SDN security prediction method based on bayesian attack graph
Existing researchers use threat modeling and security analysis system to evaluate and predict SDN (software defined network) security threats, but this method does not consider the vulnerability utilization of SDN controller and the location of devices in the network, so the security evaluation is n...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Beijing Xintong Media Co., Ltd
2021-11-01
|
| Series: | Dianxin kexue |
| Subjects: | |
| Online Access: | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2021212/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Existing researchers use threat modeling and security analysis system to evaluate and predict SDN (software defined network) security threats, but this method does not consider the vulnerability utilization of SDN controller and the location of devices in the network, so the security evaluation is not accurate.In order to solve the above problems, according to the probability of device vulnerability utilization and device criticality, combined with PageRank algorithm, a algorithm to calculate the importance of each device in SDN was designed; according to SDN attack graph and Bayesian theory, a method to measure the success probability of device being attacked was designed.On this basis, a SDN security prediction method based on Bayesian attack graph was proposed to predict the attacker's attack path.Experimental results show that this method can accurately predict the attacker's attack path and provide more accurate basis for security defense. |
|---|---|
| ISSN: | 1000-0801 |