The APT Detection Method Based on Attack Tree for SDN
| Title | The APT Detection Method Based on Attack Tree for SDN |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Shan-Shan, Jia, Ya-Bin, Xu |
| Conference Name | Proceedings of the 2Nd International Conference on Cryptography, Security and Privacy |
| Publisher | ACM |
| ISBN Number | 978-1-4503-6361-7 |
| Keywords | APT, attack tree, Correlation analysis, pubcrawl, resilience, Resiliency, Scalability, SDN, SDN security |
| Abstract | SDN with centralized control is more vulnerable to suffer from APT than traditional network. To accurately detect the APT that the SDN may suffer from, this paper proposes the APT detection method based on attack tree for SDN. Firstly, after deeply analyzing the process of APT in SDN, we establish APT attack model based on attack tree. Then, correlation analysis of attack behavior that detected by multiple detection methods to get attack path. Finally, the attack path match the APT attack model to judge whether there is an APT in SDN. Experiment shows that the method is more accurate to detect APT in SDN, and less overhead. |
| URL | https://dl.acm.org/citation.cfm?doid=3199478.3199481 |
| DOI | 10.1145/3199478.3199481 |
| Citation Key | shan-shan_apt_2018 |