The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
La technologie de virtualisation des fonctions réseau (NFV) modifie considérablement les environnements de réseau de communication traditionnels en fournissant des fonctions réseau sous forme de fonctions de réseau virtuel (VNF) sur des serveurs commerciaux disponibles sur étagère (COTS). De plus, pour utiliser les VNF dans une séquence prédéterminée pour fournir chaque service réseau, le chaînage des services est essentiel. Un VNF peut fournir à plusieurs chaînes de services la fonction réseau correspondante, réduisant ainsi le nombre de VNF. Cependant, les VNF peuvent être la source ou la cible d’une cyberattaque. Si le nœud sur lequel le VNF est installé est attaqué, le VNF serait également facilement attaqué en raison de ses failles de sécurité. À l’inverse, un VNF malveillant peut attaquer le nœud sur lequel il est installé, et d’autres VNF installés sur le nœud peuvent également être attaqués. Peu d’études ont été réalisées sur la sécurité des VNF et des nœuds pour le chaînage de services. Cette étude propose une construction de chaîne de services avec gestion du niveau de sécurité. Le concept de gestion du niveau de sécurité est introduit pour construire de nombreuses chaînes de services. De plus, le problème d’optimisation des coûts pour le chaînage de services est formulé et l’algorithme heuristique est proposé. Nous démontrons l'efficacité de la méthode proposée sous certaines topologies de réseau à l'aide d'exemples numériques.
Daisuke AMAYA
University of Fukui
Takuji TACHIBANA
University of Fukui
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Daisuke AMAYA, Takuji TACHIBANA, "Heuristic-Based Service Chain Construction with Security-Level Management" in IEICE TRANSACTIONS on Communications,
vol. E106-B, no. 12, pp. 1380-1391, December 2023, doi: 10.1587/transcom.2023CEP0007.
Abstract: Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
URL: https://global.ieice.org/en_transactions/communications/10.1587/transcom.2023CEP0007/_p
Copier
@ARTICLE{e106-b_12_1380,
author={Daisuke AMAYA, Takuji TACHIBANA, },
journal={IEICE TRANSACTIONS on Communications},
title={Heuristic-Based Service Chain Construction with Security-Level Management},
year={2023},
volume={E106-B},
number={12},
pages={1380-1391},
abstract={Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.},
keywords={},
doi={10.1587/transcom.2023CEP0007},
ISSN={1745-1345},
month={December},}
Copier
TY - JOUR
TI - Heuristic-Based Service Chain Construction with Security-Level Management
T2 - IEICE TRANSACTIONS on Communications
SP - 1380
EP - 1391
AU - Daisuke AMAYA
AU - Takuji TACHIBANA
PY - 2023
DO - 10.1587/transcom.2023CEP0007
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E106-B
IS - 12
JA - IEICE TRANSACTIONS on Communications
Y1 - December 2023
AB - Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
ER -