A Virtual Node Migration Method for Sensing Side-channel Risk

被引：1

作者：

Huang Kaizhi ^{[1
]}

Pan Qirun ^{[1
]}

Yuan Quan ^{[1
]}

You Wei ^{[1
]}

机构：

[1] Natl Digital Switching Syst Engn & Technol R&D Ct, Zhengzhou 450002, Henan, Peoples R China

来源：

JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY | 2019年 / 41卷 / 09期

关键词：

Network Slicing (NS); Security isolation; Side-Channel Attacks (SCA); Markov decision process; Sarsa algorithm; ALGORITHM;

D O I：

10.11999/JEIT180905

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

In order to defend against Side-Channel Attacks (SCA) in Network Slicing (NS), the existing defense methods based on dynamic migration have the problem that the conditions for sharing of physical resources between different virtual nodes are not strict enough, a virtual node migration method is proposed for sensing side-channel risk. According to the characteristics of SCA, the entropy method is used to evaluate the side-channel risks and migrate the virtual node from a server with large deviation from average risk. The Markov decision process is used to describe the migration of virtual nodes for network slicing, and the Sarsa learning algorithm is used to solve the optimal migration scheme. The simulation results show that this method can separates malicious network slice instances from other target network slice instances to achieve the purpose of defense side channel attacks.

引用

页码：2164 / 2171

页数：8

共 19 条

[11]

Okamura K., 2010, Proceedings of the 2010 ACM Symposium on Applied Computing, SAC '10, (New York, NY, USA), P173, DOI DOI 10.1145/1774088.1774125

[12]

Pattuk E, 2014, PROCEEDINGS OF THE 23RD USENIX SECURITY SYMPOSIUM, P703

[13]

Ristenpart T, 2009, CCS'09: PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P199

[14] A novel covert channel detection method in cloud based on XSRM and improved event association algorithm [J].

Wang, Lina ;

Liu, Weijie ;

Kumar, Neeraj ;

He, Debiao ;

Tan, Cheng ;

Gao, Debin .

SECURITY AND COMMUNICATION NETWORKS, 2016, 9 (16) :3543-3557

[15] A Novel Cache Architecture with Enhanced Performance and Security [J].

Wang, Zhenghong ;

Lee, Ruby B. .

2008 PROCEEDINGS OF THE 41ST ANNUAL IEEE/ACM INTERNATIONAL SYMPOSIUM ON MICROARCHITECTURE: MICRO-41, 2008, :83-93

[16]

Wang Z, 2016, IEEE INT SYMP ELEC, P144, DOI 10.1109/ISEMC.2016.7571633

[17]

Yu S, 2014, APPL BIONICS BIOMECH, V11, P119, DOI [10.1155/2014/585837, 10.3233/ABB-140099]

[18]

Yu S, 2013, 2013 INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING (ICOIN)

[19]

ZHAO Shuo, 2017, J COMMUNICATIONS, V38, P165, DOI [10.11959/j.issn.1000-436x.2017091, DOI 10.11959/J.ISSN.1000-436X.2017091]

← 1 2 →