Hybrid Threat Model of STRIDE and Attack tree for Security Analysis of Software Defined Network Controllers
| dc.contributor.advisor | Mesfin Kifle | |
| dc.contributor.author | Banchiaymolu Adera | |
| dc.date.accessioned | 2025-09-06T00:05:52Z | |
| dc.date.available | 2025-09-06T00:05:52Z | |
| dc.date.issued | 2023-10-31 | |
| dc.description.abstract | Software Defined Network (SDN) is a network which employs software based controllers to interact with physical infrastructure and manage network traffic. It offers numerous advantages over conventional networks, including enhanced programmability, scalability and visibility. These benefits make SDN a crucial technology for addressing the evolving needs of modern networks. However, along with these benefits, SDN also introduces new security challenges due to its architectural changes. One of the main security concerns in SDN is controllers’ security. Controllers serve as a core of SDN architecture, responsible for managing and controlling the network centrally. This centrality makes them high value targets for attackers and potential single points of failure. To ensure the security of SDN, it is essential to assess and mitigate vulnerabilities in SDN controllers. In previous studies, STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) threat model was used to analyze the security of SDN controllers. While it provides a systematic way of threat identification and categorization, it lacks granular and complete threat coverage and it has moderately high false negative rate. In this research, we addressed these limitations by proposing a hybrid threat model that combines STRIDE with attack tree. Attack tree provides a hierarchical and structured representation of attack scenarios and attack paths, enabling a more detailed analysis of threats. By integrating these two models, we aim to enhance the effectiveness and comprehensiveness of STRIDE only model. To evaluate our proposed hybrid model, we implemented it for security analysis of Ryu and POX controllers. As a result, we identified vulnerability to Denial of Service (DoS) attack in POX controller, which was not detected by using STRIDE only model used in previous studies. To further validate the effectiveness of our model, we conducted experimental test on mininet emulator. We exploited the detected vulnerability to launch DoS attacks on controllers and measured the impact on performance metrics bandwidth and delay. Result indicated that, both controllers are susceptible to DoS attack. However, POX controller exhibited a more significant degradation in bandwidth, a decrease of around 6.98Gbps. In contrast, the Ryu controller exhibited a decrease of around 0.74Gbps. The impact on traffic delay (jitter) was relatively small for both controllers, with values of 0.0016ms and 0.004ms for Ryu and POX, respectively. These findings show enhanced efficacy of our proposed hybrid threat model in assessing the security of SDN controllers. | |
| dc.identifier.uri | https://etd.aau.edu.et/handle/123456789/7411 | |
| dc.language.iso | en_US | |
| dc.publisher | Addis Ababa University | |
| dc.subject | Software Defined Network | |
| dc.subject | Threat Modeling | |
| dc.subject | Hybrid Threat Modeling | |
| dc.subject | SDN controllers | |
| dc.subject | Ryu | |
| dc.subject | POX | |
| dc.title | Hybrid Threat Model of STRIDE and Attack tree for Security Analysis of Software Defined Network Controllers | |
| dc.type | Thesis |