TY - GEN
T1 - Network security analyzing and modeling based on Petri net and Attack tree for SDN
AU - Yao, Linyuan
AU - Dong, Ping
AU - Zheng, Tao
AU - Zhang, Hongke
AU - Du, Xiaojiang
AU - Guizani, Mohsen
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/3/23
Y1 - 2016/3/23
N2 - Due to the widespread research on Software Defined Networks (SDNs), its security has received much attention recently. But most of those attempts consider SDN security from the OpenFlow perspective. To the best of our knowledge, none so far has paid attention to the security analysis and modeling of Forwarding and Control planes Separation Network Structure (FCSNS) in SDN. Therefore, this paper provides a different approach to network security based on Petri net and Attack tree models. Our objective is to analyze the FCSNS security via the combination of model and state. This method represents the network structure and state transferring by way of Petri net. In addition, it introduces the security analysis method of STRIDE to build up the Attack tree model. Finally, we analyze FCSNS via the combination of Petri net and Attack tree model and present the results. Our results are very promising in using such models to achieve such security objectives.
AB - Due to the widespread research on Software Defined Networks (SDNs), its security has received much attention recently. But most of those attempts consider SDN security from the OpenFlow perspective. To the best of our knowledge, none so far has paid attention to the security analysis and modeling of Forwarding and Control planes Separation Network Structure (FCSNS) in SDN. Therefore, this paper provides a different approach to network security based on Petri net and Attack tree models. Our objective is to analyze the FCSNS security via the combination of model and state. This method represents the network structure and state transferring by way of Petri net. In addition, it introduces the security analysis method of STRIDE to build up the Attack tree model. Finally, we analyze FCSNS via the combination of Petri net and Attack tree model and present the results. Our results are very promising in using such models to achieve such security objectives.
KW - Attack tree
KW - Control
KW - Forward
KW - OpenFlow
KW - Petri net
KW - SDN
KW - Separation
UR - http://www.scopus.com/inward/record.url?scp=84966549710&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84966549710&partnerID=8YFLogxK
U2 - 10.1109/ICCNC.2016.7440631
DO - 10.1109/ICCNC.2016.7440631
M3 - Conference contribution
AN - SCOPUS:84966549710
T3 - 2016 International Conference on Computing, Networking and Communications, ICNC 2016
BT - 2016 International Conference on Computing, Networking and Communications, ICNC 2016
T2 - International Conference on Computing, Networking and Communications, ICNC 2016
Y2 - 15 February 2016 through 18 February 2016
ER -