SDN security prediction method based on bayesian attack graph
Existing researchers use threat modeling and security analysis system to evaluate and predict SDN (software defined network) security threats, but this method does not consider the vulnerability utilization of SDN controller and the location of devices in the network, so the security evaluation is n...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Beijing Xintong Media Co., Ltd
2021-11-01
|
| Series: | Dianxin kexue |
| Subjects: | |
| Online Access: | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2021212/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841528879772073984 |
|---|---|
| author | Yanshang YIN Tongpeng SUO Ligang DONG Xian JIANG |
| author_facet | Yanshang YIN Tongpeng SUO Ligang DONG Xian JIANG |
| author_sort | Yanshang YIN |
| collection | DOAJ |
| description | Existing researchers use threat modeling and security analysis system to evaluate and predict SDN (software defined network) security threats, but this method does not consider the vulnerability utilization of SDN controller and the location of devices in the network, so the security evaluation is not accurate.In order to solve the above problems, according to the probability of device vulnerability utilization and device criticality, combined with PageRank algorithm, a algorithm to calculate the importance of each device in SDN was designed; according to SDN attack graph and Bayesian theory, a method to measure the success probability of device being attacked was designed.On this basis, a SDN security prediction method based on Bayesian attack graph was proposed to predict the attacker's attack path.Experimental results show that this method can accurately predict the attacker's attack path and provide more accurate basis for security defense. |
| format | Article |
| id | doaj-art-ae5263a58fa043d2b6afa9735db49f70 |
| institution | Kabale University |
| issn | 1000-0801 |
| language | zho |
| publishDate | 2021-11-01 |
| publisher | Beijing Xintong Media Co., Ltd |
| record_format | Article |
| series | Dianxin kexue |
| spelling | doaj-art-ae5263a58fa043d2b6afa9735db49f702025-01-15T03:33:01ZzhoBeijing Xintong Media Co., LtdDianxin kexue1000-08012021-11-0137758559815898SDN security prediction method based on bayesian attack graphYanshang YINTongpeng SUOLigang DONGXian JIANGExisting researchers use threat modeling and security analysis system to evaluate and predict SDN (software defined network) security threats, but this method does not consider the vulnerability utilization of SDN controller and the location of devices in the network, so the security evaluation is not accurate.In order to solve the above problems, according to the probability of device vulnerability utilization and device criticality, combined with PageRank algorithm, a algorithm to calculate the importance of each device in SDN was designed; according to SDN attack graph and Bayesian theory, a method to measure the success probability of device being attacked was designed.On this basis, a SDN security prediction method based on Bayesian attack graph was proposed to predict the attacker's attack path.Experimental results show that this method can accurately predict the attacker's attack path and provide more accurate basis for security defense.http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2021212/SDN security predictionvulnerability utilization probabilityattack graphPR algorithm |
| spellingShingle | Yanshang YIN Tongpeng SUO Ligang DONG Xian JIANG SDN security prediction method based on bayesian attack graph Dianxin kexue SDN security prediction vulnerability utilization probability attack graph PR algorithm |
| title | SDN security prediction method based on bayesian attack graph |
| title_full | SDN security prediction method based on bayesian attack graph |
| title_fullStr | SDN security prediction method based on bayesian attack graph |
| title_full_unstemmed | SDN security prediction method based on bayesian attack graph |
| title_short | SDN security prediction method based on bayesian attack graph |
| title_sort | sdn security prediction method based on bayesian attack graph |
| topic | SDN security prediction vulnerability utilization probability attack graph PR algorithm |
| url | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2021212/ |
| work_keys_str_mv | AT yanshangyin sdnsecuritypredictionmethodbasedonbayesianattackgraph AT tongpengsuo sdnsecuritypredictionmethodbasedonbayesianattackgraph AT ligangdong sdnsecuritypredictionmethodbasedonbayesianattackgraph AT xianjiang sdnsecuritypredictionmethodbasedonbayesianattackgraph |