A multi-stage attack mitigation mechanism for software-defined home networks

Shibo Luo, Jun Wu, Jianhua Li, Longhua Guo

Research output: Contribution to journalArticlepeer-review

19 Citations (Scopus)


Software-defined Home Networks (SDHN) is a key development trend of smart home which is proposed to realize multi-home visual sharing. With the improved openness and programming ability, SDHN faces increased network threat than traditional home networks. Especially, because of the diversity and heterogeneity of smart home products, multi-stage attack is more convenient to be performed in SDHN. To mitigate multi-stage attack in SDHN, some significant problems are needed to be addressed. The first problem is security assessment along with attack events. The second one is countermeasure selection problem based on security assessment result and security policy. The third one is attack mitigation countermeasure deployment problem according to current network context to meet the countermeasure decision instantly. In this paper, a multi-stage attack mitigation mechanism is proposed for SDHN using Software-Defined Networking (SDN) and Network Function Virtualization (NFV). Firstly, an evidence-driven security assessment method using SDN factors and NFV-based detection is designed to perform security assessment along with observed security events. Secondly, an attack mitigation countermeasure selection method is proposed. The evaluation shows that the proposed mechanism is effective for multi-stage attack mitigation in SDHN1.

Original languageEnglish
Article number7514720
Pages (from-to)200-207
Number of pages8
JournalIEEE Transactions on Consumer Electronics
Issue number2
Publication statusPublished - 2016 May
Externally publishedYes


  • Attack graph
  • Multi-stage attack mitigation
  • Network function virtualization
  • Software-defined home networks

ASJC Scopus subject areas

  • Media Technology
  • Electrical and Electronic Engineering


Dive into the research topics of 'A multi-stage attack mitigation mechanism for software-defined home networks'. Together they form a unique fingerprint.

Cite this