%0 Conference Proceedings
%T Modeling and Mitigating Security Threats in Network Functions Virtualization (NFV)
%+ Concordia Institute for Information Systems Engineering (CIISE)
%+ King Abdulaziz University
%+ George Mason University [Fairfax]
%A Alhebaishi, Nawaf
%A Wang, Lingyu
%A Jajodia, Sushil
%Z Part 1: Network and Cyber-Physical Systems Security
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 34th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Regensburg, Germany
%Y Anoop Singhal
%Y Jaideep Vaidya
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXXIV
%V LNCS-12122
%P 3-23
%8 2020-06-25
%D 2020
%R 10.1007/978-3-030-49669-2_1
%Z Computer Science [cs]Conference papers
%X By virtualizing proprietary hardware networking devices, Network Functions Virtualization (NFV) allows agile and cost-effective deployment of diverse network services for multiple tenants on top of the same physical infrastructure. As NFV relies on virtualization, and as an NFV stack typically involves several levels of abstraction and multiple co-resident tenants, this new technology also unavoidably leads to new security threats. In this paper, we take the first step toward modeling and mitigating security threats unique to NFV. Specifically, we model both cross-layer and co-residency attacks on the NFV stack. Additionally, we mitigate such threats through optimizing the virtual machine (VM) placement with respect to given constraints. The simulation results demonstrate the effectiveness of our solution.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-03243631/document
%2 https://inria.hal.science/hal-03243631/file/496047_1_En_1_Chapter.pdf
%L hal-03243631
%U https://inria.hal.science/hal-03243631
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-12122