Utilizing attack enumerations to study SDN/NFV vulnerabilities

Quang-Vinh Dang 1 Jérôme François 1
1 RESIST - Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Several cybersecurity attack enumerations area available today. These enumerations present lists of known attack patterns (CAPEC), security weaknesses (CWE) or cybersecurity vulnerabilities (CVE). These enumerations are being developed separately and manually. In this paper, we present our efforts in determine the relations between enumerations automatically. We rely on text-based, graph-based and recommendation-based approaches. Then we present of using the prediction in recommending related attacks to SDN/NFV security issues. Experimental results showed that we can predict the relations at high AU C and F − 1 scores. Furthermore, the results gave us some insights about how the enumerations are created and linked, and some suggestions to improve the process in the future.
Document type :
Conference papers
Liste complète des métadonnées

Cited literature [21 references]  Display  Hide  Download

https://hal.inria.fr/hal-01763368
Contributor : Quang Vinh Dang <>
Submitted on : Monday, August 6, 2018 - 3:01:53 PM
Last modification on : Thursday, February 7, 2019 - 3:06:55 PM

File

ETSN_2018_extended (1).pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01763368, version 2

Collections

Citation

Quang-Vinh Dang, Jérôme François. Utilizing attack enumerations to study SDN/NFV vulnerabilities. IEEE ETSN - International Workshop on Emerging Trends in Softwarized Networks, Jun 2018, Montreal, Canada. ⟨hal-01763368v2⟩

Share

Metrics

Record views

174

Files downloads

278