Secure virtual network embedding to mitigate the risk of covert channel attacks

Network virtualization is a double-edged sword that facilitates network innovation but may cause information leakage between virtual nodes coexisting on the same substrate node via covert channels. This paper represents the first attempt to consider risk-tolerant coexistence in virtual network embedding. We propose a secure virtual network embedding scheme to mitigate the risk of covert channel attacks. Simulation results show that our scheme improves the percentage of secure virtual nodes by 40%.

[1]  Ming Xu,et al.  Towards security-aware virtual network embedding , 2015, Comput. Networks.

[2]  Yonggang Wen,et al.  Toward profit-seeking virtual network embedding algorithm via global resource capacity , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[3]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[4]  Rynson W. H. Lau,et al.  On Mitigating the Risk of Cross-VM Covert Channels in a Public Cloud , 2015, IEEE Transactions on Parallel and Distributed Systems.

[5]  Luciana S. Buriol,et al.  Security-aware optimal resource allocation for virtual network embedding , 2012, 2012 8th international conference on network and service management (cnsm) and 2012 workshop on systems virtualiztion management (svm).

[6]  Scott Shenker,et al.  Overcoming the Internet impasse through virtualization , 2005, Computer.