The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
NFV(네트워크 기능 가상화) 기술은 상용 기성품(COTS) 서버에서 네트워크 기능을 VNF(가상 네트워크 기능)로 제공함으로써 기존 통신 네트워크 환경을 크게 변화시킵니다. 또한, 각 네트워크 서비스를 제공하기 위해 미리 정해진 순서에 따라 VNF를 사용하려면 서비스 체이닝이 필수적입니다. VNF는 해당 네트워크 기능을 갖춘 여러 서비스 체인을 제공하여 VNF 수를 줄일 수 있습니다. 그러나 VNF는 사이버 공격의 소스 또는 대상이 될 수 있습니다. VNF가 설치된 노드가 공격을 받으면 VNF 역시 보안 취약성으로 인해 쉽게 공격을 받을 수 있다. 반대로, 악의적인 VNF는 자신이 설치된 노드를 공격할 수 있으며, 해당 노드에 설치된 다른 VNF도 공격을 받을 수 있습니다. 서비스 체인을 위한 VNF 및 노드의 보안에 대한 연구는 거의 수행되지 않았습니다. 본 연구에서는 보안 수준 관리를 통한 서비스 체인 구축을 제안한다. 많은 서비스 체인을 구축하기 위해 보안 수준 관리 개념이 도입되었습니다. 또한 서비스 체이닝을 위한 비용 최적화 문제를 공식화하고 휴리스틱 알고리즘을 제안한다. 우리는 수치 예제를 사용하여 특정 네트워크 토폴로지에서 제안된 방법의 효율성을 보여줍니다.
Daisuke AMAYA
University of Fukui
Takuji TACHIBANA
University of Fukui
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
부
Daisuke AMAYA, Takuji TACHIBANA, "Heuristic-Based Service Chain Construction with Security-Level Management" in IEICE TRANSACTIONS on Communications,
vol. E106-B, no. 12, pp. 1380-1391, December 2023, doi: 10.1587/transcom.2023CEP0007.
Abstract: Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
URL: https://global.ieice.org/en_transactions/communications/10.1587/transcom.2023CEP0007/_p
부
@ARTICLE{e106-b_12_1380,
author={Daisuke AMAYA, Takuji TACHIBANA, },
journal={IEICE TRANSACTIONS on Communications},
title={Heuristic-Based Service Chain Construction with Security-Level Management},
year={2023},
volume={E106-B},
number={12},
pages={1380-1391},
abstract={Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.},
keywords={},
doi={10.1587/transcom.2023CEP0007},
ISSN={1745-1345},
month={December},}
부
TY - JOUR
TI - Heuristic-Based Service Chain Construction with Security-Level Management
T2 - IEICE TRANSACTIONS on Communications
SP - 1380
EP - 1391
AU - Daisuke AMAYA
AU - Takuji TACHIBANA
PY - 2023
DO - 10.1587/transcom.2023CEP0007
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E106-B
IS - 12
JA - IEICE TRANSACTIONS on Communications
Y1 - December 2023
AB - Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
ER -