Request Complexity of VNet Topology Extraction: Dictionary-Based Attacks

Request Complexity of VNet Topology Extraction: Dictionary-Based Attacks

Abstract

The network virtualization paradigm envisions an Internet where arbitrary virtual networks (VNets) can be specified and embedded over a shared substrate (e.g., the physical infrastructure). As VNets can be requested at short notice and for a desired time period only, the paradigm enables a flexible service deployment and an efficient resource utilization. This paper investigates the security implications of such an architecture. We consider a simple model where an attacker seeks to extract secret information about the substrate topology, by issuing repeated VNet embedding requests. We present a general framework that exploits basic properties of the VNet embedding relation to infer the entire topology. Our framework is based on a graph motif dictionary applicable for various graph classes. Moreover, we provide upper bounds on the request complexity, the number of requests needed by the attacker to succeed.

Grafik Top
Authors
  • Pignolet, Yvonne-Anne
  • Schmid, Stefan
  • Tredan, Gilles
Grafik Top
Supplemental Material
Shortfacts
Category
Paper in Conference Proceedings or in Workshop Proceedings (Paper)
Event Title
International Conference on Networked Systems (NETYS)
Divisions
Communication Technologies
Subjects
Informatik Allgemeines
Event Location
Marrakech, Morocco
Event Type
Conference
Event Dates
May 2013
Date
2013
Export
Grafik Top