Detection and Isolation of a Rogue Access Point

Software-defined networking (SDN) is a technology that was developed a decade ago and has become apole of attraction for researchers due to its unique ability to distinguish the control plane from the data planeon network devices. With SDN, network security has the potential to evolve to a great extent. Manycompanies, large and small, are threatened by attacks with the ultimate goal of the attacker’s personal gain.One way for outsiders to enter is through Rogue Access Points (RAPs). RAPs are malicious devices thatare connected to the network and provide wireless connection to unauthorized devices. The presented thesislooks into different methods for detecting and isolating a RAP from the network with SDN architectures.The implementation of this system is developed in a platform called Mininet-WiFi that simulatesheterogeneous types of networks. A topology is created on Mininet-WiFi that includes ten hosts, anOpenFlow switch, a ryuretic controller and a RAP. The thesis aims to detect and block a rogue device inan SDN network, and three algorithms are developed to achieve the main goal of this thesis. The resultsshow that the detection and isolation algorithms work successfully. This can be understood becauseillegitimate users cannot ping the legitimate network users. In addition, the scalability and reliability of thenetwork is being tested by increasing the number of users.