Network Automation Methodology for Detecting Rogue Switch

Document Type


Lead Author Type

CIS Masters Student


Dr. Vijay Bhuse; vijay_bhuse@gvsu.edu

Embargo Period



The issue of detecting malicious switches on the network is still a concern even as networks continue to grow more complex. Even though Wired networks are considered more secure than wireless, the wireless rogue device problem has been solved. However, the wired rogue switch problem remains unsolved.

In this project, we apply core networking concepts and demonstrate a smart solution by combining the latest Automation techniques with highly effective software tool-sets available for detecting malicious systems connected to a rogue switch. This solution promises quick detection and requires Zero Downtime which could prove to be an ideal solution for enterprises having managed switch production networks.

We achieve this by continuously filtering and analyzing network traffic for any broadcast storms or new Address Resolution protocol packets using Packet Analyzers and then effectively tracing the malicious host connected to the rogue switch by deploying automation techniques. This technique also helps detecting rogue unmanaged switches (“plug and play” devices) having pre-loaded configuration.

James.Vineet.pdf (538 kB)

This document is currently not available here.