@inproceedings{9a59ad0c506a45ffaa75bbc2aeb390ba,
title = "Improving attack graph scalability for the cloud through SDN-based decomposition and parallel processing",
abstract = "Due to its fast growth, Cloud computing is a quick evolving research area. Security, which is among the most required Cloud features, is a very hard and challenging task when it{\textquoteright}s addressed for large networked systems. To automate security assessment, one should use an Attack Representation Model (ARM), such as Attack Graph (AG) or Attack Tree, to represent and analyze multi-host multi-stage attacks. In order to improve AG analysis for large-scale networked systems, our framework uses Software-defined Networking (SDN) to build a detailed and dynamic knowledge about the network configuration and the host access control list. Altogether with machine configuration information, our framework will be able to construct loosely connected sub-groups of virtual machines and perform a parallel security analysis. We have performed experimental validation using a real networked system to show the performance improvement in comparison with MULVAL network security analyzer.",
keywords = "Attack representation models, Graph theory, Scalability",
author = "Oussama Mjihil and Dijiang Huang and Abdelkrim Haqiq",
note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2017.; 3rd International Symposium on Ubiquitous Networking, UNet 2017 ; Conference date: 09-05-2017 Through 12-05-2017",
year = "2017",
doi = "10.1007/978-3-319-68179-5_17",
language = "English (US)",
isbn = "9783319681788",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "193--205",
editor = "{Garcia Armada}, Ana and Mounir Ghogho and Essaid Sabir and Mounir Ghogho and Merouane Debbah",
booktitle = "Ubiquitous Networking -3rd International Symposium, UNet 2017, Revised Selected Papers",
}