The existing network risk control mechanisms are lack of scientific and normative decision-making and rely too much on subjective judgments, which brings a great uncertainty on network risk management. In this paper, a risk control decision-making mechanism of power data network based on grey relation is put forward, and puts emphasis on the prior risk control based on the prediction results. This mechanism first constructs a matrix of positive and negative ideal measures according to the risk control objective. Then, the grey relation coefficient matrix between the candidate and ideal measures is calculated to evaluate the similarity between measures. Finally, we define the grey relation projection coefficient to evaluate the degree of closeness between the candidate measure and the positive ideal measure and the degree of deviation between the candidate measure and the negative ideal measure. Simulation results show that this mechanism can make timely and accurate decision-making of network risk control measures.
{"title":"A decision-making mechanism of network risk control based on grey relation","authors":"Meng Li, Wenjing Li, Xiangjian Zeng, Peng Yu, Xue-song Qiu","doi":"10.1109/NOMS.2018.8406300","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406300","url":null,"abstract":"The existing network risk control mechanisms are lack of scientific and normative decision-making and rely too much on subjective judgments, which brings a great uncertainty on network risk management. In this paper, a risk control decision-making mechanism of power data network based on grey relation is put forward, and puts emphasis on the prior risk control based on the prediction results. This mechanism first constructs a matrix of positive and negative ideal measures according to the risk control objective. Then, the grey relation coefficient matrix between the candidate and ideal measures is calculated to evaluate the similarity between measures. Finally, we define the grey relation projection coefficient to evaluate the degree of closeness between the candidate measure and the positive ideal measure and the degree of deviation between the candidate measure and the negative ideal measure. Simulation results show that this mechanism can make timely and accurate decision-making of network risk control measures.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86780210","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406114
Leonhard Nobach, Jeremias Blendin, H. Kolbe, Georg Schyguda, D. Hausheer
Bare-metal switches (BMS) are switches sold without an operating system (OS), i.e. including only the switch hardware. For network operators this may not only provide a cost advantage, it also allows them to customize the OS behavior to their own needs. The aim of this demonstration is to show the applicability of BMS in a carrier-grade environment. To this end, a representative use case has been implemented on a BMS, which includes the healing of RTP packet loss by automatically selecting a stream with the least packet loss from redundant uplinks. This use case demonstrates the flexibility of BMS to be adaptable to even such specific needs in a network.
{"title":"RTP packet loss healing on a bare-metal switch","authors":"Leonhard Nobach, Jeremias Blendin, H. Kolbe, Georg Schyguda, D. Hausheer","doi":"10.1109/NOMS.2018.8406114","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406114","url":null,"abstract":"Bare-metal switches (BMS) are switches sold without an operating system (OS), i.e. including only the switch hardware. For network operators this may not only provide a cost advantage, it also allows them to customize the OS behavior to their own needs. The aim of this demonstration is to show the applicability of BMS in a carrier-grade environment. To this end, a representative use case has been implemented on a BMS, which includes the healing of RTP packet loss by automatically selecting a stream with the least packet loss from redundant uplinks. This use case demonstrates the flexibility of BMS to be adaptable to even such specific needs in a network.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89394638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406208
Hongyu Deng, Yiming Wang, Cheng Wu
In order to solve the problem of spectrum waste in the LTE-Railway (LTE-R) system, the paper uses Cognitive Radio (CR) to improve the ability of spectrum sharing on Vehicle-to- Ground communication. By constructing a novel Cognitive Radio Network (CRN) in LTE-R system, the Cognitive LTE-R eNodeB (C-eNodeB) can work with Vehicle Gateway (VG) and allocate idle and wasted spectrum resources to the passengers communicating devices to improve spectrum utilization of LTE-R, without impacting train-ground communication. Aiming at the novel CRN architecture, a C-eNodeB Queue Management Strategy (QMS) based on Type of Service (ToS) value priority is proposed to reduce the Real-Time (RT) service delay of Secondary Users (SU) caused by FIFO QMS. The simulation results show that the proposed CRN effectively improves the spectrum utilization of LTE-R system and the C-eNodeB QMS based on the ToS value priority significantly reduce the delay of RT business of passengers.
{"title":"Cognitive radio : A method to achieve spectrum sharing in LTE-R system","authors":"Hongyu Deng, Yiming Wang, Cheng Wu","doi":"10.1109/NOMS.2018.8406208","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406208","url":null,"abstract":"In order to solve the problem of spectrum waste in the LTE-Railway (LTE-R) system, the paper uses Cognitive Radio (CR) to improve the ability of spectrum sharing on Vehicle-to- Ground communication. By constructing a novel Cognitive Radio Network (CRN) in LTE-R system, the Cognitive LTE-R eNodeB (C-eNodeB) can work with Vehicle Gateway (VG) and allocate idle and wasted spectrum resources to the passengers communicating devices to improve spectrum utilization of LTE-R, without impacting train-ground communication. Aiming at the novel CRN architecture, a C-eNodeB Queue Management Strategy (QMS) based on Type of Service (ToS) value priority is proposed to reduce the Real-Time (RT) service delay of Secondary Users (SU) caused by FIFO QMS. The simulation results show that the proposed CRN effectively improves the spectrum utilization of LTE-R system and the C-eNodeB QMS based on the ToS value priority significantly reduce the delay of RT business of passengers.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78185826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406153
Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz
Software-defined networking offers new opportu-nities for protecting end users and their applications. In that context, dedicated chains can be built to combine different security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. To configure these security chains, it is important to have an adequate model of the patterns that end user applications exhibit when accessing the network. We propose an automated strategy for learning the networking behavior of end applications using algorithms for generating finite state models. These models can be exploited for inferring SDN policies ensuring that applications respect the observed behavior: such policies can be formally verified and deployed on SDN infrastructures in a dynamic and flexible manner. Our solution is prototypically implemented as a collection of Python scripts that extend our Synaptic verification package. The performance of our strategy is evaluated through extensive experimentations and is compared to the Synoptic and Invarimint automata learning algorithms.
{"title":"Generation of SDN policies for protecting android environments based on automata learning","authors":"Nicolas Schnepf, Rémi Badonnel, Abdelkader Lahmadi, Stephan Merz","doi":"10.1109/NOMS.2018.8406153","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406153","url":null,"abstract":"Software-defined networking offers new opportu-nities for protecting end users and their applications. In that context, dedicated chains can be built to combine different security functions, such as firewalls, intrusion detection systems and services for preventing data leakage. To configure these security chains, it is important to have an adequate model of the patterns that end user applications exhibit when accessing the network. We propose an automated strategy for learning the networking behavior of end applications using algorithms for generating finite state models. These models can be exploited for inferring SDN policies ensuring that applications respect the observed behavior: such policies can be formally verified and deployed on SDN infrastructures in a dynamic and flexible manner. Our solution is prototypically implemented as a collection of Python scripts that extend our Synaptic verification package. The performance of our strategy is evaluated through extensive experimentations and is compared to the Synoptic and Invarimint automata learning algorithms.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73052432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406263
Márton Kajó, B. Schultz, Janne Ali-Tolppa, G. Carle
Mobile network management systems often utilize quantization algorithms for abstraction and simplification of information, to be later processed by human operators or automated functions. In use cases such as visualization of high dimensional data or processing of anomalous observations, the off- the-shelf algorithms might produce misleading results, without the user realizing that the problem lies in the choice of the applied method. In this paper, we provide a quantization algorithm called Bounding Sphere Quantization (BSQ) that performs better than standard approaches when applied to these use cases, by minimizing the maximum error in the quantization. Since the proposed algorithm is computationally expensive, we also explore an alternative approach, which approximates the results achieved by BSQ while greatly reducing computational complexity. Our evaluation shows that BSQ provides more intuitive results that work better for the selected use cases when compared to the well-known k-Means algorithm.
{"title":"Equal-volume quantization of mobile network data using bounding spheres and boxes","authors":"Márton Kajó, B. Schultz, Janne Ali-Tolppa, G. Carle","doi":"10.1109/NOMS.2018.8406263","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406263","url":null,"abstract":"Mobile network management systems often utilize quantization algorithms for abstraction and simplification of information, to be later processed by human operators or automated functions. In use cases such as visualization of high dimensional data or processing of anomalous observations, the off- the-shelf algorithms might produce misleading results, without the user realizing that the problem lies in the choice of the applied method. In this paper, we provide a quantization algorithm called Bounding Sphere Quantization (BSQ) that performs better than standard approaches when applied to these use cases, by minimizing the maximum error in the quantization. Since the proposed algorithm is computationally expensive, we also explore an alternative approach, which approximates the results achieved by BSQ while greatly reducing computational complexity. Our evaluation shows that BSQ provides more intuitive results that work better for the selected use cases when compared to the well-known k-Means algorithm.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74896627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406241
Prashanth Podili, Kotaro Kataoka
The emergence of the IoT, 5G and different modes of computing has introduced a new demand to tailor-made networks to support a wide spectrum of applications. Even though virtualizing networks and applying QoS to these networks are crucial, it is always challenging to achieve QoS, high acceptance ratio, and cost effectiveness on provisioning virtual networks given the constrained resource of the underlying network. This paper introduces Delay Constraint Optimum Bandwidth Tree (DCOBT), which effectively satisfies the QoS requirement of virtual networks in terms of both end-to-end delay and bandwidth. We propose the QoS-aware Resource Provisioning (QRP) algorithm to determine DCOBT with less bandwidth consumption and superior load balancing. Using SDN as a key platform to implement QoS-aware virtual networks, this paper further proposes flow rule reduction using Destination Label Forwarding (DLF) to provision more virtual networks with less Ternary Content-Addressable Memory (TCAM) consumption. The evaluation results proved significant contribution on different aspects of resource provisioning for QoS-aware virtual networks with improved availability, scalability, and cost effectiveness.
{"title":"Effective resource provisioning for QoS-aware virtual networks in SDN","authors":"Prashanth Podili, Kotaro Kataoka","doi":"10.1109/NOMS.2018.8406241","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406241","url":null,"abstract":"The emergence of the IoT, 5G and different modes of computing has introduced a new demand to tailor-made networks to support a wide spectrum of applications. Even though virtualizing networks and applying QoS to these networks are crucial, it is always challenging to achieve QoS, high acceptance ratio, and cost effectiveness on provisioning virtual networks given the constrained resource of the underlying network. This paper introduces Delay Constraint Optimum Bandwidth Tree (DCOBT), which effectively satisfies the QoS requirement of virtual networks in terms of both end-to-end delay and bandwidth. We propose the QoS-aware Resource Provisioning (QRP) algorithm to determine DCOBT with less bandwidth consumption and superior load balancing. Using SDN as a key platform to implement QoS-aware virtual networks, this paper further proposes flow rule reduction using Destination Label Forwarding (DLF) to provision more virtual networks with less Ternary Content-Addressable Memory (TCAM) consumption. The evaluation results proved significant contribution on different aspects of resource provisioning for QoS-aware virtual networks with improved availability, scalability, and cost effectiveness.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79401860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406240
Tianrong Zhang, Yufeng Xin
Auction-based resource allocation and pricing mechanisms have attracted substantial research interests to enhance the utility gain and fairness of cloud platforms. A fundamental problem in cloud resource auction design that has not been fully addressed is how to ensure the timely execution of applications while allocation decisions have to be made online. Adding to the complexity of designing a truthful and efficient mechanism is that application requests are normally heterogeneous in resource demand and execution requirement. In this paper, we present a novel online combinatorial auction mechanism for deadline- aware multi-resource allocation for cloud platforms, which achieves both strategy-proofness and approximate efficiency on social welfare.
{"title":"A truthful online auction mechanism for deadline-aware cloud resource allocation","authors":"Tianrong Zhang, Yufeng Xin","doi":"10.1109/NOMS.2018.8406240","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406240","url":null,"abstract":"Auction-based resource allocation and pricing mechanisms have attracted substantial research interests to enhance the utility gain and fairness of cloud platforms. A fundamental problem in cloud resource auction design that has not been fully addressed is how to ensure the timely execution of applications while allocation decisions have to be made online. Adding to the complexity of designing a truthful and efficient mechanism is that application requests are normally heterogeneous in resource demand and execution requirement. In this paper, we present a novel online combinatorial auction mechanism for deadline- aware multi-resource allocation for cloud platforms, which achieves both strategy-proofness and approximate efficiency on social welfare.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79600182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406288
Marco Polverini, A. Cianfrani, A. Baiocchi, M. Listanti, Valentina Salvatore
In this work we define a framework for the assessment of the Traffic Matrix (TM) of an Internet Service Provider (ISP) network. The solution, referred to as mrT, i) is completely distributed among network nodes, ii) is based on different Map-Reduce building blocks, iii) and is able to extract the Ingress-Egress nodes traffic relationships starting from raw traces captured on node interfaces. Each network node is able to compute a row of the TM having as input the local trace and low size files sent by other network nodes. mrT can be used for the TM computation of any packet switched network where the source and destination identifiers are unique and global, and computational resources are available in proximity of network nodes. The performance evaluation, carried out with synthetic and real traffic traces, highlight that mrT is a suitable solution for the assessment of the TM in real ISP networks with high traffic volumes. Moreover, the use of the Map-Reduce paradigm allows a reduction of more than the 50% of the execution times, with respect to an SQL-based approach.
{"title":"From raw data packets to ingress egress traffic matrix: The distributed MapReduce-based solution","authors":"Marco Polverini, A. Cianfrani, A. Baiocchi, M. Listanti, Valentina Salvatore","doi":"10.1109/NOMS.2018.8406288","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406288","url":null,"abstract":"In this work we define a framework for the assessment of the Traffic Matrix (TM) of an Internet Service Provider (ISP) network. The solution, referred to as mrT, i) is completely distributed among network nodes, ii) is based on different Map-Reduce building blocks, iii) and is able to extract the Ingress-Egress nodes traffic relationships starting from raw traces captured on node interfaces. Each network node is able to compute a row of the TM having as input the local trace and low size files sent by other network nodes. mrT can be used for the TM computation of any packet switched network where the source and destination identifiers are unique and global, and computational resources are available in proximity of network nodes. The performance evaluation, carried out with synthetic and real traffic traces, highlight that mrT is a suitable solution for the assessment of the TM in real ISP networks with high traffic volumes. Moreover, the use of the Map-Reduce paradigm allows a reduction of more than the 50% of the execution times, with respect to an SQL-based approach.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79606434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/NOMS.2018.8406249
I. D. Alvarenga, G. Rebello, O. Duarte
The integration of network function visualization (NFV) and service function chaining (SFC) adds intelligence to the core of the network. The programmability of the network core, however, raises new vulnerabilities and increases the number of victims, since a simple modification in the core can affect multiple network users. Thus, the provision of secure virtual network service functions (VNFs) is mandatory to guarantee a correct chaining of network functions. This paper proposes a blockchain-based architecture for secure management, configuration and migration of VNFs, which ensures: (i) immutability, non-repudiation, and auditability of the configuration update history; (ii) integrity and consistency of stored information; and (iii) the anonymity of VNFs, tenants, and configuration information. Furthermore, the proposed architecture guarantees the secure update and migration of configurations at the core of the network. A prototype of the proposed architecture using the Open Platform for NFV (OPNFV) indicates parameter trade-offs and performance bottlenecks.
{"title":"Securing configuration management and migration of virtual network functions using blockchain","authors":"I. D. Alvarenga, G. Rebello, O. Duarte","doi":"10.1109/NOMS.2018.8406249","DOIUrl":"https://doi.org/10.1109/NOMS.2018.8406249","url":null,"abstract":"The integration of network function visualization (NFV) and service function chaining (SFC) adds intelligence to the core of the network. The programmability of the network core, however, raises new vulnerabilities and increases the number of victims, since a simple modification in the core can affect multiple network users. Thus, the provision of secure virtual network service functions (VNFs) is mandatory to guarantee a correct chaining of network functions. This paper proposes a blockchain-based architecture for secure management, configuration and migration of VNFs, which ensures: (i) immutability, non-repudiation, and auditability of the configuration update history; (ii) integrity and consistency of stored information; and (iii) the anonymity of VNFs, tenants, and configuration information. Furthermore, the proposed architecture guarantees the secure update and migration of configurations at the core of the network. A prototype of the proposed architecture using the Open Platform for NFV (OPNFV) indicates parameter trade-offs and performance bottlenecks.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75804218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-04-23DOI: 10.1109/noms.2018.8406125
Jana Komárková, Lukás Sadlek, Martin Laštovička
Many approaches, such as attack graphs, require knowledge of vulnerability's properties such as impact, prereq- uisities, and exploitability. Currently, those properties are either categorized manually or too roughly. We present a program for granular, automated categorization of vulnerability. Further, we present a platform supporting researchers by gathering and sharing raw data about vulnerabilities and community labeled datasets. The source code of our categorization program is available on GitHub.
{"title":"Community based platform for vulnerability categorization","authors":"Jana Komárková, Lukás Sadlek, Martin Laštovička","doi":"10.1109/noms.2018.8406125","DOIUrl":"https://doi.org/10.1109/noms.2018.8406125","url":null,"abstract":"Many approaches, such as attack graphs, require knowledge of vulnerability's properties such as impact, prereq- uisities, and exploitability. Currently, those properties are either categorized manually or too roughly. We present a program for granular, automated categorization of vulnerability. Further, we present a platform supporting researchers by gathering and sharing raw data about vulnerabilities and community labeled datasets. The source code of our categorization program is available on GitHub.","PeriodicalId":19331,"journal":{"name":"NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2018-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74924132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: