软件定义网络(MASON)中的MTD分析与评价框架

Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization Pub Date : 2018-03-14 DOI:10.1145/3180465.3180473

Ankur Chowdhary, Adel Alshamrani, Dijiang Huang, Hongbin Liang

{"title":"软件定义网络(MASON)中的MTD分析与评价框架","authors":"Ankur Chowdhary, Adel Alshamrani, Dijiang Huang, Hongbin Liang","doi":"10.1145/3180465.3180473","DOIUrl":null,"url":null,"abstract":"Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD)technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research workMASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker»s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"44 2 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2018-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"MTD Analysis and evaluation framework in Software Defined Network (MASON)\",\"authors\":\"Ankur Chowdhary, Adel Alshamrani, Dijiang Huang, Hongbin Liang\",\"doi\":\"10.1145/3180465.3180473\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD)technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research workMASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker»s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.\",\"PeriodicalId\":20513,\"journal\":{\"name\":\"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization\",\"volume\":\"44 2 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-03-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3180465.3180473\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3180465.3180473","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 32

摘要

软件定义网络(SDN)环境中的安全问题，如系统漏洞和入侵企图，可能会给SDN管理的多租户网络带来安全风险。在本研究中，为了增加攻击者利用云网络的难度，采用了基于shuffle策略-端口跳变的移动目标防御技术(MTD)。我们的研究工作mason，考虑了使用SDN管理的网络中的多阶段攻击问题。SDN控制器可以动态地重新配置网络，使攻击者的知识在多阶段攻击中变得多余。我们利用基于漏洞信息和入侵尝试的威胁评分来识别高安全风险系统中的虚拟机(vm)，并实现MTD对策端口跳变来评估云网络中的威胁评分降低情况。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

MTD Analysis and evaluation framework in Software Defined Network (MASON)

Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD)technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research workMASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker»s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization

自引率

0.00%

发文量