Virtualization for Effective Risk-Free Network Security Assessment

Computer networks security is a hard issue, which continuously evolves due to the change of technologies, architectures and algorithms and the growing complexity of architectures and systems. This question is enforced in distributed contexts where the lack of a central authority imposes to set up a proper strategy for both passive and active security. Moreover, it is also essential to test the strategy under as many attack scenarios as possible, to discover and tackle unforeseen situations; this cannot be easily performed on the real system without avoiding either security risks (when it is running) or high costs (if the system must be disconnected from the network during tests). A viable solution is represented by the use of virtualization technologies. Leveraging virtualization permits us to set up an effective and efficient real network duplicate, which can be used for the assessment of security in a non-trivial, risk-free and costs saving fashion.

[1]  Paul Dourish,et al.  Yesterday’s tomorrows: notes on ubiquitous computing’s dominant vision , 2007, Personal and Ubiquitous Computing.

[2]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[3]  Raj Jain,et al.  Architectures for the future networks and the next generation Internet: A survey , 2011, Comput. Commun..

[4]  Javier Jiménez,et al.  Network virtualization: a view from the bottom , 2009, VISA '09.

[5]  Jong Sou Park,et al.  A Recovery Model for Survivable Distributed Systems through the Use of Virtualization , 2008, 2008 Fourth International Conference on Networked Computing and Advanced Information Management.

[6]  Beng-Hong Lim,et al.  Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor , 2001, USENIX Annual Technical Conference, General Track.

[7]  Fagui Liu,et al.  The Design and Application of Xen-based Host System Firewall and its Extension , 2009, 2009 International Conference on Electronic Computer Technology.

[8]  A. Ribiere Using virtualization to improve durability and portability of industrial applications , 2008, 2008 6th IEEE International Conference on Industrial Informatics.

[9]  G. Finn,et al.  A Virtual Internet Architecture , 2003 .

[10]  Alan D. Ross,et al.  Network Security Essentials , 2003 .

[11]  Ole Agesen,et al.  A comparison of software and hardware techniques for x86 virtualization , 2006, ASPLOS XII.

[12]  Gordon Fyodor Lyon,et al.  Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning , 2009 .

[13]  Carles Garrigues,et al.  Promoting the development of secure mobile agent applications , 2010, J. Syst. Softw..

[14]  Brian Hay Applications of Virtualization to Digital Forensics Education , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[15]  Angela Orebaugh,et al.  Wireshark & Ethereal Network Protocol Analyzer Toolkit , 2007 .

[16]  Subasish Mohapatra,et al.  Virtualization: A Survey on Concepts, Taxonomy and Associated Security Issues , 2010, 2010 Second International Conference on Computer and Network Technology.

[17]  R. Want,et al.  System challenges for ubiquitous & pervasive computing , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[18]  Fabrice Bellard,et al.  QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX ATC, FREENIX Track.

[19]  Casey Weltzin,et al.  Using virtualization to reduce the cost of test , 2009, 2009 IEEE AUTOTESTCON.

[20]  Raouf Boutaba,et al.  A survey of network virtualization , 2010, Comput. Networks.

[21]  Ian T. Foster,et al.  The anatomy of the grid: enabling scalable virtual organizations , 2001, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid.

[22]  Yong Zhu,et al.  Algorithms for Assigning Substrate Network Resources to Virtual Network Components , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[23]  Xinli Wang,et al.  Using VMware VCenter lab manager in undergraduate education for system administration and network security , 2010, SIGITE '10.

[24]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[25]  Eva Nieuwdorp,et al.  The pervasive discourse: an analysis , 2007, CIE.

[26]  Wilmuth Müller,et al.  Evaluating the security of mobile agent platforms , 2009, Autonomous Agents and Multi-Agent Systems.

[27]  James E. Smith,et al.  The architecture of virtual machines , 2005, Computer.

[28]  David Kotz,et al.  Mobile agents and the future of the internet , 1999, OPSR.

[29]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[30]  Mahesh Chandra Govil,et al.  Security Issues in Mobile Agents , 2010 .