NETWORK VIRTUALIZATION
“Network Virtualization is the process of combining hardware and software network resources and network functionality into a single, software-based administrative entity, a virtual network.”
–Wikipedia
Network Virtualization is a technology that separates the underlying physical hardware with its controlling software. This provides us with a great deal of flexibility and control of our network. We share here a new vision of the internet architecture where network virtualization is dominant. In order to describe it, let’s look into these entities: -
Network Infrastructure – it consists of pure hardware resources like routers, switches, processor and memories for these networking devices etc.
Virtual networks – they are customized network protocols built on top these NIs. Multiple NIs can be used to build a single network or even a single NI can consist of multiple Virtual Networks. The underlying NIs can be leased. It can be changed without the Virtual Network getting disturbed.
Virtual networks – they are customized network protocols built on top these NIs. Multiple NIs can be used to build a single network or even a single NI can consist of multiple Virtual Networks. The underlying NIs can be leased. It can be changed without the Virtual Network getting disturbed.
End Users – they are the users of these virtual networks. They can choose to use from any or more of these virtual network protocols.
In order to successfully run a virtual network, we assume that all these three entities, will work in harmony and fully trust each other. But from a security point of view we cannot assume this. Any of these entities could be responsible for performing malicious activity on any other entity.
Here we are going to study the various security related issues that many arise in a virtual network. We will see some scenarios and analyze it. We will then take a look at each pair of these entities and how they could pose a security threat to each other. We are also going to look at some general countermeasures.
SECURITY IN VIRTUAL NETWORKS
Every new technologies brings with it the concerns and challenges to secure it, and virtual networks are no different. Here all the three entities are managed by different authorities and so there arises the question of mutual trust between these management units. Let us now look at each of these entities and see what security concerns revolve around each of them.
A. VIRTUAL NETWORKS
Virtual network possesses a threat from its underlying NIs, co-hosted Virtual Networks and the end users.
a. NI attacks on VN – the underlying NI will not attack the VN directly but it can monitor the VN’s communications, violating the user’s privacy and confidentiality. For example, in order to reduce load and traffic, it can resort to unfair practices like blocking all the P2P communications for file sharing, like bit torrent, Gnutella etc.
b. VN attacks on co-hosted VNs – it is possible that multiple competitor VNs be hosted on the same NI. In such a case any one VN can plan an attack on its competitor VN. It can analyze the weakness of its competitor VN and then launch an attack.
c. User attacks on VN – for the sake of better network management of virtual network, there’s a live router migration technique, which transfers all the network protocol binary files and configuration files to another new hardware router. It is possible, in such a scenario, for any attacker to perform a Man-in-the-middle attack and sniff all this data or alter to his will.
B. NETWORK INFRASTRUCTURE
The network infrastructure can be attacked by the hosted Virtual Networks or the users using these services.
a. User attacks on NI – in order to provide flexibility in the networks, a concept of programming the router was introduced that gave the users ability to completely reprogram the router functionalities to his needs. But this also means that the users can exploit the NI through the power of programming. Various attacks can be launched like DOS with the help of exploits like buffer overflow and integer vulnerabilities.
b. VN attacks on NI – In order to bring down the hosted VN, any competitor VN can try to bring down the underlying NI launching different attacks on it. Also it can sniff that underlying NI to get private and confidential data of the hosted VN.
C. USERS
The users can be attacked by the VN they are using or the underlying NI.
a. NI attacks on Users – if any NI is compromised by an attacker, the attacker can possibly choose to drop or modify any particular user or a group of user’s packets. Here the VN or the Users will be totally unaware of this except to notice reduced quality of service.
b. VN attacks on users – a compromised VN has the potential to have a better control of the user’s packets and sniff the end users packets. It could generate false alarms and increase the user’s financial charges. In this way it could also falsely advertise better quality via greater prices.
SECURING NETWORK VIRTUALIZATION
We just saw a lot of attack scenarios on different entities of the virtual network. Securing network virtualization is different than securing normal networks. Let’s look at some of the challenges we face in order to secure network virtualization -
In order to mutually co-ordinate in the virtual network environment, different entities must be able to analyze the data packets. But we also saw that this could lead to breach in user privacy and confidentiality. So we have to come up with efficient packet scanning and processing techniques that would only scan as much data as needed without seeing other private data.
Network virtualization must be able to ensure global end-to-end connectivity. For this NIs need to partner with various other NIs. But here we have to make sure that these NIs are able to trust each other in order for successful global communication to happen.
Routers and other networking devices have limited processing power. In such a case it would be very difficult to make sure that it follows the new security mechanisms as well as cope up with quality of service of the network communications.
Now let’s design a secure system for virtual network communications that follows the fundamental principles of security: CIA (confidentiality, Integrity, Availability)
A. DEFENSE MECHANISM: CONFIDENTIALITY
As seen in above attack scenarios, if confidentiality of the traffic is compromised, various attacks are possible. The most simple and efficient solution to the problem of confidentiality would be encryption.
In normal circumstances the packet is forwarded by the forwarding engine in plain text. But what we will do is encrypt the complete packet (header + payload), forward it via the forwarding engine and at the other end, decrypt the whole packet and get the original packet. In this way the whole packet gets forwarded and no one in the path can come to know of its contents.
But there are two challenges to this: -
We need an encryption algorithm that’s fast because otherwise it would hinder the performance of the network.
We need to make sure that at least the forwarding engine be able to forward it to the correct path.
We can use tunneling protocols that would be able to encrypt a complete packet and then add extra information as headers on top of it.
B. DEFENSE MECHANISM: INTEGRITY
Data integrity makes sure that data is not modified or tampered with. As we saw above that both- network infrastructure and virtual networks are prone to these kind of attacks affecting data integrity. These solutions can help preserve data integrity: -
In order to successfully run a virtual network, we assume that all these three entities, will work in harmony and fully trust each other. But from a security point of view we cannot assume this. Any of these entities could be responsible for performing malicious activity on any other entity.
Here we are going to study the various security related issues that many arise in a virtual network. We will see some scenarios and analyze it. We will then take a look at each pair of these entities and how they could pose a security threat to each other. We are also going to look at some general countermeasures.
SECURITY IN VIRTUAL NETWORKS
Every new technologies brings with it the concerns and challenges to secure it, and virtual networks are no different. Here all the three entities are managed by different authorities and so there arises the question of mutual trust between these management units. Let us now look at each of these entities and see what security concerns revolve around each of them.
A. VIRTUAL NETWORKS
Virtual network possesses a threat from its underlying NIs, co-hosted Virtual Networks and the end users.
a. NI attacks on VN – the underlying NI will not attack the VN directly but it can monitor the VN’s communications, violating the user’s privacy and confidentiality. For example, in order to reduce load and traffic, it can resort to unfair practices like blocking all the P2P communications for file sharing, like bit torrent, Gnutella etc.
b. VN attacks on co-hosted VNs – it is possible that multiple competitor VNs be hosted on the same NI. In such a case any one VN can plan an attack on its competitor VN. It can analyze the weakness of its competitor VN and then launch an attack.
c. User attacks on VN – for the sake of better network management of virtual network, there’s a live router migration technique, which transfers all the network protocol binary files and configuration files to another new hardware router. It is possible, in such a scenario, for any attacker to perform a Man-in-the-middle attack and sniff all this data or alter to his will.
B. NETWORK INFRASTRUCTURE
The network infrastructure can be attacked by the hosted Virtual Networks or the users using these services.
a. User attacks on NI – in order to provide flexibility in the networks, a concept of programming the router was introduced that gave the users ability to completely reprogram the router functionalities to his needs. But this also means that the users can exploit the NI through the power of programming. Various attacks can be launched like DOS with the help of exploits like buffer overflow and integer vulnerabilities.
b. VN attacks on NI – In order to bring down the hosted VN, any competitor VN can try to bring down the underlying NI launching different attacks on it. Also it can sniff that underlying NI to get private and confidential data of the hosted VN.
C. USERS
The users can be attacked by the VN they are using or the underlying NI.
a. NI attacks on Users – if any NI is compromised by an attacker, the attacker can possibly choose to drop or modify any particular user or a group of user’s packets. Here the VN or the Users will be totally unaware of this except to notice reduced quality of service.
b. VN attacks on users – a compromised VN has the potential to have a better control of the user’s packets and sniff the end users packets. It could generate false alarms and increase the user’s financial charges. In this way it could also falsely advertise better quality via greater prices.
SECURING NETWORK VIRTUALIZATION
We just saw a lot of attack scenarios on different entities of the virtual network. Securing network virtualization is different than securing normal networks. Let’s look at some of the challenges we face in order to secure network virtualization -
In order to mutually co-ordinate in the virtual network environment, different entities must be able to analyze the data packets. But we also saw that this could lead to breach in user privacy and confidentiality. So we have to come up with efficient packet scanning and processing techniques that would only scan as much data as needed without seeing other private data.
Network virtualization must be able to ensure global end-to-end connectivity. For this NIs need to partner with various other NIs. But here we have to make sure that these NIs are able to trust each other in order for successful global communication to happen.
Routers and other networking devices have limited processing power. In such a case it would be very difficult to make sure that it follows the new security mechanisms as well as cope up with quality of service of the network communications.
Now let’s design a secure system for virtual network communications that follows the fundamental principles of security: CIA (confidentiality, Integrity, Availability)
A. DEFENSE MECHANISM: CONFIDENTIALITY
As seen in above attack scenarios, if confidentiality of the traffic is compromised, various attacks are possible. The most simple and efficient solution to the problem of confidentiality would be encryption.
In normal circumstances the packet is forwarded by the forwarding engine in plain text. But what we will do is encrypt the complete packet (header + payload), forward it via the forwarding engine and at the other end, decrypt the whole packet and get the original packet. In this way the whole packet gets forwarded and no one in the path can come to know of its contents.
But there are two challenges to this: -
We need an encryption algorithm that’s fast because otherwise it would hinder the performance of the network.
We need to make sure that at least the forwarding engine be able to forward it to the correct path.
We can use tunneling protocols that would be able to encrypt a complete packet and then add extra information as headers on top of it.
B. DEFENSE MECHANISM: INTEGRITY
Data integrity makes sure that data is not modified or tampered with. As we saw above that both- network infrastructure and virtual networks are prone to these kind of attacks affecting data integrity. These solutions can help preserve data integrity: -
Trust and Accountability – we need a trust management framework. We can monitor all the activities that’s going on in the network and look for any kind of suspicious activity. But a passive monitoring is no good to prevent the attack. We need an active monitoring system that can take decisions at runtime and possibly prevent an attack.
Monitoring – network infrastructure must allocate the resources and should not try to find out the activity of the virtual networks, but any activity by the VN to attack the NI must be identified or stopped. NI must install a hardware monitor device that detects and tries to stop any malicious activity by the hosted VNs or reset the state of the infrastructure when attacked.
The VN monitoring system must ensure that the protocol processing function in the NI is processed as follows and any modifications or manipulations in the network traffic must be detected. It must be able to identify any change in the network traffic pattern or any such kind of deviation.
An algorithm can be generated that is capable of calculating any such anomaly, given the traffic statistics and reports generated by most modern routers.
C. DEFENSE MECHANISM: RESOURCE ISOLATION (AVAILABILITY)
Resource isolation is very important aspect. We must make sure that all the underlying resources are fairly divided and kept separated from all the above hosted VNs. Resources like CPU, Memory and network bandwidth are allocated to different VNs in a fair manner and kept isolated from each other at the same time.
These are some of the defense mechanisms that can ensure the safe and secure working of a Virtualized network environment.
CONCLUSION
Here we saw the importance of Network Virtualization. We then saw the different Network Virtualization entities and all possible attack scenarios on different entities by the different entities. Then we tried to propose certain possible defense mechanisms for this kind of architecture.
Network Virtualization is a topic of huge importance and its security is an even bigger factor. Its complexity comes from the fact that its architecture is quite different than the traditional network architecture.
REFERENCES
http://www.ecs.umass.edu/ece/wolf/pubs/icnc2012.pdf
The VN monitoring system must ensure that the protocol processing function in the NI is processed as follows and any modifications or manipulations in the network traffic must be detected. It must be able to identify any change in the network traffic pattern or any such kind of deviation.
An algorithm can be generated that is capable of calculating any such anomaly, given the traffic statistics and reports generated by most modern routers.
C. DEFENSE MECHANISM: RESOURCE ISOLATION (AVAILABILITY)
Resource isolation is very important aspect. We must make sure that all the underlying resources are fairly divided and kept separated from all the above hosted VNs. Resources like CPU, Memory and network bandwidth are allocated to different VNs in a fair manner and kept isolated from each other at the same time.
These are some of the defense mechanisms that can ensure the safe and secure working of a Virtualized network environment.
CONCLUSION
Here we saw the importance of Network Virtualization. We then saw the different Network Virtualization entities and all possible attack scenarios on different entities by the different entities. Then we tried to propose certain possible defense mechanisms for this kind of architecture.
Network Virtualization is a topic of huge importance and its security is an even bigger factor. Its complexity comes from the fact that its architecture is quite different than the traditional network architecture.
REFERENCES
http://www.ecs.umass.edu/ece/wolf/pubs/icnc2012.pdf
Contact : mufaddal@rawbytes.com
No comments:
Post a Comment