![NFV Architecture
Figure : NFV Architectural Frame work[2]](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-6-320.jpg)
![Threat categories
network-function specific threats (spoofing, sniffing and denial of service)
virtualization targeted theats
| infrastructure
| VNF specific
| user targeted
Figure 1:- VNF Threat Classification[1]](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-8-320.jpg)
![Network function-specific threats
Private NFV Model
Network Provider owns the NFS, service portal, cloud.
No external user except the various subsidiary of the carrier
unit.
Challenges
Majority of threat from the insider
Configuration error can lead network function open to public
internet.
Exploits caused by flaws in virtualization software and
vulnerabilities of image files
Solution
Role-based access control[5]
Application of the principles of the “least privilege” and
“separation of duties”](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-9-320.jpg)
![Virtualization threats
Figure : General virtualization threats [1]](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-11-320.jpg)
![Infrastructure threats
Operational interface
| NICs with programmable cards - Virtual
switch implemented partly in the
hypervisor
| Allows attacker to trap the packets of a
victim host or generate the packets
which lead to network congestion or
packet retransmission
| Solution: A secure packet processing
system that monitors the instruction
level operations of the packet processor
Figure : virtualized switch [6]](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-12-320.jpg)
![Infrastructure threats
Malicious provider
| NaaS (Network as a Service) – DoS and
extract secret information
| Example: a live video streaming service
that can be eavesdropped, reproduced
and redirected to a set of unauthorized
users.
| Solution: Hypervisor detects excessive
resource consumption and restartins
malicious virtual network
Figure : virtualized switch [6]
Misuse of resources
| Resource Freeing Attacks (RFA) and Resource consumption attacks
| Example: a live video streaming service that can be eavesdropped, reproduced and
redirected to a set of unauthorized users.
| Solution: Hypervisor detects excessive resource consumption and restrains malicious
virtual network](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-13-320.jpg)
![Infrastructure threats
Table 1:- NFV infrastructure – security challenges and solutions[4]](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-14-320.jpg)
![VNF Threats
Side-channel
| Issue: attacker gets control of the service and may compromise confidentiality. Each
of the three entities may pose this risk.
| Example: 1. an attacker VM can extract a private ElGamal decryption key
from a co-resident victim VM running Gnu Privacy Guard
(GnuPG) [7]
2. a process in a side-channel attacks can threaten other
processes running on the same processor, despite partitioning
methods such as memory protection, sandboxing and
virtualization [8]
| Solution: hiding access management from VNFs
Figure : Diagram of the main streps in proposed side channel attack [7]](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-17-320.jpg)
![References
[1] Alcatel, “Providing security in NFV, challenges and opportunities”, strategic white paper, May 2014
[2] W. Yang, C. Fung, “A Survey on Security in Network Functions Virtualization”, IEEE NetSoft Conference and
Workshops (NetSoft), pp. 15-19, 2016.
[3] “ETSI Group Specification: Network Functions Virtualization (NFV) Management and Orchestration,” Dec. 2014.
[4] D. Cotroneo, L. De Simone, A. K. Iannillo, A. Lanzaro, R. Natella, F. Jiang, and P. Wang, “Network Function
Virtualization: Challenges and Directions for Reliability Assurance,” in ISSREW, Nov. 2014.
[5] I. Faynberg, H. Lu, and H. Ristock. “On dynamic access control in Web 2.0 and beyond: Trends and technologies,”
Bell Labs Technical Journal, vol. 16, no. 2 (2011), 199-218.
[6] Y. Luo, E. Murray, T.L. Ficarra, Accelerated virtual switching with programmable
NICs for scalable data center networking, in: Proceedings of the
Second ACM SIGCOMM Workshop on Virtualized Infrastructure Systems and
Architectures, 2010, pp. 65–72.
[7] Y. Zhang, A. Juels, M.K. Reiter, T. Ristenpart, Cross-VM side channels and their use to extract private keys, in:
2012 ACM Conference on Computer and Communications Security, CCS’12, 2012, pp. 305–316.
[8] D.A. Osvik, A. Shamir, E. Tromer, Cache attacks and countermeasures: The case of AES, in: Proceedings of the
Cryptographers’ Track at the RSA Conference on Topics in Cryptology, CT-RSA’06, 2006, pp. 1–20.](https://image.slidesharecdn.com/nfvsecurityppt-180410013252/85/NFV-Security-PPT-19-320.jpg)
NFV Security PPT
- 1. A Survey on Security in Network Functions Virtualization Prepared by: Sandra Rotaru (101053527) Nisarg Shah (101060103)
- 2. Introduction NFV vs SDN vs Traditional Network NFV Architecture Security attributes Threats | Network function-specific threats | Generic virtualization threats References Outline
- 3. Introduction NFV is a bundle of opportunities with some core challenges. NFV completely disassociates the functions of the network from its equipment. VNF is a software version of various network functions. Advantages Operation at the requirement of the user. No installation of expensive hardware. Create and discontinue on demand
- 4. NFV vs Traditional Network Reduced equipment costs. Improved operating performance and operational efficiency. Optimized network configuration and resource allocation. Flexible network function deployment and dynamic operation. Reduced energy consumption
- 5. NFV vs SDN Highly Complementary for scalable, agile, and innovative networks. Positioned strategically with the aid of a active virtual/physical Infrastructure to allocate a network service. NFV is applicable to both data and control planes SDN is a product which separates control plane and the data plane. Productively transport of data and fine-grained control of network management and services.
- 6. NFV Architecture Figure : NFV Architectural Frame work[2]
- 7. Security attributes Security of network is inversely proportional to the value of network. Adding more layers to the network means more chances of attack. Single point of failure. Make exploitation expensive so only reasonable risk remains. CIAAA acronym should be fulfilled
- 8. Threat categories network-function specific threats (spoofing, sniffing and denial of service) virtualization targeted theats | infrastructure | VNF specific | user targeted Figure 1:- VNF Threat Classification[1]
- 9. Network function-specific threats Private NFV Model Network Provider owns the NFS, service portal, cloud. No external user except the various subsidiary of the carrier unit. Challenges Majority of threat from the insider Configuration error can lead network function open to public internet. Exploits caused by flaws in virtualization software and vulnerabilities of image files Solution Role-based access control[5] Application of the principles of the “least privilege” and “separation of duties”
- 10. Network function-specific threats Hybrid NFV deployment model Each model add security threats to those in the previous model. Network function like CDN , VNFs can be accessed via a portal by third party so lead to additional vector of threat on carrier network. Challenges Bargain of a public-facing network function, result into escalate the threat. Key escrow Solution Employing security zoning, hypervisor introspection and analytics. Hardware security modules (HSM).
- 11. Virtualization threats Figure : General virtualization threats [1]
- 12. Infrastructure threats Operational interface | NICs with programmable cards - Virtual switch implemented partly in the hypervisor | Allows attacker to trap the packets of a victim host or generate the packets which lead to network congestion or packet retransmission | Solution: A secure packet processing system that monitors the instruction level operations of the packet processor Figure : virtualized switch [6]
- 13. Infrastructure threats Malicious provider | NaaS (Network as a Service) – DoS and extract secret information | Example: a live video streaming service that can be eavesdropped, reproduced and redirected to a set of unauthorized users. | Solution: Hypervisor detects excessive resource consumption and restartins malicious virtual network Figure : virtualized switch [6] Misuse of resources | Resource Freeing Attacks (RFA) and Resource consumption attacks | Example: a live video streaming service that can be eavesdropped, reproduced and redirected to a set of unauthorized users. | Solution: Hypervisor detects excessive resource consumption and restrains malicious virtual network
- 14. Infrastructure threats Table 1:- NFV infrastructure – security challenges and solutions[4]
- 15. Security management framework NFV Security Manager - security policy planning, enforcement and validation Virtualized Security Functions | Coupled and decoupled security for VNFs | Service centric deployment Security Element Manager – manages VSFs NFVI Security Function – hypervisor based security management
- 16. VNF threats Outsourcing workload to a third party | Issue: attacker gets control of the service and may compromise confidentiality. Each of the three entities may pose this risk. | Example: cloud security services for mobile devices – opportunity for malware injection | Solution: control the malicious entry to avoid malware spreading Live migration – relocating VNFs without service interruption | Issue: attacker gets control of the service it is being migrated between hypervisors | Example: Initiating unauthorized migration of a large group of VMs to the victim’s machine or migration of a VM from the victim, taking control of it. | Solution: virtual trusted platform module (vTPM) can use TLS protocol to provide confidentiality and authentication Noisy neighbor | Issue: A VN F instance trying to exhaust all the resources | Solution: Logical isolation - improves the control and manageability of a shared infrastructure system
- 17. VNF Threats Side-channel | Issue: attacker gets control of the service and may compromise confidentiality. Each of the three entities may pose this risk. | Example: 1. an attacker VM can extract a private ElGamal decryption key from a co-resident victim VM running Gnu Privacy Guard (GnuPG) [7] 2. a process in a side-channel attacks can threaten other processes running on the same processor, despite partitioning methods such as memory protection, sandboxing and virtualization [8] | Solution: hiding access management from VNFs Figure : Diagram of the main streps in proposed side channel attack [7]
- 18. MANO – Management and Orchestration Mano Security Attacks | Attacker gets access to the orchestrator and instantiates a modified VNF. This can break access privileges and VNF isolation. | VNFs are dynamic - managing modified ones is challenging | Scaling and elasticity of VNF, pose security threats Solution | User authentication, user privilege control, and network configuration can be predefined | Security monitoring system – detect and separate defective VNF | Storage protection Security MANO Automation of security management, similarly to VNF MANO Enforces security policies for network services May provide security for VNF and for the physical network
- 19. References [1] Alcatel, “Providing security in NFV, challenges and opportunities”, strategic white paper, May 2014 [2] W. Yang, C. Fung, “A Survey on Security in Network Functions Virtualization”, IEEE NetSoft Conference and Workshops (NetSoft), pp. 15-19, 2016. [3] “ETSI Group Specification: Network Functions Virtualization (NFV) Management and Orchestration,” Dec. 2014. [4] D. Cotroneo, L. De Simone, A. K. Iannillo, A. Lanzaro, R. Natella, F. Jiang, and P. Wang, “Network Function Virtualization: Challenges and Directions for Reliability Assurance,” in ISSREW, Nov. 2014. [5] I. Faynberg, H. Lu, and H. Ristock. “On dynamic access control in Web 2.0 and beyond: Trends and technologies,” Bell Labs Technical Journal, vol. 16, no. 2 (2011), 199-218. [6] Y. Luo, E. Murray, T.L. Ficarra, Accelerated virtual switching with programmable NICs for scalable data center networking, in: Proceedings of the Second ACM SIGCOMM Workshop on Virtualized Infrastructure Systems and Architectures, 2010, pp. 65–72. [7] Y. Zhang, A. Juels, M.K. Reiter, T. Ristenpart, Cross-VM side channels and their use to extract private keys, in: 2012 ACM Conference on Computer and Communications Security, CCS’12, 2012, pp. 305–316. [8] D.A. Osvik, A. Shamir, E. Tromer, Cache attacks and countermeasures: The case of AES, in: Proceedings of the Cryptographers’ Track at the RSA Conference on Topics in Cryptology, CT-RSA’06, 2006, pp. 1–20.