Abstract | ||
---|---|---|
Several cybersecurity attack enumerations area available today. These enumerations present lists of known attack patterns (CAPEC), security weaknesses (CWE) or cybersecurity vulnerabilities (CVE). These enumerations are being developed separately and manually. In this paper, we present the efforts in determining the relations between enumerations automatically. We rely on text-based, graph-based and recommendation-based approaches. Then we present of using the prediction in recommending related attacks to SDN/NFV security issues. Experimental results showed that we can actually infer real relations. Furthermore, the results gave some insights into how the enumerations are created and linked, and some suggestions to improve the process in the future. |
Year | DOI | Venue |
---|---|---|
2018 | 10.1109/NETSOFT.2018.8459961 | 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft) |
Keywords | Field | DocType |
cybersecurity attack enumerations,CAPEC,CWE,CVE,cybersecurity vulnerabilities,SDN/NFV vulnerabilities,SDN/NFV security issues,recommendation-based approaches | Graph,Attack patterns,Task analysis,Network Functions Virtualization,Computer security,Computer science,Enumeration,Software,Market research,Vulnerability | Conference |
ISBN | Citations | PageRank |
978-1-5386-4634-2 | 0 | 0.34 |
References | Authors | |
10 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Quang-Vinh Dang | 1 | 0 | 0.34 |
Jérôme François | 2 | 170 | 21.81 |