Authors: Abeer Eldewahi; Alzubair Hassan; Khalid Elbadawi; Bazara Barry
Addresses: Department of Computer Science, Faculty of Mathematical Science, University of Khartoum, Khartoum, Sudan ' Centre for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China ' Department of Computer Science, Faculty of Mathematical Science, University of Khartoum, Khartoum, Sudan ' Department of Computer Science, Faculty of Mathematical Science, University of Khartoum, Khartoum, Sudan
Abstract: Software defined network (SDN) is an emerging technology that decouples the control plane from data plane in its network architecture. This architecture exposes new threats that are absent in the traditional IP network. The man at the end attack (MATE) is one of the serious attacks against SDN controller. The MATE attacker does his/her malicious activities by exploiting the nature of messages between the controller and switches which are involved in requests and replies. This paper proposes a new detection method for MATE attack. We also used the spoofing, tampering, repudiation, information disclosure, denial of service and elevation of privilege (STRIDE) model in the classification of a four-dimensional model to determine which attacks can be considered as MATE. Furthermore, we determine the behaviour of MATE attacker in SDN after control has been taken from the controller to help in the detection and prevention of the MATE attack.
Keywords: SDN; software defined network; MATE attack behaviour; four-dimensional model; STRIDE model.
International Journal of Grid and Utility Computing, 2019 Vol.10 No.4, pp.415 - 421
Received: 26 Jun 2018
Accepted: 11 Sep 2018
Published online: 25 Jun 2019 *