In recent years, the networking field has been marked by the emergence of a new technology that seems set to revolutionize everything in our infrastructure. Software-Defined Networks (SDN), which present a new approach to networking with a different architectural philosophy. These changes in network infrastructure simplify equipment and make it independent. SDN is not a single solution or product, but rather a collection of innovative technologies that enable centralized control of network resources, improved programmability and orchestration of these resources, and virtualization by decoupling them from the physical elements of the network. However, increasing centralization raises serious security and privacy concerns, exposing networks to vulnerabilities including unauthorized access, data breaches, and malware infections. This article examines security concerns in the deployment of SDN in a campus network environment using a structured Threat Modeling approach based on the STRIDE methodology. Following a methodical methodology, we describe the SDN use case and illustrate its architecture using a Data Flow Diagram (DFD) to identify essential assets and communication flows in each zone of the SDN architecture. We then examine potential hazards to each zone, assess the risks, and recommend appropriate mitigation strategies. Our method is to improve the security and dependability of SDN, a technology that provides substantial benefits in terms of flexibility, scalability, and network management but is vulnerable to a variety of cyber threats if not properly guarded. The combination of STRIDE threat modeling and CVSS scoring enables a comprehensive understanding of vulnerabilities in SDN environments, prioritizing mitigation efforts based on exploitability and impact. Specific outcomes include T11, rated as a Critical risk with a CVSS score of 9.8, and T5 and T4 reaching Extreme levels in the 5x5 matrix. This approach helps to address high-risk threats while ensuring a balanced security strategy across varying threat levels.

R. Chaudhary, F. S. Aujla, N. Kumar, and P. K. Chouhan, “A comprehensive survey on software‐defined networking for smart communities”, International Journal of Communication Systems, Vol. 38, No. 1, p. e5296, 2025.

M. Aldaoud, D. Al-Abri, M. Awadalla, and F. Kausar, “Leveraging ICN and SDN for future internet architecture: a survey”, Electronics, Vol. 12, No. 7, p. 1723, 2023.

Y. Maleh, Y. Qasmaoui, K. El Gholami, Y. Sadqi, and S. Mounir, “A comprehensive survey on SDN security: threats, mitigations, and future directions”, Journal of Reliable Intelligent Environments, Vol. 9, No. 2, pp. 201-239, 2023.

A. Liatifis, P. Sarigiannidis, V. Argyriou, and T. Lagkas, “Advancing sdn from openflow to p4: A survey”, ACM Computing Surveys, Vol. 55, No. 9, pp. 1-37, 2023.

M. Erbas, S. M. Khalil, and L. Tsiopoulos, “Systematic literature review of threat modeling and risk assessment in ship cybersecurity”, Ocean Engineering, Vol. 306, p. 118059, 2024.

K. Kaur, V. Mangat, and K. Kumar, “A comprehensive survey of service function chain provisioning approaches in SDN and NFV architecture”, Computer Science Review, Vol. 38, p. 100298, 2020.

S. Aouad, I. El Meghrouni, Y. Sabri, A. Hilmani, and A. Maizate, “Security of software defined networks: evolution and challenges”, Int J Reconfigurable & Embedded Syst ISSN, Vol. 2089, No. 4864, p. 4864, 2023.

M. S. Farooq, S. Riaz, and A. Alvi, “Security and privacy issues in software-defined networking (SDN): A systematic literature review,” Electronics, Vol. 12, No. 14, p. 3077, 2023.

S. Pradeep, Y. K. Sharma, U. K. Lilhore, S. Simaiya, A. Kumar, S. Ahuja, M. Margala, P. Chakrabarti, and T. Chakrabarti, “Developing an SDN security model (EnsureS) based on lightweight service path validation with batch hashing and tag verification”, Scientific Reports, Vol. 13, No. 1, p. 17381, 2023.

J. Kim, M. Seo, S. Lee, J. Nam, V. Yegneswaran, P. Porras, G. Guofei, and S. Shin, “Enhancing security in SDN: Systematizing attacks and defenses from a penetration perspective”, Computer Networks, Vol. 241, p. 110203, 2024.

B. Ayodele and V. Buttigieg, “SDN as a defence mechanism: a comprehensive survey”, International Journal of Information Security, Vol. 23, No. 1, pp. 141-185, 2024.

M. Rahouti, K. Xiong, Y. Xin, S. K. Jagatheesaperumal, M. Ayyash, and M. Shaheed, “SDN security review: Threat taxonomy, implications, and open challenges”, IEEE ACCESS, Vol. 10, pp. 45820-45854, 2022.

M. Chouikik, M. Ouaissa, M. Ouaissa, Z. Boulouard, and M. Kissi, “Detection and mitigation of DDoS attacks in SDN based intrusion detection system”, Bulletin of Electrical Engineering and Informatics, Vol. 13, No. 4, pp. 2750-2757, 2024.

W. Xiong and R. Lagerström, “Threat modeling–A systematic literature review”, Computers & security, Vol. 84, pp. 53-69, 2019.

N. Naik, P. Jenkins, P. Grace, D. Naik, S. Prajapat, and J. Song, “A comparative analysis of threat modelling methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN”, In: The International Conference on Computing, Communication, Cybersecurity & AI, London, UK, Cham: Springer Nature Switzerland, pp. 271-280, 2024.

P. Das, M. R. A. Asif, S. Jahan, K. Ahmed, F. M. Bui, and R. Khondoker, “STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and Treatment of an In-Vehicle Infotainment System”, Vehicles, Vol. 6, No. 3, pp. 1140-1163, 2024.

M. Ouaissa and M. Ouaissa, “Analyzing and Mitigating Attacks in IoT Smart Home Using a Threat Modeling Approach-Based STRIDE”, International Journal of Interactive Mobile Technologies, Vol. 19, No. 2, 2025.

I. Hossain, N. I. Chowdhury, and R. Hasan, R. “How Secure is AI-based Coding?: A Security Analysis Using STRIDE and Data Flow Diagrams”, In: 2023 IEEE Virtual Conference on Communications (VCC), NY, USA, pp. 56-61, 2023.

J. K. Debnath and D. Xie, D. (2022, April). “CVSS-based vulnerability and risk assessment for high performance computing networks”, In: 2022 IEEE International Systems Conference (SysCon), Montreal, QC, Canada, pp. 1-8, 2022.

A. Vaezi, S. Jones, and A. Asgary, “Integrating Resilience into Risk Matrices: A Practical Approach to Risk Assessment with Empirical Analysis”, Journal of Risk Analysis and Crisis Response, Vol. 13, No. 4, pp. 252-272, 2023.