Critical analysis of layer 2 network security in virtualised environments

被引:5
|
作者
Bull, Ronny L. [1 ]
Matthews, Jeanna N. [1 ]
机构
[1] Clarkson Univ, Wallace H Coulter Sch Engn, Potsdam, NY 13676 USA
来源
INTERNATIONAL JOURNAL OF COMMUNICATION NETWORKS AND DISTRIBUTED SYSTEMS | 2016年 / 17卷 / 03期
关键词
virtualisation; networking; network security; cloud security; virtual switches; layer; 2; attacks; DHCP; DNS; MAC flooding;
D O I
10.1504/IJCNDS.2016.10000954
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this article, we explore whether layer 2 network attacks that work on physical switches apply to their virtualised counterparts by performing a systematic study across four major hypervisor environments - Open vSwitch, Citrix XenServer, Microsoft Hyper-V Server and VMware vSphere - in seven different virtual networking configurations. First, we use a malicious virtual machine to run a MAC flooding attack and evaluate the impact on co-resident virtual machines. We find that network performance is degraded on all platforms and that it is possible to eavesdrop on other client traffic passing over the same virtual network for Open vSwitch and Citrix XenServer. Second, we use a malicious virtual machine to run a rogue DHCP server and then run multiple DHCP attack scenarios. On all four platforms, co-resident virtual machines can be manipulated by providing them with incorrect or malicious network information.
引用
收藏
页码:315 / 333
页数:19
相关论文
共 50 条
  • [21] Network security and communication systems in Smart environments
    Dumitrache, Mihail
    Sandu, Ionut-Eugen
    ROMANIAN JOURNAL OF INFORMATION TECHNOLOGY AND AUTOMATIC CONTROL-REVISTA ROMANA DE INFORMATICA SI AUTOMATICA, 2020, 30 (01): : 61 - 70
  • [22] A protocol layer survey of network security
    Harrison, JV
    Berghel, H
    ADVANCES IN COMPUTERS, VOL 64: NEW PROGRAMMING PARADIGMS, 2005, 64 : 109 - 158
  • [23] A framework for teaching network security in academic environments
    Papanikolaou, Alexandros
    Vlachos, Vasileios
    Venieris, Andreas
    Ilioudis, Christos
    Papapanagiotou, Konstantinos
    Stasinopoulos, Anastasios
    Information Management and Computer Security, 2013, 21 (04): : 315 - 338
  • [24] Cryptography & Security implementation in Network Computing Environments
    Pandey, Rajanikant
    Pandey, Vinay Kumar
    PROCEEDINGS OF THE 10TH INDIACOM - 2016 3RD INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT, 2016, : 3136 - 3140
  • [25] Performance and Security Analysis of Distributed Ledger Under the Internet of Things Environments With Network Instability
    Chen, Zhuo
    Chen, Xiao
    Li, Yun
    IEEE INTERNET OF THINGS JOURNAL, 2023, 10 (05) : 4213 - 4225
  • [26] Who Should Be Responsible for Software Security? A Comparative Analysis of Liability Policies in Network Environments
    August, Terrence
    Tunca, Tunay I.
    MANAGEMENT SCIENCE, 2011, 57 (05) : 934 - 959
  • [27] Dynamic Bayesian Network Based Security Analysis for Physical Layer Key Extraction
    Huang, Xueqing
    Ansari, Nirwan
    Huang, Siqi
    Li, Wenjia
    IEEE OPEN JOURNAL OF THE COMMUNICATIONS SOCIETY, 2022, 3 : 379 - 390
  • [28] A Critical Analysis of the Efficiencies of Emerging Wireless Security Standards Against Network Attacks
    Vilius, Karolis
    Liu, Lu
    Panneerselvam, John
    Stimpson, Thomas
    2015 INTERNATIONAL CONFERENCE ON INTELLIGENT NETWORKING AND COLLABORATIVE SYSTEMS IEEE INCOS 2015, 2015, : 472 - 477
  • [29] Unveiling crypto analysis secrets : A comprehensive analysis of smart contract security within blockchain network environments
    Vats, Prashant
    Vats, Shailender Kumar
    Peddi, Prasadu
    JOURNAL OF DISCRETE MATHEMATICAL SCIENCES & CRYPTOGRAPHY, 2024, 27 (04): : 1121 - 1128
  • [30] Security Analysis in the Migration to Cloud Environments
    Rosado, David G.
    Gomez, Rafael
    Mellado, Daniel
    Fernandez-Medina, Eduardo
    FUTURE INTERNET, 2012, 4 (02): : 469 - 487
12345