Improving Attack Graph Scalability For The Cloud Through Sdn-Based Decomposition And Parallel Processing

Due to its fast growth, Cloud computing is a quick evolving research area. Security, which is among the most required Cloud features, is a very hard and challenging task when it's addressed for large networked systems. To automate security assessment, one should use an Attack Representation Model (ARM), such as Attack Graph (AG) or Attack Tree, to represent and analyze multi-host multi-stage attacks. In order to improve AG analysis for large-scale networked systems, our framework uses Software-defined Networking (SDN) to build a detailed and dynamic knowledge about the network configuration and the host access control list. Altogether with machine configuration information, our framework will be able to construct loosely connected sub-groups of virtual machines and perform a parallel security analysis. We have performed experimental validation using a real networked system to show the performance improvement in comparison with MULVAL network security analyzer.