Utilizing attack enumerations to study SDN/NFV vulnerabilities - Archive ouverte HAL Access content directly
Conference Papers Year :

Utilizing attack enumerations to study SDN/NFV vulnerabilities

(1) , (1)
1

Abstract

Several cybersecurity attack enumerations area available today. These enumerations present lists of known attack patterns (CAPEC), security weaknesses (CWE) or cybersecurity vulnerabilities (CVE). These enumerations are being developed separately and manually. In this paper, we present our efforts in determine the relations between enumerations automatically. We rely on text-based, graph-based and recommendation-based approaches. Then we present of using the prediction in recommending related attacks to SDN/NFV security issues. Experimental results showed that we can predict the relations at high AU C and F − 1 scores. Furthermore, the results gave us some insights about how the enumerations are created and linked, and some suggestions to improve the process in the future.
Fichier principal
Vignette du fichier
ETSN_2018_extended (1).pdf (329.85 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01763368 , version 1 (11-04-2018)
hal-01763368 , version 2 (06-08-2018)

Identifiers

  • HAL Id : hal-01763368 , version 2

Cite

Quang-Vinh Dang, Jérôme François. Utilizing attack enumerations to study SDN/NFV vulnerabilities. IEEE ETSN - International Workshop on Emerging Trends in Softwarized Networks, Jun 2018, Montreal, Canada. ⟨hal-01763368v2⟩
273 View
497 Download

Share

Gmail Facebook Twitter LinkedIn More