No more backups: Toward efficient embedding of survivable virtual networks

Although network virtualization can improve security by isolating traffic from different networks, routers and links are still vulnerable to attacks on the underlying network. High capacity physical links, in particular, constitute good targets since they may be important for a large number of virtual networks. Previous work protects virtual networks by setting aside backup resources. Although effective, this solution increases the cost to infrastructure providers. In this paper, we present a virtual network embedding approach which enables resilience to attacks and efficiency in resource utilization. Our approach is two-folded: while a preventive strategy embeds virtual links into multiple substrate paths, a reactive strategy attempts to reallocate any capacity affected by an underlying DoS attack. Since the embedding problem is NP-Hard, we devise a Simulated Annealing meta-heuristic to solve it efficiently. Results show our solution can provide resilience to attacks at a lower cost.

[1]  Djamal Zeghlache,et al.  Adaptive virtual network provisioning , 2010, VISA '10.

[2]  Tao Guo,et al.  Shared Backup Network Provision for Virtual Network Embedding , 2011, 2011 IEEE International Conference on Communications (ICC).

[3]  Jennifer Rexford,et al.  Toward internet-wide multipath routing , 2008, IEEE Network.

[4]  Chunming Qiao,et al.  Cost Efficient Design of Survivable Virtual Infrastructure to Recover from Facility Node Failures , 2011, 2011 IEEE International Conference on Communications (ICC).

[5]  Mikkel Thorup,et al.  Increasing Internet Capacity Using Local Search , 2004, Comput. Optim. Appl..

[6]  Xiang Cheng,et al.  Virtual network embedding through topology awareness and optimization , 2012, Comput. Networks.

[7]  Minlan Yu,et al.  Rethinking virtual network embedding: substrate support for path splitting and migration , 2008, CCRV.

[8]  Luciana S. Buriol,et al.  DoS-resilient virtual networks through multipath embedding and opportunistic recovery , 2013, SAC '13.

[9]  Raouf Boutaba,et al.  Survivable Virtual Network Embedding , 2010, 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[10]  Wolfgang Kellerer,et al.  Network virtualization: a hypervisor for the Internet? , 2012, IEEE Communications Magazine.

[11]  Haim Kaplan,et al.  How to split a flow? , 2012, 2012 Proceedings IEEE INFOCOM.

[12]  Raouf Boutaba,et al.  A survey of network virtualization , 2010, Comput. Networks.

[13]  David G. Andersen,et al.  Theoretical Approaches to Node Assignment , 2002 .

[14]  Biswanath Mukherjee,et al.  Survivable multipath provisioning with differential delay constraint in telecom mesh networks , 2011, IEEE/ACM Trans. Netw..

[15]  Raouf Boutaba,et al.  Virtual Network Embedding with Coordinated Node and Link Mapping , 2009, IEEE INFOCOM 2009.

[16]  Ahmed Karmouch,et al.  Resource Discovery and Allocation in Network Virtualization , 2012, IEEE Communications Surveys & Tutorials.

[17]  Chunming Qiao,et al.  Survivable Virtual Infrastructure Mapping in a Federated Computing and Networking System under Single Regional Failures , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[18]  Ulas C. Kozat,et al.  Designing and embedding reliable virtual infrastructures , 2011, CCRV.