The ubiquitous cloud computing services provide a new paradigm to the work-from-home environment adopted by the enterprise in the unprecedented crisis of the COVID-19 outbreak. However, the change in work culture would also increase the chances of the cybersecurity attack, MAC spoofing attack, and DDoS/DoS attack due to the divergent incoming traffic from the untrusted network for accessing the enterprise’s resources. Networks are usually unable to detect spoofing if the intruder already forges the host’s MAC address. However, the techniques used in the existing researches mistakenly classify the malicious host as the legitimate one. This paper proposes a novel access control policy based on a zero-trust network by explicitly restricting the incoming network traffic to substantiate MAC spoofing attacks in the software-defined network (SDN) paradigm of cloud computing. The multiplicative increase and additive decrease algorithm helps to detect the advanced MAC spoofing attack before penetrating the SDN-based cloud resources. Based on the proposed approach, a dynamic threshold is assigned to the incoming port number. The self-learning feature of the threshold stamping helps to rectify a legitimate user’s traffic before classifying it to the attacker. Finally, the mathematical and experimental results exhibit high accuracy and detection rate than the existing methodologies. The novelty of this approach strengthens the security of the SDN paradigm of cloud resources by redefining conventional access control policy.

无处不在的云计算服务为企业在前所未有的 COVID-19 疫情危机中采用的在家工作环境提供了新的范式。然而，由于来自不受信任的网络访问企业资源的传入流量不同，工作文化的变化也会增加网络安全攻击、MAC 欺骗攻击和 DDoS/DoS 攻击的机会。如果入侵者已经伪造了主机的 MAC 地址，网络通常无法检测到欺骗行为。然而，现有研究中使用的技术错误地将恶意主机分类为合法主机。本文提出了一种基于零信任网络的新型访问控制策略，通过显式限制传入网络流量来证实云计算软件定义网络（SDN）范式中的 MAC 欺骗攻击。乘增加减算法有助于在渗透基于SDN的云资源之前检测到高级MAC欺骗攻击。基于所提出的方法，动态阈值被分配给传入端口号。阈值标记的自学习功能有助于在将合法用户的流量分类为攻击者之前纠正该流量。最后，数学和实验结果表现出比现有方法更高的准确性和检测率。这种方法的新颖之处在于通过重新定义传统的访问控制策略来增强云资源的SDN范式的安全性。