Modeling and Mitigating Security Threats in Network Functions Virtualization (NFV)

Alhebaishi, Nawaf; Wang, Lingyu; Jajodia, Sushil

doi:10.1007/978-3-030-49669-2_1

Cited by 11 publications

(4 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Proposed mitigation strategies to compact zero-day attacks in the network interface layer of the TCP/IP: Separation of networking resources; subnetting and monitoring/restrict traffic flow in the subnets, this will help to limit the impact of the zero-day attack, which might have spread to the whole network if not segmented [140]- [142]. Implementation of quick and active patch management framework to patch network architecture flaws before they are exploited.…”

Section: Figure 8 Zero Day Attackmentioning

confidence: 99%

A comprehensive survey of performance, security and privacy issues in the network interface layer of the TCP/IP

Emmanuel Asituha

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

The network interface layer of the TCP/IP protocol suite, primarily comprised of the Internet Protocol (IP), serves as the backbone of modern internet communication. With its efficient data delivery, The network interface layer, presents key challenges in terms of performance, security, and privacy. This comprehensive survey delves into these three crucial aspects, analyzing the inherent vulnerabilities, limitations of the interface layer, and provide solutions of the related problems. The performance analysis explores throughput, latency, and bandwidth constraints, along with solutions such as bandwidth allocation and optimization techniques. Vulnerabilities within Network Interface Layer, including denial-of-service attacks and MAC address spoofing, are discussed, along with a review of existing security mechanisms. Privacy flaws are examined, covering MAC address tracking, profiling risks, and anonymization techniques, while also addressing privacy considerations on the Internet of Things. The survey analyzes several case studies providing comparative analysis of the network interface layer protocols, with support of the real world scenarios including performance analysis in high density environment, and security and privacy risks in smart homes networks. The findings provide a comprehensive understanding of the complexities surrounding performance, security, and privacy issues future directions and potential solutions.

show abstract

Section: Figure 8 Zero Day Attackmentioning

confidence: 99%

A comprehensive survey of performance, security and privacy issues in the network interface layer of the TCP/IP

Emmanuel Asituha

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

show abstract

“…Alhebaishi et al [ 50 ] use a deployment model to track vulnerabilities across levels; however, they do not consider details of those levels. The authors in Shameli-Sendi [ 51 ] consider the efficient configuration of service function chaining to build secure customer networks using network security patterns.…”

Section: Related Workmentioning

confidence: 99%

Towards a Security Reference Architecture for NFV

Alnaim

Alwakeel

Fernández

2022

Sensors

View full text Add to dashboard Cite

Network function virtualization (NFV) is an emerging technology that is becoming increasingly important due to its many advantages. NFV transforms legacy hardware-based network infrastructure into software-based virtualized networks. This transformation increases the flexibility and scalability of networks, at the same time reducing the time for the creation of new networks. However, the attack surface of the network increases, which requires the definition of a clear map of where attacks may happen. ETSI standards precisely define many security aspects of this architecture, but these publications are very long and provide many details which are not of interest to software architects. We start by conducting threat analysis of some of the NFV use cases. The use cases serve as scenarios where the threats to the architecture can be enumerated. Representing threats as misuse cases that describe the modus operandi of attackers, we can find countermeasures to them in the form of security patterns, and we can build a security reference architecture (SRA). Until now, only imprecise models of NFV architectures existed; by making them more detailed and precise it is possible to handle not only security but also safety and reliability, although we do not explore those aspects. Because security is a global property that requires a holistic approach, we strongly believe that architectural models are fundamental to produce secure networks and allow us to build networks which are secure by design. The resulting SRA defines a roadmap to implement secure concrete architectures.

show abstract

“…Two kinds of VNF models, virtual firewall and virtual router are trained utilizing real network traffics in the valuation process. Uxia Cheng et al [20], modeled co-residency and cross-level attacks in the stack of NFV and formulated the optimal placement issue of VNF/VM for mitigating the security threats via a standard algorithm of optimization. The obtained simulation results illustrate that the solutions could decrease the security threat level in NFV.…”

Section: The Presented Efforts For Finding Security Solutionsmentioning

confidence: 99%

The Security Threats and Solutions of Network Functions Virtualization: A Review

Mazher,

Waleed,

MaoLood

2020

J. Al-Qadisiyah Comp. Sci. Math.

View full text Add to dashboard Cite

The appearance of Network Functions Virtualization (NFV) has provided a revolution in various network-based applications owing to its different advantages like manageability, flexibility, security, and scalability. The users of NFV are provided with a framework that supplies different flexible network services in a dynamic way via the software-based virtualization of network functions in a single infrastructure. Nevertheless, NFV confront various challenges of security which make it vulnerable to several cybersecurity threats. In this paper, a review of NFV has been provided by introducing many related works, discussing serious and potential security attacks on the NFV, and presenting the efficient countermeasures for mitigating these attacks. Finally, several practical solutions are suggested for providing a reliable platform for NFV

show abstract

Modeling and Mitigating Security Threats in Network Functions Virtualization (NFV)

Cited by 11 publications

References 30 publications

A comprehensive survey of performance, security and privacy issues in the network interface layer of the TCP/IP

A comprehensive survey of performance, security and privacy issues in the network interface layer of the TCP/IP

Towards a Security Reference Architecture for NFV

The Security Threats and Solutions of Network Functions Virtualization: A Review

Contact Info

Product

Resources

About