Biblio
Filters: Author is Shan-Shan, Jia [Clear All Filters]
.
2018. The APT Detection Method Based on Attack Tree for SDN. Proceedings of the 2Nd International Conference on Cryptography, Security and Privacy. :116-121.
SDN with centralized control is more vulnerable to suffer from APT than traditional network. To accurately detect the APT that the SDN may suffer from, this paper proposes the APT detection method based on attack tree for SDN. Firstly, after deeply analyzing the process of APT in SDN, we establish APT attack model based on attack tree. Then, correlation analysis of attack behavior that detected by multiple detection methods to get attack path. Finally, the attack path match the APT attack model to judge whether there is an APT in SDN. Experiment shows that the method is more accurate to detect APT in SDN, and less overhead.