Security issues in network virtualization for the future Internet

Natarajan, Sriram; Wolf, Tilman

doi:10.1109/iccnc.2012.6167481

Cited by 19 publications

(7 citation statements)

References 111 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The number of virtual nodes in each VN request is randomly selected from 3 to 6 following uniform distribution. Each virtual node requires a random amount of resources between [3,5].…”

Section: Comparison With the Optimal Solutionmentioning

confidence: 99%

Energy efficient virtual network embedding for green data centers using data center topology and future migration

Guan

Choi

Song

2015

Computer Communications

View full text Add to dashboard Cite

“…The number of virtual nodes in each VN request is randomly selected from 3 to 6 following uniform distribution. Each virtual node requires a random amount of resources between [3,5].…”

Section: Comparison With the Optimal Solutionmentioning

confidence: 99%

Energy efficient virtual network embedding for green data centers using data center topology and future migration

Guan

Choi

Song

2015

Computer Communications

View full text Add to dashboard Cite

“…However, as an additional virtualization layer is injected in the network architecture and multiple VNs cohost on a shared network infrastructure, network virtualization gives rise to a new array of security vulnerabilities unlike seen in the current network. Specifically, the security risks that brought by the network virtualization can be divided into three categories [4,18,22,23].…”

Section: Security-aware Vn Embedding Problem 311 Security Risks In mentioning

confidence: 99%

“…With such a dynamic and programmable network environment, network virtualization can effectively enhance the flexibility of the current network architecture, promote network innovation, and address the Internet ossification problem [3]. However, as an additional virtualization layer is injected into the network architecture, network virtualization introduces new security risks, such as user attacks on VN and SN, VN attacks on SN, and SN attacks on VN [4]. These risks may violate the information confidentiality, integrity and availability, and impede the large-scale application of network virtualization.…”

Section: Introductionmentioning

confidence: 99%

Virtual Network Embedding through Security Risk Awareness and Optimization

2016

KSII TIIS

View full text Add to dashboard Cite

Network virtualization promises to play a dominant role in shaping the future Internet by overcoming the Internet ossification problem. However, due to the injecting of additional virtualization layers into the network architecture, several new security risks are introduced by the network virtualization. Although traditional protection mechanisms can help in virtualized environment, they are not guaranteed to be successful and may incur high security overheads. By performing the virtual network (VN) embedding in a security-aware way, the risks exposed to both the virtual and substrate networks can be minimized, and the additional techniques adopted to enhance the security of the networks can be reduced. Unfortunately, existing embedding algorithms largely ignore the widespread security risks, making their applicability in a realistic environment rather doubtful. In this paper, we attempt to address the security risks by integrating the security factors into the VN embedding. We first abstract the security requirements and the protection mechanisms as numerical concept of security demands and security levels, and the corresponding security constraints are introduced into the VN embedding. Based on the abstraction, we develop three security-risky modes to model various levels of risky conditions in the virtualized environment, aiming at enabling a more flexible VN embedding. Then, we present a mixed integer linear programming formulation for the VN embedding problem in different security-risky modes. Moreover, we design three heuristic embedding algorithms to solve this problem, which are all based on the same proposed node-ranking approach to quantify the embedding potential of each substrate node and adopt the k-shortest path algorithm to map virtual links. Simulation results demonstrate the effectiveness and efficiency of our algorithms.

show abstract

“…However, their main goal is to give a high level description of potential problems, not on providing a fine-grained analysis of how each of the many threats identified apply to specific scenarios (e.g., virtual networking). On the other hand, there are works in the literature that investigate SVNs in more depth, such as (Chowdhury and Boutaba, 2010; Schoo et al, 2011;Natarajan and Wolf, 2012). Unfortunately, since their goal is to survey solutions and to identify challenges in the area, they fail to provide a reusable classification of the virtual networking threats described.…”

Section: Threat Classificationmentioning

confidence: 99%

Classifying Security Threats in Cloud Networking

Barros

Iwaya

Simplício

et al. 2015

Proceedings of the 5th International Conference on Cloud Computing and Services Science

View full text Add to dashboard Cite

A central component of managing risks in cloud computing is to understand the nature of security threats. The relevance of security concerns are evidenced by the efforts from both the academic community and technological organizations such as NIST, ENISA and CSA, to investigate security threats and vulnerabilities related to cloud systems. Provisioning secure virtual networks (SVNs) in a multi-tenant environment is a fundamental aspect to ensure trust in public cloud systems and to encourage their adoption. However, comparing existing SVN-oriented solutions is a difficult task due to the lack of studies summarizing the main concerns of network virtualization and providing a comprehensive list of threats those solutions should cover. To address this issue, this paper presents a threat classification for cloud networking, describing threat categories and attack scenarios that should be taken into account when designing, comparing, or categorizing solutions. The classification is based on the CSA threat report, building upon studies and surveys from the specialized literature to extend the CSA list of threats and to allow a more detailed analysis of cloud network virtualization issues. 214 M. Barros B., H. Iwaya L., A. Simplício Jr. M., C. M. B. Carvalho T., Méhes A. and Näslund M.. Classifying Security Threats in Cloud Networking.

show abstract

Security issues in network virtualization for the future Internet

Cited by 19 publications

References 111 publications

Energy efficient virtual network embedding for green data centers using data center topology and future migration

Energy efficient virtual network embedding for green data centers using data center topology and future migration

Virtual Network Embedding through Security Risk Awareness and Optimization

Classifying Security Threats in Cloud Networking

Contact Info

Product

Resources

About