云环境下一种新的串通对抗VNet嵌入攻击

2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT) Pub Date : 2017-12-01 DOI:10.1109/PDCAT.2017.00012

I. Liu, Tay-Jiun Fang, Jung-Shian Li, Meng-Wei Sun, Chuan-Gang Liu

{"title":"云环境下一种新的串通对抗VNet嵌入攻击","authors":"I. Liu, Tay-Jiun Fang, Jung-Shian Li, Meng-Wei Sun, Chuan-Gang Liu","doi":"10.1109/PDCAT.2017.00012","DOIUrl":null,"url":null,"abstract":"Abstract—Nowadays, network virtualization has been widely investigated in order to prevent Internet ossification, and develop future emerging network applications flexibly. However, prior work by Pignolet et al. shows the possible attacking methodology with which the attackers can disclose the whole cloud topology while deploying virtual networks in cloud named “Topology Disclosure Attack”. In this attack model, the attacker pretends to deploy virtual networks in cloud by issuing the graph requests to service provider. And the service provider responds the requests to the attacker after examining his/her topology resources. With this request/reply model, Pignolet et al. believe this attack eventually infers the targeted topology. However, one vital reason leads this attack to the failure- too many virtual requests from one adversary in a time. This paper tries to provide a new topology disclosure attack model, which multiple attackers launch attacks at the same time with the assistance of proposed Query-Trie and network tomography technique. Hence, in this paper, we propose much more possible attack model in cloud and this topic also encourages the network researchers to develop resistance mechanism against it in the future.","PeriodicalId":119197,"journal":{"name":"2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A New Colluded Adversarial VNet Embeddings Attack in Cloud\",\"authors\":\"I. Liu, Tay-Jiun Fang, Jung-Shian Li, Meng-Wei Sun, Chuan-Gang Liu\",\"doi\":\"10.1109/PDCAT.2017.00012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract—Nowadays, network virtualization has been widely investigated in order to prevent Internet ossification, and develop future emerging network applications flexibly. However, prior work by Pignolet et al. shows the possible attacking methodology with which the attackers can disclose the whole cloud topology while deploying virtual networks in cloud named “Topology Disclosure Attack”. In this attack model, the attacker pretends to deploy virtual networks in cloud by issuing the graph requests to service provider. And the service provider responds the requests to the attacker after examining his/her topology resources. With this request/reply model, Pignolet et al. believe this attack eventually infers the targeted topology. However, one vital reason leads this attack to the failure- too many virtual requests from one adversary in a time. This paper tries to provide a new topology disclosure attack model, which multiple attackers launch attacks at the same time with the assistance of proposed Query-Trie and network tomography technique. Hence, in this paper, we propose much more possible attack model in cloud and this topic also encourages the network researchers to develop resistance mechanism against it in the future.\",\"PeriodicalId\":119197,\"journal\":{\"name\":\"2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)\",\"volume\":\"55 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDCAT.2017.00012\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT.2017.00012","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

摘要为了防止网络僵化，灵活开发未来新兴的网络应用，网络虚拟化得到了广泛的研究。然而，Pignolet等人之前的工作展示了一种可能的攻击方法，攻击者可以在云中部署虚拟网络时披露整个云拓扑，称为“拓扑披露攻击”。在该攻击模型中，攻击者通过向服务提供商发出图形请求，假装在云中部署虚拟网络。服务提供者在检查攻击者的拓扑资源后，将请求响应给攻击者。通过这种请求/应答模型，Pignolet等人认为这种攻击最终会推断出目标拓扑。然而，导致这种攻击失败的一个重要原因是一次来自一个对手的虚拟请求太多。本文试图提供一种新的拓扑披露攻击模型，该模型利用所提出的查询树和网络断层扫描技术，使多个攻击者同时发起攻击。因此，在本文中，我们提出了更多可能的云攻击模型，并鼓励网络研究人员在未来开发针对它的抵抗机制。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A New Colluded Adversarial VNet Embeddings Attack in Cloud

Abstract—Nowadays, network virtualization has been widely investigated in order to prevent Internet ossification, and develop future emerging network applications flexibly. However, prior work by Pignolet et al. shows the possible attacking methodology with which the attackers can disclose the whole cloud topology while deploying virtual networks in cloud named “Topology Disclosure Attack”. In this attack model, the attacker pretends to deploy virtual networks in cloud by issuing the graph requests to service provider. And the service provider responds the requests to the attacker after examining his/her topology resources. With this request/reply model, Pignolet et al. believe this attack eventually infers the targeted topology. However, one vital reason leads this attack to the failure- too many virtual requests from one adversary in a time. This paper tries to provide a new topology disclosure attack model, which multiple attackers launch attacks at the same time with the assistance of proposed Query-Trie and network tomography technique. Hence, in this paper, we propose much more possible attack model in cloud and this topic also encourages the network researchers to develop resistance mechanism against it in the future.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)

自引率

0.00%

发文量