. Sci. Netw. Secur."},{"issue":"1","key":"659_CR18","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1007\/s11277-005-8742-x","volume":"35","author":"Y Saito","year":"2005","unstructured":"Saito, Y., Kuroda, M., Mizuno, T.: A Virtual MAC Address Scheme for Mobile Ethernet. Wireless Pers. Commun. 35(1), 99\u2013109 (2005)","journal-title":"Wireless Pers. Commun."},{"key":"659_CR19","unstructured":"Bandar, A. et al.: A New MAC Address Spoofing Detection Technique Based on Random Forests. Sensors (Basel, Switzerland) (2016)"},{"key":"659_CR20","doi-asserted-by":"crossref","unstructured":"Barbhuiya, F.A., Biswas, S., Nandi, S.: An active DES based IDS for ARP Spoofing[C]. In: IEEE International Conference on Systems. IEEE, 2011:2743\u20132748. (2011)","DOI":"10.1109\/ICSMC.2011.6084088"},{"key":"659_CR21","unstructured":"Song, G., Ji, Z.: Research on Equivalence between Address Resolution and Duplicate Address Detection. In: Fifth International Conference on Instrumentation & Measurement IEEE. (2016)"},{"key":"659_CR22","doi-asserted-by":"crossref","unstructured":"Trabelsi, Z., El-Hajj, W.: Preventing ARP attacks using a fuzzy-based stateful ARP cache. In: Proceedings of IEEE International Conference on Communications. (2007)","DOI":"10.1109\/ICC.2007.228"},{"issue":"7","key":"659_CR23","doi-asserted-by":"publisher","first-page":"685","DOI":"10.1049\/iet-com.2011.0566","volume":"6","author":"MYG Oh","year":"2012","unstructured":"Oh, M.Y.G., Hong, S., Cha, S.: ASA: agent-based secure ARP cache management. Communications Iet 6(7), 685\u2013693 (2012)","journal-title":"Communications Iet"},{"key":"659_CR24","doi-asserted-by":"crossref","unstructured":"Narten, T. et al. RFC4861: Neighbor Discovery for IP version 6 (IPv6). Standards Track, http:\/\/www.ietf.org\/rfc\/rfc4861.txt (2007)","DOI":"10.17487\/rfc4861"},{"key":"659_CR25","doi-asserted-by":"crossref","unstructured":"Meghana, J., Subashri, T., Vimal, R.A.: Survey on ARP Cache Poisoning and Techniques for Detection and Mitigation. In: Proceedings of the IEEE International Conference on Signal Processing, Communication and Networking (ICSCN), Chennai, India, 16\u201318 March 2017; pp. 1\u20136. (2017)","DOI":"10.1109\/ICSCN.2017.8085417"},{"key":"659_CR26","doi-asserted-by":"crossref","unstructured":"Alharbi, T., Durando, D., Pakzad, F., Portmann, M.: Securing ARP in software defined networks in proceedings of the IEEE conference on local computer networks (LCN), Dubai, UAE, 7\u201310 November 2016; pp. 523\u2013526. (2016)","DOI":"10.1109\/LCN.2016.83"},{"key":"659_CR27","doi-asserted-by":"crossref","unstructured":"Kim, C, Caesar, M., Rexford, J.: \"Floodless in SEATTLE: a scalable ethernet architecture for large enterprises.\" ACM ACM, 2008:3\u201314. (2008)","DOI":"10.1145\/1402958.1402961"},{"issue":"17","key":"659_CR28","doi-asserted-by":"publisher","first-page":"3601","DOI":"10.1016\/j.comnet.2013.08.007","volume":"57","author":"N Varis","year":"2013","unstructured":"Varis, N., et al.: DBridges: Flexible floodless frame forwarding. Comput. Netw. 57(17), 3601\u20133616 (2013)","journal-title":"Comput. Netw."},{"issue":"2","key":"659_CR29","first-page":"375","volume":"35","author":"YC Wang","year":"2019","unstructured":"Wang, Y.C., Han, H.U.: An adaptive broadcast and multicast traffic cutting framework to improve ethernet efficiency by SDN. J. Inf. Sci. Eng. 35(2), 375\u2013392 (2019)","journal-title":"J. Inf. Sci. Eng."},{"key":"659_CR30","doi-asserted-by":"crossref","unstructured":"Jehan, N., Haneef, A M.: \"Scalable ethernet architecture using SDN by suppressing broadcast traffic.\" 2015 Fifth International Conference on Advances in Computing & Communications (ICACC) IEEE. (2016)","DOI":"10.1109\/ICACC.2015.66"},{"issue":"1","key":"659_CR31","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1049\/cje.2017.12.002","volume":"28","author":"J Xia","year":"2019","unstructured":"Xia, J., et al.: An active defense solution for ARP spoofing in openflow network. Chin. J. Electron. 28(1), 172\u2013178 (2019)","journal-title":"Chin. J. Electron."},{"key":"659_CR32","unstructured":"Mysore, R.N., et al. \"PortLand: a scalable fault-tolerant layer 2 data center network fabric.\" Proceedings of the ACM SIGCOMM 2009 conference on applications, technologies, architectures, and protocols for computer communications, Barcelona, Spain, August 16\u201321, 2009 ACM, (2009)"},{"issue":"2","key":"659_CR33","first-page":"12","volume":"11","author":"J Wang","year":"2014","unstructured":"Wang, J., et al.: A novel floodless service discovery mechanism designed for Software-Defined Networking. Communications 11(2), 12\u201325 (2014)","journal-title":"Communications"},{"key":"659_CR34","doi-asserted-by":"crossref","unstructured":"Shpiner, Alexander, et al. \"SAL: Scaling data centers using smart address learning.\" 10th International Conference on Network and Service Management (CNSM) and Workshop. IEEE, 2014.","DOI":"10.1109\/CNSM.2014.7014167"},{"key":"659_CR35","unstructured":"Myers, A., Ng, T.E., Zhang, H.: Rethinking the service model: Scaling ethernet to a million nodes. (2004)"},{"key":"659_CR36","doi-asserted-by":"crossref","unstructured":"Stephens, B., Cox, A.L., Rixner, S., Ng, T.S.E.: A scalability study of enterprise network architectures. ACM\/IEEE ANCS '11. (2011)","DOI":"10.1109\/ANCS.2011.28"},{"key":"659_CR37","doi-asserted-by":"crossref","unstructured":"Benson, T., Akella, A., Shaikh, A., Sahu, S.: CloudNaaS: a cloud networking platform for enterprise applications. SOCC '11. (2011)","DOI":"10.1145\/2038916.2038924"},{"key":"659_CR38","doi-asserted-by":"crossref","unstructured":"Edwards, A., Fischer, A., Lain., A.: Diverter: a new approach to networking within virtualized infrastructures. ACM WREN '09. (2009)","DOI":"10.1145\/1592681.1592698"},{"key":"659_CR39","doi-asserted-by":"crossref","unstructured":"Elmeleegy, K., Cox, A.: Etherproxy: scaling ethernet by suppressing broadcast trafficc. In: IEEE INFOCOM'09. (2009)","DOI":"10.1109\/INFCOM.2009.5062076"},{"key":"659_CR40","doi-asserted-by":"crossref","unstructured":"Niranjan Mysore, R., Pamboris, A., Farrington, N., Huang, N., Miri, P., Radhakrishnan, S., Subramanya, V., Vahdat, A.: Portland: a scalable fault-tolerant layer 2 data center network fabric. ACM SIGCOMM '09, (2009)","DOI":"10.1145\/1592568.1592575"},{"key":"659_CR41","unstructured":"Sridharan, M. et al.: NVGRE: Network virtualization using generic routing encapsulation. In: Network Working Group Internet Draft. (2011)"},{"issue":"7","key":"659_CR42","doi-asserted-by":"publisher","first-page":"770","DOI":"10.1109\/LCOMM.2011.060111.102264","volume":"15","author":"G Ibanez","year":"2011","unstructured":"Ibanez, G., et al.: ARP-path: ARP-based, shortest path bridges. IEEE Commun. Lett. 15(7), 770\u2013772 (2011)","journal-title":"IEEE Commun. Lett."},{"key":"659_CR43","doi-asserted-by":"crossref","unstructured":"Martinez-Yelmo, I. et al.: ARP-P4: A hybrid ARP-Path\/p4runtime switch. In: 2018 IEEE 26th International conference on network protocols (ICNP) IEEE, 2018","DOI":"10.1109\/ICNP.2018.00062"},{"issue":"4","key":"659_CR44","doi-asserted-by":"publisher","first-page":"555","DOI":"10.1007\/s11235-019-00588-2","volume":"72","author":"I Martinez-Yelmo","year":"2019","unstructured":"Martinez-Yelmo, I., et al.: ARP-P4: deep analysis of a hybrid SDN ARP-Path\/P4Runtime switch. Telecommunication Systems: Modelling, Analysis, Design and Management 72(4), 555\u2013565 (2019)","journal-title":"Telecommunication Systems: Modelling, Analysis, Design and Management"},{"key":"659_CR45","doi-asserted-by":"publisher","first-page":"106990","DOI":"10.1016\/j.compeleceng.2021.106990","volume":"90","author":"T Girdler","year":"2021","unstructured":"Girdler, T., Vassilakis, V.: Implementing an intrusion detection and prevention system using Software-Defined Networking: Defending against ARP spoofing attacks and Blacklisted MAC Addresses. Comput. Electr. Eng. 90, 106990 (2021)","journal-title":"Comput. Electr. Eng."},{"key":"659_CR46","doi-asserted-by":"publisher","DOI":"10.26682\/sjuod.2019.22.1.14","author":"H Khalid","year":"2019","unstructured":"Khalid, H., Ismael, P., Al-Khali, A.B.: Efficient mechanism for securing software defined network against ARP spoofing attack. J Duhok Univ (2019). https:\/\/doi.org\/10.26682\/sjuod.2019.22.1.14","journal-title":"J Duhok Univ"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-022-00659-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-022-00659-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-022-00659-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,26]],"date-time":"2023-05-26T01:19:04Z","timestamp":1685063944000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-022-00659-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,8]]},"references-count":46,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2023,6]]}},"alternative-id":["659"],"URL":"https:\/\/doi.org\/10.1007\/s10207-022-00659-7","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"type":"print","value":"1615-5262"},{"type":"electronic","value":"1615-5270"}],"subject":[],"published":{"date-parts":[[2023,3,8]]},"assertion":[{"value":"20 December 2022","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 March 2023","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that there are no potential conflicts of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflicts of interest"}},{"value":"This article does not contain any studies involving human participants performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Human or animal rights"}}]}}