Multi-Layer Attack Graph Analysis in the 5G Edge Network Using a Dynamic Hexagonal Fuzzy Method

Kholidy, Hisham A.

doi:10.3390/s22010009

Cited by 22 publications

(8 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The utilization relationship is constructed according to the utilization conditions and the predicted utilization consequences. The vulnerability utilization relationship is shown in Equation (19).…”

Section: Experimental Processmentioning

confidence: 99%

“…To enhance the relevance between vulnerability assessment and network systems, many studies have conducted network vulnerability analysis based on attack graphs. They realized the association analysis of key vulnerabilities in network systems by studying attack graph construction techniques [13,14], node analysis techniques [15][16][17] and attack path analysis [18,19]. However, the attack graph does not have the ability of quantitative analysis.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Xu,

Liu,

Sun

et al. 2024

Mathematics

View full text Add to dashboard Cite

Aiming at the problem that the search efficiency of key vulnerable nodes in large-scale networks is not high and the consideration factors are not comprehensive enough, in order to improve the time and space efficiency of search and the accuracy of results, a key vulnerable node discovery method based on Bayesian attack subgraphs and improved fuzzy C-means clustering is proposed. Firstly, the attack graph is divided into Bayesian attack subgraphs, and the analysis results of the complete attack graph are quickly obtained by aggregating the information of the attack path analysis in the subgraph to improve the time and space efficiency. Then, the actual threat features of the vulnerability nodes are extracted from the analysis results, and the threat features of the vulnerability itself in the common vulnerability scoring standard are considered to form the clustering features together. Next, the optimal number of clusters is adaptively adjusted according to the variance idea, and fuzzy clustering is performed based on the extracted clustering features. Finally, the key vulnerable nodes are determined by setting the feature priority. Experiments show that the proposed method can optimize the time and space efficiency of analysis, and the fuzzy clustering considering multiple features can improve the accuracy of analysis results.

show abstract

Section: Experimental Processmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Xu,

Liu,

Sun

et al. 2024

Mathematics

View full text Add to dashboard Cite

show abstract

“…A thorough study on the use of SDN to protect networks and recommend the use of SDN as a system for security [ 41 ]. The study lists a range of distinct problems and alternatives suggested to account for network risks in the literature.…”

Section: Background and Related Workmentioning

confidence: 99%

Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network

Prabakaran

Ramalakshmi

Hussain

et al. 2022

Sensors

View full text Add to dashboard Cite

Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers.

show abstract

“…Moreover, new techniques for implementing attack graphs were conducted in the last two years. For instance, [18] investigates 5G network vulnerability assessment and provides a dynamic method that combines the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) with hexagonal fuzzy numbers to accurately analyze 5G network vulnerabilities.…”

Section: Related Workmentioning

confidence: 99%

Security Analysis of Smart Grids

Ibrahim

Elhafiz

2022

Security and Communication Networks

View full text Add to dashboard Cite

An attack graph is a beneficial tool to network defenders, demonstrating the routes that an attacker can utilize to acquire entry to a target network. Cyber-attacks endanger the security of smart grids as a result of the presence of vulnerabilities in the diversified structural units establishing it. This paper introduces a new tool built using Python language and Jupyter Notebook to enumerate an attack graph for a smart grid. The smart grid is formally presented and implemented, determining system design, links, weaknesses, resources, potential attack instances, and their pre- and post-conditions. The tool is utilized to automatically determine an attack sequence in the form of a counterexample. It constructs the counterexamples, encodes those for requirement loosening, and iterates up until all attack sequences are disclosed. Then, the attack graph causing disruption of the smart grid’s workflow is graphically visualized.

show abstract

Multi-Layer Attack Graph Analysis in the 5G Edge Network Using a Dynamic Hexagonal Fuzzy Method

Cited by 22 publications

References 45 publications

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering

Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network

Security Analysis of Smart Grids

Contact Info

Product

Resources

About