Abstract
Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.
Highlights
In recent years, Software-Defined Networking (SDN) has attracted great attention as an emerging future network architecture in fields such as 5G mobile networks, cloud services and so on
The most different thing about SDN compared to traditional network architectures is that its control plane is decoupled from the forwarding plane and the control plane is programmable
A way to quantify the influence caused by dynamic properties of SDN-based Mobile Networks (SDN-MNs) is important as well, so besides the methodology, what factors and how they influence SDN-MN security assessments must be taken into consideration
Summary
Software-Defined Networking (SDN) has attracted great attention as an emerging future network architecture in fields such as 5G mobile networks, cloud services and so on. When the network becomes more complex, the efficiency of these algorithms deceases greatly, so these traditional methods cannot deal with the diversity and complexity of SDN-MNs. Based on the aforementioned analysis, it is very necessary to have an effective security assessment mechanism for SDN-MNs considering their distinctive features. When SDN-MNs interconnect nodes in the network, local vulnerabilities will introduce new security holes because of this connectivity [17]. This methodology needs to deal with the security holes, and deal with the diversity and complexity of SDN-MNs. Secondly, a way to quantify the influence caused by dynamic properties of SDN-MNs is important as well, so besides the methodology, what factors and how they influence SDN-MN security assessments must be taken into consideration.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
