Generalized stochastic Petri Net model based security risk assessment of software defined networks
Autor: | Laila M. Almutairi, Sachin Shetty |
---|---|
Rok vydání: | 2017 |
Předmět: |
020203 distributed computing
OpenFlow Computer science business.industry 020206 networking & telecommunications Denial-of-service attack 02 engineering and technology Petri net Virtualization computer.software_genre Network management 0202 electrical engineering electronic engineering information engineering Stochastic Petri net Routing control plane business Software-defined networking Protocol (object-oriented programming) computer Computer network |
Zdroj: | MILCOM |
DOI: | 10.1109/milcom.2017.8170813 |
Popis: | Software-defined networking (SDN) is a networking paradigm to provide automated network management at run time through network orchestration and virtualization. A central controller realizes the automatic network configuration in SDN at run time by conforming to a control plane protocol (e.g., OpenFlow) and switches act as simple forwarding devices. However, SDN are susceptible to cyber attacks and there is a need to understand and quantify the cyber risks. In this paper, we present a model to analyze attacks on SDN and generate risk assessment scores that can aid mitigation. We build and analyze a Generalized Stochastic Petri Net (GSPN) model for Denial of Service attack in SDN using the PIPE tool. The results show all possible attacker paths during the attack. Moreover, they indicate that there is a direct relation between the risk score of the transitions and the average time the attacker needs to successfully perform individual attack action. These results can be used to improve countermeasures of SDN attacks in future work. |
Databáze: | OpenAIRE |
Externí odkaz: |