VMware, Inc.
MALWARE PROPAGATION RISK ASSESSMENT IN SOFTWARE DEFINED NETWORKS

Abstract:

Described herein are systems, methods, and software to identify propagation risk of threats in a computing environment. In one implementation, a management service may identify a connection tree for a computing environment based on forwarding rules for virtual nodes in the computing environment. The management service may further, for each connection in the connection tree, determine a threat value based at least on a protocol associated with the connection. The management service may also identify a threat to a virtual node of the virtual nodes and generate a threat propagation summary for the threat based on the one or more minimum or maximum spanning trees.