2023
DOI: 10.1016/j.cose.2022.102955
|View full text |Cite
|
Sign up to set email alerts
|

Intent-Driven Secure System Design: Methodology and Implementation

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
6
1
1

Relationship

0
8

Authors

Journals

citations
Cited by 8 publications
(4 citation statements)
references
References 9 publications
0
4
0
Order By: Relevance
“…By leveraging machine learning, anomaly detection algorithms, and behavioral analytics [176], researchers can develop more robust and adaptive defense mechanisms capable of mitigating a wide range of TCP/IP header attacks in real-time. Moreover, researchers can focus on understanding the underlying vulnerabilities in TCP/IP implementations and developing secure-by-design protocols to mitigate common attack vectors [177], [178]. This involves analyzing protocol specifications, identifying weaknesses in packet header fields, and proposing enhancements to strengthen TCP/IP security.…”
Section: Figure 10 Traffic Integrity Verificationmentioning
confidence: 99%
“…By leveraging machine learning, anomaly detection algorithms, and behavioral analytics [176], researchers can develop more robust and adaptive defense mechanisms capable of mitigating a wide range of TCP/IP header attacks in real-time. Moreover, researchers can focus on understanding the underlying vulnerabilities in TCP/IP implementations and developing secure-by-design protocols to mitigate common attack vectors [177], [178]. This involves analyzing protocol specifications, identifying weaknesses in packet header fields, and proposing enhancements to strengthen TCP/IP security.…”
Section: Figure 10 Traffic Integrity Verificationmentioning
confidence: 99%
“…Intent-driven security introduces new capabilities for automation and resilience: By presenting security strategies and requirements as intents, low-level configuration and reconfigurations, implementation, and enforcement of the policies can be left for the responsibility of the network. For example, Ooi et al [11], [12] described a system designer, called SecurityWeaver, to annotate network service requirements with security demands and then automatically generate secure network designs. They utilized MITRE attack matrix based knowledge base to present security annotations: to identify adversarial tactics and to include appropriate countermeasures into designs.…”
Section: B Automated Security Configurationmentioning
confidence: 99%
“…We present an implementation of DPX in hardware with NETFPGA-SUM and in software with an open switch [9]. The article in [10] aimed to improve network infrastructure management by open-stack clouds using the combination of a software-defined network (SDN), network function virtualization (NFV), and machine learning/artificial intelligence (ML/AI) and more predictable and reliable Objects to achieve and secure networks. With the help of artificial intelligence, the behavior of virtual machines and applications that are carried out in the OpenStack SDN-Cloud is monitored, so that if problems or impairments are recognized, a decision to fix this problem can be made quickly by analyzing data in motion, starting at the edge.…”
Section: Related Workmentioning
confidence: 99%