(also user plane, forwarding plane, carrier plane, bearer plane)
Data plane definition
A data plane is the part of the network that carries user traffic. It is the place where data movement from the source to the destination is executed. It can also be described as the actual data forwarding process on a network. And since the data plane carries all user traffic, it is subject to most cyber attacks. In consequence, it is also the place where most security measures are implemented.
Data plane attack types
- MAC attacks. MAC attacks are cyberattacks that can compromise the data transmitted to a device by overflowing the MAC address table with different fake source MAC addresses.
- ARP attacks. An ARP attack, or ARP spoofing, is an attack where a hacker sends fake ARP (Address Resolution Protocol) messages to a LAN (local area network). It allows hackers to intercept communication between two or more network devices.
- VLAN hopping. By doing VLAN hopping, a hacker can get access to other VLANs on the network they attacked and take control of the network’s traffic.
- Spanning tree attacks. A spanning tree attack (STP) happens when the attacker spoofs the root bridge in the topology in an effort to force an STP recalculation. An STP recalculation can cause a denial-of-service (DoS) condition, making the computer or other attacked device unavailable to its users.
- DHCP rogue server attack. With this attack, a hacker can introduce a rogue server into a network and reply to clients’ DHCP discovery requests. A hacker can conduct such an attack by infecting a network with a virus or malicious software.