Utilizing attack enumerations to study SDN/NFV vulnerabilities

Abstract : Several cybersecurity attack enumerations area available today. These enumerations present lists of known attack patterns (CAPEC), security weaknesses (CWE) or cybersecurity vulnerabilities (CVE). These enumerations are being developed separately and manually. In this paper, we present our efforts in determine the relations between enumerations automatically. We rely on text-based, graph-based and recommendation-based approaches. Then we present of using the prediction in recommending related attacks to SDN/NFV security issues. Experimental results showed that we can predict the relations at high AU C and F − 1 scores. Furthermore, the results gave us some insights about how the enumerations are created and linked, and some suggestions to improve the process in the future.
Type de document :
Communication dans un congrès
IEEE ETSN - International Workshop on Emerging Trends in Softwarized Networks, Jun 2018, Montreal, Canada
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01763368
Contributeur : Quang Vinh Dang <>
Soumis le : lundi 6 août 2018 - 15:01:53
Dernière modification le : mardi 16 octobre 2018 - 08:46:02

Fichier

ETSN_2018_extended (1).pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01763368, version 2

Collections

Citation

Quang-Vinh Dang, Jérôme François. Utilizing attack enumerations to study SDN/NFV vulnerabilities. IEEE ETSN - International Workshop on Emerging Trends in Softwarized Networks, Jun 2018, Montreal, Canada. 〈hal-01763368v2〉

Partager

Métriques

Consultations de la notice

95

Téléchargements de fichiers

109