Network security analyzing and modeling based on Petri net and Attack tree for SDN

Linyuan Yao, Ping Dong, Tao Zheng, Hongke Zhang, Xiaojiang Du, Mohsen Guizani

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

15 Scopus citations

Abstract

Due to the widespread research on Software Defined Networks (SDNs), its security has received much attention recently. But most of those attempts consider SDN security from the OpenFlow perspective. To the best of our knowledge, none so far has paid attention to the security analysis and modeling of Forwarding and Control planes Separation Network Structure (FCSNS) in SDN. Therefore, this paper provides a different approach to network security based on Petri net and Attack tree models. Our objective is to analyze the FCSNS security via the combination of model and state. This method represents the network structure and state transferring by way of Petri net. In addition, it introduces the security analysis method of STRIDE to build up the Attack tree model. Finally, we analyze FCSNS via the combination of Petri net and Attack tree model and present the results. Our results are very promising in using such models to achieve such security objectives.

Original languageEnglish
Title of host publication2016 International Conference on Computing, Networking and Communications, ICNC 2016
ISBN (Electronic)9781467385794
DOIs
StatePublished - 23 Mar 2016
EventInternational Conference on Computing, Networking and Communications, ICNC 2016 - Kauai, United States
Duration: 15 Feb 201618 Feb 2016

Publication series

Name2016 International Conference on Computing, Networking and Communications, ICNC 2016

Conference

ConferenceInternational Conference on Computing, Networking and Communications, ICNC 2016
Country/TerritoryUnited States
CityKauai
Period15/02/1618/02/16

Keywords

  • Attack tree
  • Control
  • Forward
  • OpenFlow
  • Petri net
  • SDN
  • Separation

Fingerprint

Dive into the research topics of 'Network security analyzing and modeling based on Petri net and Attack tree for SDN'. Together they form a unique fingerprint.

Cite this