Utilizing attack enumerations to study SDN/NFV vulnerabilities - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2018

Utilizing attack enumerations to study SDN/NFV vulnerabilities

Résumé

Several cybersecurity attack enumerations area available today. These enumerations present lists of known attack patterns (CAPEC), security weaknesses (CWE) or cybersecurity vulnerabilities (CVE). These enumerations are being developed separately and manually. In this paper, we present our efforts in determine the relations between enumerations automatically. We rely on text-based, graph-based and recommendation-based approaches. Then we present of using the prediction in recommending related attacks to SDN/NFV security issues. Experimental results showed that we can predict the relations at high AU C and F − 1 scores. Furthermore, the results gave us some insights about how the enumerations are created and linked, and some suggestions to improve the process in the future.
Fichier principal
Vignette du fichier
ETSN_2018_extended (1).pdf (329.85 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01763368 , version 1 (11-04-2018)
hal-01763368 , version 2 (06-08-2018)

Identifiants

  • HAL Id : hal-01763368 , version 2

Citer

Quang-Vinh Dang, Jérôme François. Utilizing attack enumerations to study SDN/NFV vulnerabilities. IEEE ETSN - International Workshop on Emerging Trends in Softwarized Networks, Jun 2018, Montreal, Canada. ⟨hal-01763368v2⟩
301 Consultations
540 Téléchargements

Partager

Gmail Facebook X LinkedIn More