Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
Daisuke AMAYA
University of Fukui
Takuji TACHIBANA
University of Fukui
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Daisuke AMAYA, Takuji TACHIBANA, "Heuristic-Based Service Chain Construction with Security-Level Management" in IEICE TRANSACTIONS on Communications,
vol. E106-B, no. 12, pp. 1380-1391, December 2023, doi: 10.1587/transcom.2023CEP0007.
Abstract: Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
URL: https://global.ieice.org/en_transactions/communications/10.1587/transcom.2023CEP0007/_p
Copy
@ARTICLE{e106-b_12_1380,
author={Daisuke AMAYA, Takuji TACHIBANA, },
journal={IEICE TRANSACTIONS on Communications},
title={Heuristic-Based Service Chain Construction with Security-Level Management},
year={2023},
volume={E106-B},
number={12},
pages={1380-1391},
abstract={Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.},
keywords={},
doi={10.1587/transcom.2023CEP0007},
ISSN={1745-1345},
month={December},}
Copy
TY - JOUR
TI - Heuristic-Based Service Chain Construction with Security-Level Management
T2 - IEICE TRANSACTIONS on Communications
SP - 1380
EP - 1391
AU - Daisuke AMAYA
AU - Takuji TACHIBANA
PY - 2023
DO - 10.1587/transcom.2023CEP0007
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E106-B
IS - 12
JA - IEICE TRANSACTIONS on Communications
Y1 - December 2023
AB - Network function virtualization (NFV) technology significantly changes the traditional communication network environments by providing network functions as virtual network functions (VNFs) on commercial off-the-shelf (COTS) servers. Moreover, for using VNFs in a pre-determined sequence to provide each network service, service chaining is essential. A VNF can provide multiple service chains with the corresponding network function, reducing the number of VNFs. However, VNFs might be the source or the target of a cyberattack. If the node where the VNF is installed is attacked, the VNF would also be easily attacked because of its security vulnerabilities. Contrarily, a malicious VNF may attack the node where it is installed, and other VNFs installed on the node may also be attacked. Few studies have been done on the security of VNFs and nodes for service chaining. This study proposes a service chain construction with security-level management. The security-level management concept is introduced to built many service chains. Moreover, the cost optimization problem for service chaining is formulated and the heuristic algorithm is proposed. We demonstrate the effectiveness of the proposed method under certain network topologies using numerical examples.
ER -