The analysis of man at the end attack behaviour in software defined network

Abstract

Software defined network (SDN) is an emerging technology that decouples the control plane from data plane in its network architecture. This architecture exposes new threats that are absent in the traditional IP network. The man at the end attack (MATE) is one of the serious attacks against SDN controller. The MATE attacker does his/her malicious activities by exploiting the nature of messages between the controller and switches which are involved in requests and replies. This paper proposes a new detection method for MATE attack. We also used the spoofing, tampering, repudiation, information disclosure, denial of service and elevation of privilege (STRIDE) model in the classification of a four-dimensional model to determine which attacks can be considered as MATE. Furthermore, we determine the behaviour of MATE attacker in SDN after control has been taken from the controller to help in the detection and prevention of the MATE attack.