A Virtual Node Migration Method for Sensing Side-channel Risk

被引：1

作者：

Huang Kaizhi ^{[1
]}

Pan Qirun ^{[1
]}

Yuan Quan ^{[1
]}

You Wei ^{[1
]}

机构：

[1] Natl Digital Switching Syst Engn & Technol R&D Ct, Zhengzhou 450002, Henan, Peoples R China

来源：

JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY | 2019年 / 41卷 / 09期

关键词：

Network Slicing (NS); Security isolation; Side-Channel Attacks (SCA); Markov decision process; Sarsa algorithm; ALGORITHM;

D O I：

10.11999/JEIT180905

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

In order to defend against Side-Channel Attacks (SCA) in Network Slicing (NS), the existing defense methods based on dynamic migration have the problem that the conditions for sharing of physical resources between different virtual nodes are not strict enough, a virtual node migration method is proposed for sensing side-channel risk. According to the characteristics of SCA, the entropy method is used to evaluate the side-channel risks and migrate the virtual node from a server with large deviation from average risk. The Markov decision process is used to describe the migration of virtual nodes for network slicing, and the Sarsa learning algorithm is used to solve the optimal migration scheme. The simulation results show that this method can separates malicious network slice instances from other target network slice instances to achieve the purpose of defense side channel attacks.

引用

页码：2164 / 2171

页数：8

共 19 条

[1] Adili Mohammad Taghi, 2017, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), P98, DOI 10.23919/INM.2017.7987269
[2] K*: A heuristic search algorithm for finding the k shortest paths
Aljazzar, Husain
Leue, Stefan
[J]. ARTIFICIAL INTELLIGENCE, 2011, 175 (18) : 2129 - 2154
[3] It's Time to Migrate! A Game-Theoretic Framework for Protecting a Multi-tenant Cloud against Collocation Attacks
Anwar, Ahmed H.
Atia, George
Guirguis, Mina
[J]. PROCEEDINGS 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING (CLOUD), 2018, : 725 - 731
[4] Gillani Fida, 2015, 2015 IEEE Conference on Computer Communications (INFOCOM). Proceedings, P729, DOI 10.1109/INFOCOM.2015.7218442
[5] Gong L, 2014, IEEE INFOCOM SER, P1, DOI 10.1109/INFOCOM.2014.6847918
[6] GUI Xiaolin, 2012, Patent No. [CN, 102571746, 102571746]
[7] Cross-VM Cache Attacks on AES
Gulmezoglu, Berk
Inci, Mehmet Sinan
Irazoqui, Gorka
Eisenbarth, Thomas
Sunar, Berk
[J]. IEEE TRANSACTIONS ON MULTI-SCALE COMPUTING SYSTEMS, 2016, 2 (03): : 211 - 222
[8] Using Virtual Machine Allocation Policies to Defend against Co-Resident Attacks in Cloud Computing
Han, Yi
Chan, Jeffrey
Alpcan, Tansu
Leckie, Christopher
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2017, 14 (01) : 95 - 108
[9] Liang X., 2017, 2017 IEEE 36th International Performance Computing and Communications Conference (IPCCC), P1
[10] NGMN Alliance, 2015, 5G WHIT PAP

← 1 2 →